urlscan.io logo urlscan.io
SecurityTrails logo

rampscampaign.org Open in urlscan Pro
2606:4700:3036::ac43:9319  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rampscampaign.org/
Effective URL: https://rampscampaign.org/
Submission Tags: @phish_report
Submission: On October 15 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3036::ac43:9319, located in United States and belongs to CLOUDFLARENET, US. The main domain is rampscampaign.org.
TLS certificate: Issued by GTS CA 1P5 on October 15th 2023. Valid for: 3 months.
This is the only time rampscampaign.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3037::6815:4fba (United States)

ASN13335 (CLOUDFLARENET, US)
rampscampaign.org
17    2606:4700:3036::ac43:9319 (United States)

ASN13335 (CLOUDFLARENET, US)
rampscampaign.org
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ci3.googleusercontent.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
m5.paperblog.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
18 rampscampaign.org
rampscampaign.org
205 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
132 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
87 KB
1 paperblog.com
m5.paperblog.com
2 KB
1 googleusercontent.com
ci3.googleusercontent.com — Cisco Umbrella Rank: 631
1 gstatic.com
www.gstatic.com
19 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
231 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1183
7 KB
0 internetdefenseleague.org Failed
members.internetdefenseleague.org Failed
27 9
Domain Requested by
18 rampscampaign.org 1 redirects rampscampaign.org
2 platform.twitter.com rampscampaign.org
platform.twitter.com
2 connect.facebook.net rampscampaign.org
connect.facebook.net
1 syndication.twitter.com platform.twitter.com
1 m5.paperblog.com rampscampaign.org
1 ci3.googleusercontent.com rampscampaign.org
1 www.gstatic.com rampscampaign.org
1 www.google.com 1 redirects
1 maxcdn.bootstrapcdn.com rampscampaign.org
0 members.internetdefenseleague.org Failed rampscampaign.org
27 10

This site contains links to these domains. Also see Links.

Domain
essaypro.com
essayservice.com
Subject Issuer Validity Valid
rampscampaign.org
GTS CA 1P5		 2023-10-15 -
2024-01-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
paperblog.com
GTS CA 1P5		 2023-10-06 -
2024-01-04		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rampscampaign.org/
Frame ID: CDCC2882FDD8B1F3D4B072AF8954A358
Requests: 25 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Frampscampaign.org
Frame ID: 6F21B1331ECC07C260EFEA3DC7E3DA07
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RAMPS | Radical Action for Mountains' and People's Survival. A direct action campaign based in Appalachia.

Page URL History Show full URLs

  1. http://rampscampaign.org/ HTTP 301
    https://rampscampaign.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

27
Requests

93 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

450 kB
Transfer

1207 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rampscampaign.org/ HTTP 301
    https://rampscampaign.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rampscampaign.org/
Redirect Chain
  • http://rampscampaign.org/
  • https://rampscampaign.org/
39 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
4e2557b53224d8094b47bcea1e1c6476b3cdaf8b1fd425f6565773aa5f26cc5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8166a23fac4cd916-HEL
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 15 Oct 2023 08:18:51 GMT
last-modified
Wed, 30 Nov 2022 19:29:10 19NovGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bzy1oDfwpk3N4N9GIiCobjLL%2BrBNst0e9ioZnqV3Cj5bujfF8r%2FHaRgB93Hn6yPzAmTDYhjkEHBgs8XGwKJIm6IQXejjRYrt9559EGS0wc9%2BpC2jwg3Ey4oLR8u3yvzy4njJ9FJR%2FrO0scKIPMWiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
8166a23edb53d967-HEL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 15 Oct 2023 08:18:51 GMT
Expires
Sun, 15 Oct 2023 09:18:51 GMT
Location
https://rampscampaign.org/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtorAJzJQWneEevvi7co5pxd4ZAHo1DrCHXXTASXpiEIltFXd4XoSU9VvMjOXdmdWArMG2SMdFpAxiwVXkaD9drxrnB8zmKZXqTGfJanYNME%2BepIaWoOjhVLzOjHWn77oa2Yf0wujD30yWUXmd4iJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.css
rampscampaign.org/wp-content/themes/ramps/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/themes/ramps/style.css
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e4959172f2fca56af32a0d973890ef4ea0f73e92e82004e2f4893662f52a90d8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:12 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"cfa37854e8716a345a77658b7388dcb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldMf4r%2B6HFgFGCDVx1czRXBPAZxEjOFp2aRJ6SXcdJwz%2BbNUHkUeqvA8DOnSZk5qob1Lio5OK7ucbtAr3w3ca%2FaogIeOEz5uhdznTNb%2B1ncpAqrfNJhVa7HXtjHDBGnZ5WDhT0iYUloUw1Sxy2NssA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2428b0ed916-HEL
alt-svc
h3=":443"; ma=86400
jquery-1.5.2.min.js
rampscampaign.org/wp-content/themes/ramps/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/themes/ramps/jquery-1.5.2.min.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
92ce48e8e53c066666111b33b6ea67aadfc7fb00f53d362987a06ac168f65a35

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:10 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"d48cf5a5864ed577e9bb30a52ac00537"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vKmT9Eu2HeNTfzScDGqc0tTS9sIviNtnEkhKsnVNEBLtLUk0PBJlezmtra9Yuuf5T5Rc1wDdhCrGWc7q6jdg4aMCX9k%2B0D40Y%2B1EdGH%2FmPkT4wPKWyC9vAe6azFcRj%2FlEUG9Cecl0E%2FGJrNob9Rsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2428b2dd916-HEL
alt-svc
h3=":443"; ma=86400
classic-themes.min.css
rampscampaign.org/wp-includes/css/ 		0
322 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mvk8KrqtpgZFeLNRfc6PKhb0Pg49gXs4Qn6iqmrk0edeazziV1CeF0OzGQP2N0mQlnEnCIO9HMBFYRTnZS7o9eS%2FO7O%2Fvw%2Bg35UTG5Jwj4TyaivDjkf7WnGV%2Fi2OSsFuqYZgMFRilnecTXRB8LmoNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8166a2428b19d916-HEL
alt-svc
h3=":443"; ma=86400
content-length
0
cff-style.min.css
rampscampaign.org/wp-content/plugins/custom-facebook-feed/assets/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.min.css?ver=4.1.5
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:11 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"aeff8a6712739ea5cc1e1dd530cf8962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYjfa4MNCod3%2FJeQj42p8FPfo8dt2untF4eWCX0yryYggI8S5MUh%2FcH5FqOgy4akkcp3XeRUv9agrBMmNlpzdUZYSWfq7D4W3S3wEXLJ3C77ULPSvczu%2FdjvnI7fTY25WA0GceMHBn6GrnVyHtMg8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2428b1cd916-HEL
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=a04f7a4fccb60e0d973ca889556f804a
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
722
cdn-cachedat
05/01/2023 15:40:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
8c27aaad7b9209ef247dd9895d7e0306
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8166a242fed1d90e-HEL
cdn-requestpullsuccess
True
ramps.js
rampscampaign.org/wp-content/themes/ramps/ 		0
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/themes/ramps/ramps.js?ver=a04f7a4fccb60e0d973ca889556f804a
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4Cs0e%2F6zTntf2Id5GADwT3MbI4y%2BjL%2BwyKQzA0H%2BZdULTeVScR1O4btl6SoZtSIXUvlKBwiCmsM7kgBZaiEkWMzJrflX49c2olAJkJQmUrMdM%2By7Ioifog3dBVZE3vTngndS9NHdhF4wIwdMXI7IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8166a2428b2fd916-HEL
alt-svc
h3=":443"; ma=86400
content-length
0
jquery.min.js
rampscampaign.org/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
7ba559f6e5a470027048747b2393615510d56e2a2f06bc32dc3d743a2ed6c86a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:08 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"11668de82f81b46e6cc0dc0b192749d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FuXlUY6wMB318m3IybNMaqcsxa7BxTD7zmHvLmREfWNFo4TGPn0M4JYspKI5qsgQm%2FG1Vdsretp1pp%2BTLqLOQ99SkS%2BZEqXI2ubJNHWnQcvKm2zF5zefzgNOMaqXTvR%2FE%2Fi7qeDmDDgOP6AItddMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2428b31d916-HEL
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
rampscampaign.org/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
a401f117b1f57a3fcbf532459aff51ba2a984c7eefea8e29ab1b1765855a039e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:06 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"5acf9481b96f56099638cb060c6534bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEl17Vueovsf5HhvXojrFTgzlmTR1hMSpK0tGadASWs7cg06XgdtNP2eFPhDLrtiJK63F3zc8GgqzhGaqrSkgj92E78mTSY797X%2FshrnDlRjXfpEE8gpzYkCrX1Gp%2FT%2FVwSdXCXty2Xo2gRK8BjvBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2428b32d916-HEL
alt-svc
h3=":443"; ma=86400
action_alerts.css
rampscampaign.org/wp-content/plugins/action_alerts/ 		706 B
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/action_alerts/action_alerts.css
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
4c075267eab11d5d01c1e43265bd24097d568c0050c09758188ae91bdec4c52b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:11 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"9a543b97ea4c1850aa65e3c32e16b825"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f388FfDI%2BQrAmsVCbiC8eJJkneQvDLSqJVo0IF4vklo6gVHCtOAJ1r9tEOLvLAwINhBJhl83XeyggapakujUA7a5Cb%2FS8r9nvH39ISQorp6E0KRbVraCB%2FbCfDdlIvXDG0sMixrFPLfSmXDUNkv%2FKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2428b21d916-HEL
alt-svc
h3=":443"; ma=86400
donation_tracker.css
rampscampaign.org/wp-content/plugins/donation_tracker/ 		963 B
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/donation_tracker/donation_tracker.css
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
5482bd9f2937d4cc8da0690e4472f42ccde58fc2684e43eb84f23dddbe469e65

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:14 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"e93b935cd833fe957eec108e1e9155c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfjykRSmKn%2BTLDDfe8sLqtqHfZ74pzsW0ne3f6LEZCPxARZwBSdRAH4Hvw1Ilb%2BGd4jWku86vI%2FUv5mUf7D5hapEuHOS56YSsYV2GlXkyNrcaqzhHcJeNUA12Io7uc3SUuQ5fqfrI7YR4XOT4uWDew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2428b25d916-HEL
alt-svc
h3=":443"; ma=86400
ramps_reg_form.css
rampscampaign.org/wp-content/plugins/ramps_reg_form/ 		2 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/ramps_reg_form/ramps_reg_form.css
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
3a04a94f4211bbc8b4fec3f0a5cd776be7cb1548b96b4fdb9934eeae911a3197

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:06 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"849c787db2bb8c6e945f22621bed6f07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdGVNt9Ocu04iFyymsmWADt94kt4tMmYV%2F3X%2BSDLfQbc%2BBK9oGqS9F992sb9qmgUNf8%2FE6iE10wAg2Hx9w%2BQLK%2FOCVS5XxuA2z9D9N87SF78mz1l93yV6xAQ6aUcpgJBYVW%2FAyjSWyfH5BG%2Bs5qdwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2428b28d916-HEL
alt-svc
h3=":443"; ma=86400
updated%20current%20ramps%20header.jpg
rampscampaign.org/wp-content/themes/ramps/images/headers/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rampscampaign.org/wp-content/themes/ramps/images/headers/updated%20current%20ramps%20header.jpg
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
a66ad4b48d6d79051408e052af684b7fba69e3eb96d4604ef063043a6a2a67f6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/8.0.30
alt-svc
h3=":443"; ma=86400
content-length
78220
last-modified
Sat, 22 Oct 2022 23:21:21 23OctGMT
server
cloudflare
etag
"4592813407c8ce8f8fddbe4cb9d4fd3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8v6CWBmBmJyFPZa0fcm%2FARtIf3JEzKeoUb3M3j9M08BQwp0%2Bvkj5HX83hbeNbYvmo6wyBhnmaqDKl4ni2kbLuBuWC6WptypxeMZNTlIIcBTTgYd%2FJydr1qLJhcwhvSpQNUUf05UpUW2c9dTNCLcRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8166a242bbe2d916-HEL
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18534
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 17:52:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="gviz"
vary
Accept-Encoding, Origin
report-to
{"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sun, 15 Oct 2023 09:05:36 GMT

Redirect headers

date
Sun, 15 Oct 2023 08:14:11 GMT
x-content-type-options
nosniff
server
sffe
age
281
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Sun, 15 Oct 2023 08:44:11 GMT
facebook-larry.png
rampscampaign.org/wp-content/themes/ramps/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rampscampaign.org/wp-content/themes/ramps/images/facebook-larry.png
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
4ee1f497542e205bf733f175d02d3ac1a1bcd2aca8aee00ce3a3b95394c84770

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/8.0.30
alt-svc
h3=":443"; ma=86400
content-length
22035
last-modified
Sat, 22 Oct 2022 23:19:06 23OctGMT
server
cloudflare
etag
"8073843b914ffecdcb420446ce08ad3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii%2FCO4bInsOtUD7YY3tU2Eol2zlZSbpO1OrKud01Yhp2qhulJQii2zA9636Rhue9yH%2Fb0H%2BvEo5tKY0P39%2FLy3za%2BkkVo6IeXmi00%2B%2Bt%2FbPGp0JPES0eSvk6AlquS8CAE5n6C0qmvxZsR2nBQo%2BtXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8166a2450a834e15-HEL
r9Q6jZywDJBoNm8WdRIfTbeu6943FW3q2mgzBaEHFVL2hdhNXnehx_bn-P5zZetK3GZzpiR0zSp0Aoz9fgsOMq4bsDcOFBcYx85ybmhTQmvRPUpXds2mD9RvJuizl90Fofg0ayx7nubiZQhrr8Tzvy_LxafR9h9ZD4zVFOc=s0-d-e1-ft
ci3.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci3.googleusercontent.com/proxy/r9Q6jZywDJBoNm8WdRIfTbeu6943FW3q2mgzBaEHFVL2hdhNXnehx_bn-P5zZetK3GZzpiR0zSp0Aoz9fgsOMq4bsDcOFBcYx85ybmhTQmvRPUpXds2mD9RvJuizl90Fofg0ayx7nubiZQhrr8Tzvy_LxafR9h9ZD4zVFOc=s0-d-e1-ft
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
email-decode.min.js
rampscampaign.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Oct 2023 07:45:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6523afb0-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhZsPoZdeHh9EIIFDPxQRc%2FIyZTeeVTrQHwy7PrYQE37CoF5yMsmpGZUoAVtElhtiT002ckWU3CR0e3E6ZoIq4qqyYd9bc2fVrVpAITA7vqrWhUeH82cYGR1D3FXqUXpBpeczo6R18EZk2sUVHKQDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8166a2489b234e15-HEL
expires
Tue, 17 Oct 2023 08:18:52 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24a508465b8571e846c7b821ce431a7763e7eaa43e85d210af8e87ce42b8d1e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 15 Oct 2023 08:18:53 GMT
content-md5
0FcrVGSokjgYBqcCV7g3Tw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
rgFfUDzQItzlmC3gRBg3jGDwmbkNsGGulCL9Jroqba34vXX53KfF0jV4LWlAj0psBCOu1J7/GvHVWxYYPHpnmQ==
x-fb-content-md5
60a94810ab578eb61f14956dd53890a9
cross-origin-opener-policy
same-origin-allow-popups
etag
"60bc2ccf326c6cf447d89a17ad7f8408"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 15 Oct 2023 08:33:45 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F70A) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sun, 15 Oct 2023 08:18:53 GMT
Content-Encoding
gzip
Age
950
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (ska/F70A)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
minilogo.png
m5.paperblog.com/assets/images/logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m5.paperblog.com/assets/images/logos/minilogo.png
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734ce4c0a360b8fc5126bc81cca3abf0b1e210600f794937e3811264bb75e9ec

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:53 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Feb 2011 15:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1470332
etag
W/"4d63cf94-513"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7eLIBya%2BXbO6GRb9BecCaIdT6TyBvFQGDk8ewQ6LGTqJepnOA6OXUti%2B%2BvRRkKEvjxxjb21oKCXSofeZT2OniAJKjtXAkNFah2pFg2ARI3xI3x9DA6GPMCIweqOvtESPg%2FNkBRQtwUFPXM%2BvLiO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
8166a24938823769-HEL
alt-svc
h3=":443"; ma=86400
expires
Fri, 27 Sep 2024 07:53:13 GMT
cff-scripts.min.js
rampscampaign.org/wp-content/plugins/custom-facebook-feed/assets/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/custom-facebook-feed/assets/js/cff-scripts.min.js?ver=4.1.5
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
31e7ae335f3dd41d2e13749ae82356bdfae3e51d5c6578d55f267ec227a2552f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:11 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"f22be43074663365aa640173648f9505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHSpRdYqE7Ltuuuf3cL7w%2BDtf2THUIKcdFYr7yn0WlIMd3%2Fnoj4zbXrLQTQzStGg6EIO99nCOfvHoHHQpqWFwA8HnqfKg0%2FsDb3i2U6lenwZcEukPEaoHhfzodmEaZ9ZCpbi1UgptizrblwVCpTBfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2489b264e15-HEL
alt-svc
h3=":443"; ma=86400
modal.js
rampscampaign.org/wp-content/plugins/cat-signal/js/ 		305 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/cat-signal/js/modal.js?ver=1.0
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
2df7b6f3c0c1fc063b0a5aaf9ec5d793c5f8d451db0df5be12d3b353369112d3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:10 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"a9dff7178cedcfe7bdcd000c242f69b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY72EelJRYwmf%2BUQULtQC3pdPbXcVE556kKD2UIK1Z3XeDHY9MoVNojId%2FSKLNj2OIpzBa8cuthqCyii0Fhu5YFEMb7IXh9mgFApuONJHSueOtLZiWZPfT83JF8N6klgCb%2BcXu3ZiKQiyARN%2F1YuXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
8166a2489b284e15-HEL
alt-svc
h3=":443"; ma=86400
wp-emoji-release.min.js
rampscampaign.org/wp-includes/js/ 		0
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-includes/js/wp-emoji-release.min.js?ver=a04f7a4fccb60e0d973ca889556f804a
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 08:18:53 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2QXrqT5R74I57oFm9GMnAIVi8Ss40hVzytpn03CJowdh%2FuAnIkfGuwtO6M8%2B7nKovQQUwhQR3UW32TRi79WHdBQ9lRSe3YZymx53P8ENyo8LK2maHoxJQ7HWT2PZgc%2Fz1w1CssSbDbY7WWvAmaang%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8166a2489b2a4e15-HEL
alt-svc
h3=":443"; ma=86400
content-length
0
all.js
connect.facebook.net/en_US/ 		300 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=8cfd3e2908f6d011a0e30031f3b3cad8
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d824da827cc35726b140a4b5dab1573b7599aee07c15bff3591aac96cff5c9cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rampscampaign.org/
Origin
https://rampscampaign.org
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 15 Oct 2023 08:18:53 GMT
content-md5
1F42eBfk/uJIfekxIpSRnA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86150
x-fb-debug
333vc399iukPwEbyJCTW8LFasHggDDP0yukuSYGoPavPWu/coGaSdlVhl+ROnFWB9uuEWIVhV8oChvPa15NlGQ==
x-fb-content-md5
49b6283cb8bb09f03cbf4a61d3b4296f
cross-origin-opener-policy
same-origin-allow-popups
etag
"cf1dc4420a3ea45b8146021ab85c05ab"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Mon, 14 Oct 2024 07:06:13 GMT
/
members.internetdefenseleague.org/include/ 		0
0
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame 6F21 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Frampscampaign.org
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F704) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://rampscampaign.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
474381
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Sun, 15 Oct 2023 08:18:53 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (ska/F704)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 6F21 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=fb17c8d1aeb3b3cbbb862cf398bce0add707ee23
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Frampscampaign.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
109
date
Sun, 15 Oct 2023 08:18:53 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Sun, 15 Oct 2023 08:18:53 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
5c4e80c578ead096
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
7337af78d8094b2fe70204de61c250a2599d94f83dd521deeff4457f2f9b28f6
content-length
337

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
members.internetdefenseleague.org
URL
https://members.internetdefenseleague.org/include/?url=&campaign=&variant=modal

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| _wpemojiSettings object| google object| FB object| __twttrll object| twttr object| __twttr string| cffajaxurl string| cfflinkhashtags object| __buffer boolean| cff_js_exists undefined| cffAddMasonry function| cff_init function| checkConsent function| cffCmplzGetCookie function| addFullFeatures function| afterConsentToggled function| cffGetFeedLocatorDataArray function| locationGuess object| _idl

0 Cookies

4 Console Messages

Source Level URL
Text
security warning URL: https://rampscampaign.org/
Message:
Mixed Content: The page at 'https://rampscampaign.org/' was loaded over HTTPS, but requested an insecure element 'http://m5.paperblog.com/assets/images/logos/minilogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://rampscampaign.org/(Line 530)
Message:
Mixed Content: The page at 'https://rampscampaign.org/' was loaded over HTTPS, but requested an insecure element 'http://m5.paperblog.com/assets/images/logos/minilogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://ci3.googleusercontent.com/proxy/r9Q6jZywDJBoNm8WdRIfTbeu6943FW3q2mgzBaEHFVL2hdhNXnehx_bn-P5zZetK3GZzpiR0zSp0Aoz9fgsOMq4bsDcOFBcYx85ybmhTQmvRPUpXds2mD9RvJuizl90Fofg0ayx7nubiZQhrr8Tzvy_LxafR9h9ZD4zVFOc=s0-d-e1-ft#https://gallery.mailchimp.com/84d35a0479b3601b2b478406e/images/95b462ca-dd61-4fae-96f4-86903cb37466.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://members.internetdefenseleague.org/include/?url=&campaign=&variant=modal
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ci3.googleusercontent.com
connect.facebook.net
m5.paperblog.com
maxcdn.bootstrapcdn.com
members.internetdefenseleague.org
platform.twitter.com
rampscampaign.org
syndication.twitter.com
www.google.com
www.gstatic.com
members.internetdefenseleague.org
104.244.42.72
2606:2800:234:59:254c:406:2366:268c
2606:4700:3036::ac43:9319
2606:4700:3037::6815:4fba
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:806::2001
2a00:1450:4001:81c::2004
2a03:2880:f084:105:face:b00c:0:3
2a06:98c1:3121::3
24a508465b8571e846c7b821ce431a7763e7eaa43e85d210af8e87ce42b8d1e2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2df7b6f3c0c1fc063b0a5aaf9ec5d793c5f8d451db0df5be12d3b353369112d3
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
31e7ae335f3dd41d2e13749ae82356bdfae3e51d5c6578d55f267ec227a2552f
321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
3a04a94f4211bbc8b4fec3f0a5cd776be7cb1548b96b4fdb9934eeae911a3197
4c075267eab11d5d01c1e43265bd24097d568c0050c09758188ae91bdec4c52b
4e2557b53224d8094b47bcea1e1c6476b3cdaf8b1fd425f6565773aa5f26cc5b
4ee1f497542e205bf733f175d02d3ac1a1bcd2aca8aee00ce3a3b95394c84770
5482bd9f2937d4cc8da0690e4472f42ccde58fc2684e43eb84f23dddbe469e65
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
734ce4c0a360b8fc5126bc81cca3abf0b1e210600f794937e3811264bb75e9ec
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ba559f6e5a470027048747b2393615510d56e2a2f06bc32dc3d743a2ed6c86a
92ce48e8e53c066666111b33b6ea67aadfc7fb00f53d362987a06ac168f65a35
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
a401f117b1f57a3fcbf532459aff51ba2a984c7eefea8e29ab1b1765855a039e
a66ad4b48d6d79051408e052af684b7fba69e3eb96d4604ef063043a6a2a67f6
d824da827cc35726b140a4b5dab1573b7599aee07c15bff3591aac96cff5c9cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4959172f2fca56af32a0d973890ef4ea0f73e92e82004e2f4893662f52a90d8