Submitted URL: http://ragemods.ru/
Effective URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Submission: On November 28 via api from US — Scanned from CA

Summary

This website contacted 18 IPs in 7 countries across 19 domains to perform 71 HTTP transactions. The main IP is 89.47.57.161, located in Netherlands and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is 90ramenbet.com.
TLS certificate: Issued by WE1 on November 27th 2024. Valid for: 3 months.
This is the only time 90ramenbet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 46.148.232.104 49505 (SELECTEL ...)
1 1 34.147.10.206 396982 (GOOGLE-CL...)
2 104.21.34.174 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 13 89.47.57.161 209242 (CLOUDFLAR...)
30 45.133.44.5 39572 (ADVANCEDH...)
2 64.233.180.97 15169 (GOOGLE)
3 57.144.180.128 32934 (FACEBOOK)
1 13.33.252.108 16509 (AMAZON-02)
4 157.240.241.35 32934 (FACEBOOK)
2 142.251.179.101 15169 (GOOGLE)
1 172.253.63.154 15169 (GOOGLE)
1 142.251.111.155 15169 (GOOGLE)
1 142.251.179.94 15169 (GOOGLE)
1 18.164.96.46 16509 (AMAZON-02)
1 149.154.167.99 62041 (Telegram ...)
4 3.75.35.9 16509 (AMAZON-02)
1 3.168.122.75 16509 (AMAZON-02)
71 18
Apex Domain
Subdomains
Transfer
30 cdn-pomadorro.com
ramen.cdn-pomadorro.com
5 MB
13 90ramenbet.com
90ramenbet.com
100 KB
4 salescs.com
salescs.com
14 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
421 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
79 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
553 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 142
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
201 KB
2 call2me.xyz
top.call2me.xyz
4 KB
2 ragemods.ru
ragemods.ru
461 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3181
232 B
1 telegram.org
telegram.org — Cisco Umbrella Rank: 10608
22 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 11557
408 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
62 KB
1 cpalink.co
track.cpalink.co
347 B
0 91ramenbet.com Failed
91ramenbet.com Failed
0 89ramenbet.com Failed
89ramenbet.com Failed
0 ramenbet.com Failed
ramenbet.com Failed
71 19
Domain Requested by
30 ramen.cdn-pomadorro.com ramen.cdn-pomadorro.com
90ramenbet.com
13 90ramenbet.com 1 redirects top.call2me.xyz
90ramenbet.com
ramen.cdn-pomadorro.com
4 salescs.com ramen.cdn-pomadorro.com
salescs.com
4 www.facebook.com 90ramenbet.com
3 connect.facebook.net 90ramenbet.com
connect.facebook.net
2 analytics.google.com www.googletagmanager.com
2 www.googletagmanager.com 90ramenbet.com
www.googletagmanager.com
2 top.call2me.xyz ragemods.ru
2 ragemods.ru 1 redirects
1 vc.hotjar.io script.hotjar.com
1 telegram.org ramen.cdn-pomadorro.com
1 script.hotjar.com static.hotjar.com
1 www.google.ca 90ramenbet.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 cdnjs.cloudflare.com top.call2me.xyz
1 track.cpalink.co 1 redirects
0 91ramenbet.com Failed top.call2me.xyz
0 89ramenbet.com Failed top.call2me.xyz
0 ramenbet.com Failed top.call2me.xyz
71 21

This site contains no links.

Subject Issuer Validity Valid
ragemods.ru
R10
2024-10-31 -
2025-01-29
3 months crt.sh
call2me.xyz
WE1
2024-10-26 -
2025-01-24
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
90ramenbet.com
WE1
2024-11-27 -
2025-02-25
3 months crt.sh
ramen.cdn-pomadorro.com
R10
2024-10-14 -
2025-01-12
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-06 -
2024-12-05
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.ca
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2
2024-08-10 -
2025-09-11
a year crt.sh
salescs.com
Go Daddy Secure Certificate Authority - G2
2024-08-05 -
2025-09-06
a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-02-07 -
2025-03-08
a year crt.sh

This page contains 5 frames:

Primary Page: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Frame ID: 90D022355B5C8A4554225879D6BB8F91
Requests: 68 HTTP requests in this frame

Frame: https://90ramenbet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 60EE909E3DCC1B83D00BD80251333800
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-M46WT768F8&gacid=706543647.1732809651&gtm=45je4bk0v9175457518z89174127247za200zb9174127247&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1757920694
Frame ID: A7AD42B749B3D59648BE414A1AB26ED9
Requests: 1 HTTP requests in this frame

Frame: https://salescs.com/scripts/generateWidget.php?v=5.50.5.14&t=1732784243&cwid=e046p0tv&cwrt=C&cwt=chat&pt=%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20RamenBet%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B5%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B&ref=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79
Frame ID: 5541D5C1E7BECEF14E73F4052E063855
Requests: 1 HTTP requests in this frame

Frame: https://salescs.com/scripts/generateWidget.php?v=5.50.5.14&t=1732784243&cwid=e046p0tv&cwrt=C&cwt=onlineform&pt=%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20RamenBet%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B5%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B&ref=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79
Frame ID: CFC099BCD300B76809A545FFDEEE1289
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Казино RamenBet - Лучшие онлайн-игры и бонусы

Page URL History Show full URLs

  1. http://ragemods.ru/ HTTP 307
    https://ragemods.ru/ Page URL
  2. https://ragemods.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=619 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6748... Page URL
  3. https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6748... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

71
Requests

94 %
HTTPS

0 %
IPv6

19
Domains

21
Subdomains

18
IPs

7
Countries

5326 kB
Transfer

7132 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ragemods.ru/ HTTP 307
    https://ragemods.ru/ Page URL
  2. https://ragemods.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=619 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79 Page URL
  3. https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ragemods.ru/ HTTP 307
  • https://ragemods.ru/
Request Chain 1
  • https://ragemods.ru/redirect/ HTTP 302
  • https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=619 HTTP 302
  • https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Request Chain 19
  • https://90ramenbet.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://90ramenbet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ragemods.ru/
Redirect Chain
  • http://ragemods.ru/
  • https://ragemods.ru/
277 B
312 B
Document
General
Full URL
https://ragemods.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.148.232.104 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
parking.axelname.ru
Software
axelname /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
197
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 16:00:45 GMT
server
axelname
vary
Accept-Encoding

Redirect headers

Location
https://ragemods.ru/
Non-Authoritative-Reason
HttpsUpgrades
registration
top.call2me.xyz/ru/
Redirect Chain
  • https://ragemods.ru/redirect/
  • https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=619
  • https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
8 KB
4 KB
Document
General
Full URL
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Requested by
Host: ragemods.ru
URL: https://ragemods.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.34.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b389bd6b51ca4892495eabec6452b6b6f552adb674e49724f56998515434a372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ragemods.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e9b92ab5ce5ac58-YYZ
content-encoding
zstd
content-type
text/html
date
Thu, 28 Nov 2024 16:00:48 GMT
last-modified
Thu, 28 Nov 2024 12:48:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0e7CdcHfW53a3OUOp0M25SUBKuIiwXLNMHeQ9aB8QFwy%2F5nQs%2FyGyikQE0nUfOosSXXpMhPwVYA3oV09Np8IF2VJfTlBiY9UZOVCgYCM7uAwPhbNU2dGwpmbO4yiRkd5qA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=4987&min_rtt=4884&rtt_var=1905&sent=6&recv=6&lost=0&retrans=0&sent_bytes=2832&recv_bytes=1276&delivery_rate=864864&cwnd=226&unsent_bytes=0&cid=4d65265a758e19a7&ts=82&x=0" cfL4;desc="?proto=QUIC&rtt=19561&min_rtt=18806&rtt_var=3739&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4257&recv_bytes=4561&delivery_rate=638&cwnd=12000&unsent_bytes=0&cid=333ca3ef7f74345c&ts=491&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding

Redirect headers

access-control-allow-origin
*
content-length
0
date
Thu, 28 Nov 2024 16:00:47 GMT
location
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
server
nginx
x-adjust-use-original-forwarded-for
1
jsrsasign-all-min.js
cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/
283 KB
62 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/jsrsasign-all-min.js
Requested by
Host: top.call2me.xyz
URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b71baba57a2e71b44efcaa1a02d61f61456a57606e1096812221849b198e6dd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ece-46ad7"
age
771108
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0mpIZTfqoJ85AMVk%2FURo9rrIhd27vPlyfqfWp8jMIRkRUjN4eUSUEB267dcZguFhzF3Qfo1b5u34hudr144oJ%2FNY8LmaZRcn9raRB4b9WtwLSDeYb2sU4PZyFCVAWC7oxhX2uj80"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 18 Nov 2025 16:00:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 28 Nov 2024 16:00:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:58 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e9b92af09e1ab0a-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
62327
server
cloudflare
/
ramenbet.com/signature/
0
0

/
89ramenbet.com/signature/
0
0

/
90ramenbet.com/signature/
73 B
432 B
XHR
General
Full URL
https://90ramenbet.com/signature/?x=1732809648611
Requested by
Host: top.call2me.xyz
URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8e9b92b05b9e36ac-YYZ
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:48 GMT
content-type
application/json
server
cloudflare
x-frame-options
DENY
/
91ramenbet.com/signature/
0
0

favicon.ico
top.call2me.xyz/
548 B
796 B
Other
General
Full URL
https://top.call2me.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.34.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
98
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N93Av7DjcGQStII1lEct9YQattLNQsp32Zvan8d%2FcGarqVJs3e24CRUJLg4fxDDh7sB9keSkXE77v6rygs16YgnhLO%2BXWwWP3LKRNhPiLtco2U037st821z9UApf3TVXHQU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e9b92b00beeac58-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19671&min_rtt=18806&rtt_var=2295&sent=18&recv=13&lost=0&retrans=0&sent_bytes=8166&recv_bytes=5060&delivery_rate=194009&cwnd=12000&unsent_bytes=0&cid=333ca3ef7f74345c&ts=794&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 16:00:48 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
Primary Request registration
90ramenbet.com/ru/
19 KB
8 KB
Document
General
Full URL
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Requested by
Host: top.call2me.xyz
URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf29e83528db53c538f89f8b30ba850fd31fe358e376de07439971faa63c077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

Referer
https://top.call2me.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8e9b92b20a6eac70-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 16:00:49 GMT
link
<https://ramen.cdn-pomadorro.com/static/reactjs/source.css?rev1732716527.0081341>; rel="preload";as="style"; nopush, <https://ramen.cdn-pomadorro.com/static/reactjs/source.js?rev1732716527.0081341>; rel="preload";as="script"; nopush, <https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341>; rel="preload";as="script"; nopush, <https://ramen.cdn-pomadorro.com/media/theme/ramenbet.1725473864820.css>; rel="preload";as="style"; nopush
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
source.css
ramen.cdn-pomadorro.com/static/reactjs/
6 KB
2 KB
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/source.css?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
bae54b7b301603b0843e73e7cdf263870e8e65163ac4288bf06cfd430537c1d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
content-encoding
gzip
etag
W/"66eac428-19eb"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:49 GMT
content-type
text/css
last-modified
Wed, 18 Sep 2024 12:14:32 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
source.js
ramen.cdn-pomadorro.com/static/reactjs/
363 B
796 B
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/source.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
3fe3646f61e6c6229bf1cc84d0117b3c3189521afe3d61a9c1ed5e3ffc0e390c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"66fd396e-16b"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
363
date
Thu, 28 Nov 2024 16:00:49 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:15:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
bundle.js
ramen.cdn-pomadorro.com/static/reactjs/
15 KB
16 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
446bdd3f51016cad41c8a0e4e97528b71e4669c17658affeda8b9b9e088778a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"674727ea-3d86"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
15750
date
Thu, 28 Nov 2024 16:00:49 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Nov 2024 14:08:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ramenbet.1725473864820.css
ramen.cdn-pomadorro.com/media/theme/
176 KB
130 KB
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/media/theme/ramenbet.1725473864820.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
997108c47ea64ed5a535ed72dfa93f1d36066880acdd733c58bec89fff347ddd
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

x-cache-status
MISS
cache-control
max-age=172800
content-encoding
gzip
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:49 GMT
content-type
text/css
server
nginx
x-cdn-host-id
ds7961
x-frame-options
DENY
gtm.js
www.googletagmanager.com/
304 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KC98BLC3
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e80b0dd7cc34bb3438a77d16a32ae8ef362bd57b5ef088b9813587ac89afaf04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 28 Nov 2024 16:00:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97425
x-xss-protection
0
server
Google Tag Manager
chunk.crypto.8e7ae7fa80d2601216b7.js
ramen.cdn-pomadorro.com/static/reactjs/
2 MB
2 MB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.crypto.8e7ae7fa80d2601216b7.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
1b7bf3d091cf6810e4ed01ce6ee12dcacd0740592e6a358ad06d2780dc04d87b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"6734a925-1c6b9a"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
1862554
date
Thu, 28 Nov 2024 16:00:49 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 13 Nov 2024 13:27:01 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.react.4d415ed9173353494163.js
ramen.cdn-pomadorro.com/static/reactjs/
271 KB
272 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.react.4d415ed9173353494163.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
d78690e84f33bef698d98531abf36799b082c49d3314d8e8b384b60c947de73e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"66fd396e-43d4b"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
277835
date
Thu, 28 Nov 2024 16:00:49 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:15:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.vendors.b2bdc1bf964bed417f01.js
ramen.cdn-pomadorro.com/static/reactjs/
1 MB
1 MB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.vendors.b2bdc1bf964bed417f01.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
889b7b5115755872fb1f8b80fe904d30d6c80691ef70c7f34aa023283544512c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"674727ea-138591"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
1279377
date
Thu, 28 Nov 2024 16:00:49 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Nov 2024 14:08:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
style.b51bbe463413763b58ba.css
ramen.cdn-pomadorro.com/static/reactjs/
140 KB
27 KB
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/style.b51bbe463413763b58ba.css
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
428af96e297a081e66d43c535573716eb289ea4d33c9c7df13bb6267f32f583e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
content-encoding
gzip
etag
W/"674727ea-23041"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:49 GMT
content-type
text/css
last-modified
Wed, 27 Nov 2024 14:08:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.4a27a46af43f27791498.js
ramen.cdn-pomadorro.com/static/reactjs/
819 KB
820 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
8da51baf64e7cd8088c8158a8efa85ddbe2cd3fb5451b327e3b8378459ab8b0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"674727ea-ccaf9"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:49 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
838393
date
Thu, 28 Nov 2024 16:00:49 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Nov 2024 14:08:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-awPnbtUC' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 16:00:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-awPnbtUC' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4460, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
IWV2Y/fdZ9sqllpIu2vCnIMN68bQ1dBhKMHg5FPTb93IwLhckXd+X+8kiHoomr61w0Pdylx+gbLGOLYwxUd5+g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
main.js
90ramenbet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 60EE
Redirect Chain
  • https://90ramenbet.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://90ramenbet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
4 KB
Script
General
Full URL
https://90ramenbet.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H2
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c036711258f9f658c2898f138c08e2f2a7de24a7aaa1b5eb5729aff2d209593
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8e9b92b6781fac70-YYZ
date
Thu, 28 Nov 2024 16:00:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cf-ray
8e9b92b63fdeac70-YYZ
access-control-allow-origin
*
content-length
0
date
Thu, 28 Nov 2024 16:00:49 GMT
vary
Accept-Encoding
server
cloudflare
8e9b92b20a6eac70
90ramenbet.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 60EE
0
638 B
XHR
General
Full URL
https://90ramenbet.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e9b92b20a6eac70
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8e9b92b85a9bac70-YYZ
content-length
0
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
3790830637859477
connect.facebook.net/signals/config/
76 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/3790830637859477?v=2.9.176&r=stable&domain=90ramenbet.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
8c1c7bf7663a757636a8a98fefd4f3731cb355d8d30913342cfcd466f5bb8846
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-3pTW5gjq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-3pTW5gjq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=4, c=77, mss=1232, tbw=75388, tp=72, tpl=4, uplat=111, ullat=0
pragma
public
x-fb-debug
pCCQVD0ZUmrSjSCIuajk60FyXp5XLZ6Vku07UP/YI6545Hz3WbEl+0lr3HgNXAfYq/lGXTVnBqCYkC9cRFA7Nw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/
315 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M46WT768F8&l=dataLayer&cx=c&gtm=45He4bk0v9174127247za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC98BLC3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a2d3125bb86e675f73f356de5a74a9815a7566d10b3eb4b6a3c072491cd8df0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 28 Nov 2024 16:00:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107405
x-xss-protection
0
server
Google Tag Manager
hotjar-3905265.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3905265.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KC98BLC3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.252.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-252-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
159b0171b017d6bd9d0a027f013908f02ec49c9d24b1d3c70ad6d461b6ca695f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/a8ed18037bb23f591e61cb9f0752ae02
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 350c00f07ce2a077574ee5c2ad078d3e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
Q8p1_m2vlsisObZ2mPqZBmUgN2PWz3KG9pYOg41p6Kkeq_WkOLQfQQ==
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
JFK50-P10
1085552949467815
connect.facebook.net/signals/config/
25 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1085552949467815?v=2.9.176&r=stable&domain=90ramenbet.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
cd5ec7c03cc0267860cc9d3517d9f36ba1e7d7b7befc1df8684f2c9174181c07
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-L6DgJDeR' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-L6DgJDeR' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=5, c=90, mss=1232, tbw=92860, tp=90, tpl=5, uplat=58, ullat=0
pragma
public
x-fb-debug
wVqvx9Bo5Gh9apkBSvQRDJ1hBOKk9JJ9QgOGHlyr5feVC3W62UUFTBxuRWcJSC+T5qTrnbeX7kZtvKXrAp8J+Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=3790830637859477&ev=PageView&dl=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79&rl=https%3A%2F%2Ftop.call2me.xyz%2F&if=false&ts=1732809650322&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732809650318.864302940866803566&cs_est=true&ler=other&cdl=API_unavailable&it=1732809650010&coo=false&rqm=GET
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4506, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3790830637859477&ev=PageView&dl=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79&rl=https%3A%2F%2Ftop.call2me.xyz%2F&if=false&ts=1732809650322&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732809650318.864302940866803566&cs_est=true&ler=other&cdl=API_unavailable&it=1732809650010&coo=false&rqm=FGET
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442360778695299816"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
DzfF9nLPksOL5F+HxgJF/cRXcAriUd6l3MknpkfMUk7eYNGJBcrbcOKTCo2CR61wAgHJ2b/MOO5toENhAi5xGg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442360778695299816", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4874, tp=13, tpl=0, uplat=74, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
messages.json
90ramenbet.com/static/translations/en/
127 KB
23 KB
Fetch
General
Full URL
https://90ramenbet.com/static/translations/en/messages.json
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.vendors.b2bdc1bf964bed417f01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09ee4c789968bff0584105c3d389e0be8ce76c634fa10ca3332144043e08202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=300
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"674885f2-1fc54"
cf-ray
8e9b92bdf99fac70-YYZ
expires
Thu, 28 Nov 2024 16:05:50 GMT
date
Thu, 28 Nov 2024 16:00:50 GMT
content-type
application/json
last-modified
Thu, 28 Nov 2024 15:02:10 GMT
server
cloudflare
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1085552949467815&ev=PageView&dl=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79&rl=https%3A%2F%2Ftop.call2me.xyz%2F&if=false&ts=1732809651065&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732809650318.864302940866803566&ler=other&cdl=API_unavailable&it=1732809650010&coo=false&rqm=GET
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=2, c=4, mss=1232, tbw=9610, tp=24, tpl=2, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1085552949467815&ev=PageView&dl=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79&rl=https%3A%2F%2Ftop.call2me.xyz%2F&if=false&ts=1732809651065&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732809650318.864302940866803566&ler=other&cdl=API_unavailable&it=1732809650010&coo=false&rqm=FGET
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442360781769124597"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
eGSRHyjwq4+HPc7JanMk6pls86xISXaBO2kKkebDkL/r/Bwj58lCpC5F/I2YOSdKYlueS5dnA89fWH0UGRV0ww==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442360781769124597", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=2, c=26, mss=1232, tbw=9802, tp=26, tpl=2, uplat=51, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-M46WT768F8&gtm=45je4bk0v9175457518z89174127247za200zb9174127247&_p=1732809649574&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=706543647.1732809651&ecid=970764459&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1732809651&sct=1&seg=0&dl=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79&dr=https%3A%2F%2Ftop.call2me.xyz%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.locale=Russia&ep.partner_id=p42277p3313169pede1&tfd=2295
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M46WT768F8&l=dataLayer&cx=c&gtm=45He4bk0v9174127247za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f101.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://90ramenbet.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
553 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M46WT768F8&cid=706543647.1732809651&gtm=45je4bk0v9175457518z89174127247za200zb9174127247&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M46WT768F8&l=dataLayer&cx=c&gtm=45He4bk0v9174127247za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://90ramenbet.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame A7AD
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-M46WT768F8&gacid=706543647.1732809651&gtm=45je4bk0v9175457518z89174127247za200zb9174127247&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1757920694
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M46WT768F8&l=dataLayer&cx=c&gtm=45He4bk0v9174127247za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://90ramenbet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 16:00:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/
42 B
408 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M46WT768F8&cid=706543647.1732809651&gtm=45je4bk0v9175457518z89174127247za200zb9174127247&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=172272691
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 28 Nov 2024 16:00:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
modules.86621fa4aeada5bcf025.js
script.hotjar.com/
222 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3905265.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ff8702986a1c41356391628a5f5d6f03"
age
697725
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
RAmpw14Vk_yzf1X70tY37SclilbeXCUE4J4PITJ1AawUvT1LA3xg3A==
date
Wed, 20 Nov 2024 14:12:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 14:11:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 8a9cdb228e33f8d52a4b42c56ca26590.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56243
x-amz-cf-pop
JFK50-P5
init_data
90ramenbet.com/jsapi/
53 KB
9 KB
Fetch
General
Full URL
https://90ramenbet.com/jsapi/init_data?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276f8deed1f1e14f09f1a2d2da05a648b88c99a5d39fc6bd303a5cd771ae29b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

x-sid
563dc5d45043cfa006a057bd3798cbdb
x-jsapi-lang
Referer
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8e9b92c02cedac70-YYZ
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
application/json
server
cloudflare
x-frame-options
DENY
style.e303c3cf7a00b787ed8e.css
ramen.cdn-pomadorro.com/static/reactjs/
2 KB
1 KB
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/style.e303c3cf7a00b787ed8e.css
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
cc6e23a83f3ae63095f1a0c6c5576517cc21ff18f6ce670e7a0a8ac5b818445e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
content-encoding
gzip
etag
W/"66d851d0-9ae"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/css
last-modified
Wed, 04 Sep 2024 12:25:52 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.8b703417d734a2d96a04.js
ramen.cdn-pomadorro.com/static/reactjs/
2 KB
3 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.8b703417d734a2d96a04.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
0e109043d68da11461e3718751a02805c842c50f63833d87082c9eafed836b5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"6734a925-93e"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
2366
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 13 Nov 2024 13:27:01 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
style.1857a1b01159b192ee04.css
ramen.cdn-pomadorro.com/static/reactjs/
15 KB
5 KB
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/style.1857a1b01159b192ee04.css
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
7fe4c98b4b3176746f251f200bc20cb98553035b4aa0b86a28873aca50fe7032

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
content-encoding
gzip
etag
W/"674727ea-3ba9"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/css
last-modified
Wed, 27 Nov 2024 14:08:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.c5ee6383c2d46dc818f7.js
ramen.cdn-pomadorro.com/static/reactjs/
62 KB
63 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.c5ee6383c2d46dc818f7.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
2842ef466b3b11160930c64e0a217d0747d467c14533fd6123c923305ed0afaa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"674727ea-f82e"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
63534
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Nov 2024 14:08:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
style.b71a42db1cad54edc680.css
ramen.cdn-pomadorro.com/static/reactjs/
44 KB
25 KB
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/style.b71a42db1cad54edc680.css
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
9e5bb880d006da06b0b0699fa7eae4fa3df57ddf80856eb303d4ec665ac45c29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
content-encoding
gzip
etag
W/"66d851d0-afc3"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/css
last-modified
Wed, 04 Sep 2024 12:25:52 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.vendors.ed08db914af72204b2b0.js
ramen.cdn-pomadorro.com/static/reactjs/
55 KB
55 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.vendors.ed08db914af72204b2b0.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
6292dfec5c8892273ddd3b5b53800eb139b242649e30a6d6032f4b735f7cbf29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"66fd396e-dc00"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
56320
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:15:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.vendors.adb535740c489f23dfd7.js
ramen.cdn-pomadorro.com/static/reactjs/
22 KB
22 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.vendors.adb535740c489f23dfd7.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
2221edb5ea90abdccd15e470d35602891f36205656134c89d3bdfa8ee2f1b93d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"66fd396e-57eb"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
22507
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:15:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
style.5d0a909ece5a78914236.css
ramen.cdn-pomadorro.com/static/reactjs/
15 KB
3 KB
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/style.5d0a909ece5a78914236.css
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
3d1cfa911581c37c54fe529b75d516d9dfa4389c66c5b32b81609d8866afb5e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
content-encoding
gzip
etag
W/"6734a925-3c9c"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 13:27:01 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.d6a8f179532a215ef026.js
ramen.cdn-pomadorro.com/static/reactjs/
50 KB
51 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.d6a8f179532a215ef026.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
c3add8d380e59eee5e5387a495f8b8dcbe1bb9be4acd91def77b2e0d0705e521

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"674727ea-c96f"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
51567
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Nov 2024 14:08:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.vendors.8f1bf3982b03790566b0.js
ramen.cdn-pomadorro.com/static/reactjs/
50 KB
50 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.vendors.8f1bf3982b03790566b0.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
2defc2379742e186afa2a087b34a7a7eed4d707e9e205155b37584a1183ec2c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"66fd396e-c662"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
50786
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:15:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
style.e1094d7e51f5670f9a3a.css
ramen.cdn-pomadorro.com/static/reactjs/
3 KB
1 KB
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/style.e1094d7e51f5670f9a3a.css
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
e9e372d2c2f0950d0fbeef292c6c78af46dd4481440f05c4026ad9166b2516d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
content-encoding
gzip
etag
W/"67050cba-ae6"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/css
last-modified
Tue, 08 Oct 2024 10:43:06 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.0d4d06cfc9ba8adcb7f3.js
ramen.cdn-pomadorro.com/static/reactjs/
8 KB
9 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.0d4d06cfc9ba8adcb7f3.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
90a03dc58805a1de97a24bb7c058d63aa3b06f4548681fa87d2abcd6bb30efea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"674727ea-210e"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
8462
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Nov 2024 14:08:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
truncated
/
124 KB
124 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32454375eb51f254b0d3fc14a2a0062892a7549effa743056e7720dac6fcf507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://90ramenbet.com
Referer

Response headers

Content-Type
font/truetype;charset=utf-8
seo_data
90ramenbet.com/jsapi/
104 B
791 B
Fetch
General
Full URL
https://90ramenbet.com/jsapi/seo_data?url=/registration&lang=ru
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8e96036ccc8c12932749fb66f59be5ecbeef736ae549a7212437b28f7dc8be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

x-sid
563dc5d45043cfa006a057bd3798cbdb
x-jsapi-lang
Referer
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
x-xsrftoken
2|6668bb31|371d4135793d204fada1e900101e2cad|1732809649

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=vsl7toJNvjz8PsAfHzpst06S9xOgO3PIpQUlMgBQpYY-1732809651-1.0.1.1-bqAEdzuZ8QGUEZe0Jkz9CjhuEWHN1zqc9XhAZKNEm8AZD76V22F.pXUUz31eF_Cp3.4MuoEHWK5sDrbeRtyQm1pgt6gGaVMNeWidiAYTgS0YQ9CRwMEKZFeHgIUC_U_17uyBs7DYLww5RMF.gsoWsQ"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=vsl7toJNvjz8PsAfHzpst06S9xOgO3PIpQUlMgBQpYY-1732809651-1.0.1.1-bqAEdzuZ8QGUEZe0Jkz9CjhuEWHN1zqc9XhAZKNEm8AZD76V22F.pXUUz31eF_Cp3.4MuoEHWK5sDrbeRtyQm1pgt6gGaVMNeWidiAYTgS0YQ9CRwMEKZFeHgIUC_U_17uyBs7DYLww5RMF.gsoWsQ; report-to cf-csp-endpoint
cf-ray
8e9b92c25fbcac70-YYZ
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
application/json
server
cloudflare
x-frame-options
DENY
notification_strip
90ramenbet.com/jsapi/get/
99 KB
6 KB
Fetch
General
Full URL
https://90ramenbet.com/jsapi/get/notification_strip
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3725e25303677cd265f8278f6ae23271b96f43dac345e71d3255ac302d1721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

x-sid
563dc5d45043cfa006a057bd3798cbdb
x-jsapi-lang
Referer
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
x-xsrftoken
2|6668bb31|371d4135793d204fada1e900101e2cad|1732809649

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8e9b92c26fc0ac70-YYZ
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
application/json
server
cloudflare
x-frame-options
DENY
telegram-web-app.js
telegram.org/js/
106 KB
22 KB
Script
General
Full URL
https://telegram.org/js/telegram-web-app.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (Telegram Telegram Messenger Inc, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"6739f222-1a916"
expires
Mon, 02 Dec 2024 16:00:52 GMT
date
Thu, 28 Nov 2024 16:00:52 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 13:39:46 GMT
server
nginx/1.18.0
info
90ramenbet.com/jsapi/user/
200 B
197 B
Fetch
General
Full URL
https://90ramenbet.com/jsapi/user/info?
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae6cc13ffab0dfdd1af53a4da3bbfaed0cc4a37f28cd902a5cb974df69850dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

x-sid
563dc5d45043cfa006a057bd3798cbdb
x-jsapi-lang
Referer
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
x-xsrftoken
2|6668bb31|371d4135793d204fada1e900101e2cad|1732809649

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8e9b92c28fe6ac70-YYZ
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
application/json
server
cloudflare
x-frame-options
DENY
track.js
salescs.com/scripts/
49 KB
13 KB
Script
General
Full URL
https://salescs.com/scripts/track.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.35.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-35-9.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
59eda655b2af9936e87548893472328efa781a853b01f4aa8aa2352ec330f05e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=300, public
content-encoding
gzip
etag
W/"c577-626a375137c80"
age
161
x-content-type-options
nosniff
via
1.1 varnish (prod-ec1)
accept-ranges
bytes
x-varnish
162764904 152548485
content-length
13153
date
Thu, 28 Nov 2024 15:58:11 GMT
content-type
application/javascript
last-modified
Mon, 11 Nov 2024 13:55:46 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.50.5.14
messages.json
90ramenbet.com/static/translations/ru/
170 KB
42 KB
Fetch
General
Full URL
https://90ramenbet.com/static/translations/ru/messages.json
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.vendors.b2bdc1bf964bed417f01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9bf7511fdb1cd4c863ed08c43255dd87e4fdb01e887f018325e2e45d2238231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=300
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"674885fa-2a9ae"
cf-ray
8e9b92c28ff5ac70-YYZ
expires
Thu, 28 Nov 2024 16:05:51 GMT
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
application/json
last-modified
Thu, 28 Nov 2024 15:02:18 GMT
server
cloudflare
chunk.e5a50864eb91690702c9.js
ramen.cdn-pomadorro.com/static/reactjs/
3 KB
4 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.e5a50864eb91690702c9.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
b7705288906355a82a588e06b76bbee2d972da61b05057fd8b4649ec0378a4d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"66fd396e-ddd"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
3549
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:15:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
63f5f97eeb3dddc68c26d61b
ramen.cdn-pomadorro.com/svg/ramenbet/
880 B
1 KB
Image
General
Full URL
https://ramen.cdn-pomadorro.com/svg/ramenbet/63f5f97eeb3dddc68c26d61b
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
2a8d21799decd0911d5de65d4567e4ecff73ee6b2b23cdfbeea175d352e81160
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

x-cache-status
HIT
cache-control
max-age=172800
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
880
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
image/svg+xml; charset=utf-8
server
nginx
x-cdn-host-id
ds7961
x-frame-options
DENY
chunk.547ba8182263bc817cc9.js
ramen.cdn-pomadorro.com/static/reactjs/
1 KB
1 KB
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.547ba8182263bc817cc9.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
3b51013db77d669b6a4a5098381cc09e2b15c8970d4e53e104f01194e7389967

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"66fd396e-42f"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
1071
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:15:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
style.6732ada1a1ad17c6ffd7.css
ramen.cdn-pomadorro.com/static/reactjs/
1 KB
738 B
Stylesheet
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/style.6732ada1a1ad17c6ffd7.css
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
7a79c3980ffdeee14b36308c0f9e55525f791c1ceaa217848cb906f9c187c6d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
content-encoding
gzip
etag
W/"66d851d0-4c2"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:51 GMT
content-type
text/css
last-modified
Wed, 04 Sep 2024 12:25:52 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
chunk.6dcba5dcd19f7553f8f3.js
ramen.cdn-pomadorro.com/static/reactjs/
543 B
976 B
Script
General
Full URL
https://ramen.cdn-pomadorro.com/static/reactjs/chunk.6dcba5dcd19f7553f8f3.js
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/bundle.js?rev1732716527.0081341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
47c7d0c83fc6365e3efdb901c4f187158f622a07e953b133207ea3ae3a602f12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=172800
etag
"66fd396e-21f"
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 30 Nov 2024 16:00:51 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
543
date
Thu, 28 Nov 2024 16:00:51 GMT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 12:15:42 GMT
server
nginx
x-cdn-host-id
ds7961
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
logo
ramen.cdn-pomadorro.com/media/ui/ramenbet/ru/
12 KB
12 KB
Fetch
General
Full URL
https://ramen.cdn-pomadorro.com/media/ui/ramenbet/ru/logo
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.c5ee6383c2d46dc818f7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
3a6db94f673819d291756d113f8620cfc8587078d898ffdf0b103bf58ab8f28b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

x-cache-status
MISS
cache-control
max-age=172800
expires
Sat, 30 Nov 2024 16:00:53 GMT
x-proxy-cache
EXPIRED
access-control-allow-origin
*
content-length
11934
date
Thu, 28 Nov 2024 16:00:53 GMT
content-type
image/svg+xml; charset=utf-8
server
nginx
x-cdn-host-id
ds7961
registration
90ramenbet.com/jsapi/constructor/
6 KB
3 KB
Fetch
General
Full URL
https://90ramenbet.com/jsapi/constructor/registration?partner=p42277p3313169pede1
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed4ffbe6dc36cd327890cf5d347b4a7ef8321fb7bf4d1661ea0cb07cb37cb7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

x-sid
563dc5d45043cfa006a057bd3798cbdb
x-jsapi-lang
Referer
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
x-xsrftoken
2|3c20c2dc|6d5538d8237559a2f7e990ed4a565540|1732809649

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8e9b92c4dac0ac70-YYZ
access-control-allow-origin
*
date
Thu, 28 Nov 2024 16:00:52 GMT
content-type
application/json
server
cloudflare
x-frame-options
DENY
/
90ramenbet.com/_jsapi/footer_data/wlid/ramenbet/currency_type/fiat/platform/pc/iso/CA/currency/CAD/lang/ru/regulation/curacao/over/email/subdivision/CA_ON/
10 KB
3 KB
Fetch
General
Full URL
https://90ramenbet.com/_jsapi/footer_data/wlid/ramenbet/currency_type/fiat/platform/pc/iso/CA/currency/CAD/lang/ru/regulation/curacao/over/email/subdivision/CA_ON/
Requested by
Host: ramen.cdn-pomadorro.com
URL: https://ramen.cdn-pomadorro.com/static/reactjs/chunk.4a27a46af43f27791498.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.47.57.161 , Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eb823eece8930371c7ee7c7061e5f2e4bd692ec9c5bbff8cc031b2fe9fd2329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

x-sid
563dc5d45043cfa006a057bd3798cbdb
x-jsapi-lang
Referer
https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
x-requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
x-xsrftoken
2|3c20c2dc|6d5538d8237559a2f7e990ed4a565540|1732809649

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cf-ray
8e9b92c4dac2ac70-YYZ
content-encoding
gzip
cf-cache-status
DYNAMIC
date
Thu, 28 Nov 2024 16:00:52 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7079f8047d399633a5f94f1ccc7094180720e2173c87a9d1551a583834ae7205

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
logo
ramen.cdn-pomadorro.com/media/ui/ramenbet/ru/
12 KB
0
Image
General
Full URL
https://ramen.cdn-pomadorro.com/media/ui/ramenbet/ru/logo
Requested by
Host: 90ramenbet.com
URL: https://90ramenbet.com/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=674893af864df5000145ad79
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
3a6db94f673819d291756d113f8620cfc8587078d898ffdf0b103bf58ab8f28b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

x-cache-status
MISS
cache-control
max-age=172800
expires
Sat, 30 Nov 2024 16:00:53 GMT
x-proxy-cache
EXPIRED
access-control-allow-origin
*
content-length
11934
date
Thu, 28 Nov 2024 16:00:53 GMT
content-type
image/svg+xml; charset=utf-8
server
nginx
x-cdn-host-id
ds7961
3905265
vc.hotjar.io/sessions/
0
232 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/3905265?s=0.25&r=0.050857613695683535
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.122.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-122-75.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

via
1.1 37fecf641296846b450fec2550a25bee.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
Z540rg_ps2_QPy_zAUADpz6lpOIAVE5xkdjKfN1q9B90ybBGCl4qTQ==
date
Thu, 28 Nov 2024 16:00:53 GMT
x-amz-cf-pop
JFK52-P7
button.php
salescs.com/scripts/
2 KB
1 KB
Script
General
Full URL
https://salescs.com/scripts/button.php?ChS=UTF-8&C=Widget&i=e046p0tv&p=__S__90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79
Requested by
Host: salescs.com
URL: https://salescs.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.35.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-35-9.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
6318016335aa31b0081fbb05f1f3973ebe6d70aab2937b7f2382f534d9767f5e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=15, public
content-encoding
gzip
pragma
age
0
x-content-type-options
nosniff, nosniff
via
1.1 varnish (prod-ec1)
expires
Thu, 28 Nov 2024 16:01:08 GMT
accept-ranges
bytes
x-varnish
153337838
date
Thu, 28 Nov 2024 16:00:53 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 28 Nov 2024 16:00:53 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.50.5.14
generateWidget.php
salescs.com/scripts/ Frame 5541
0
0
Document
General
Full URL
https://salescs.com/scripts/generateWidget.php?v=5.50.5.14&t=1732784243&cwid=e046p0tv&cwrt=C&cwt=chat&pt=%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20RamenBet%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B5%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B&ref=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79
Requested by
Host: salescs.com
URL: https://salescs.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.35.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-35-9.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://90ramenbet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=31536000, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Nov 2024 16:00:54 GMT
expires
Wed, 01 Jan 2025 00:00:00 GMT
la-ver
5.50.5.14
last-modified
Tue, 01 Jan 2008 00:00:00 GMT
server
Apache/2.4.57 (Unix)
vary
Accept-Encoding
via
1.1 varnish (prod-ec1)
x-content-type-options
nosniff
x-varnish
162498098
generateWidget.php
salescs.com/scripts/ Frame CFC0
0
0
Document
General
Full URL
https://salescs.com/scripts/generateWidget.php?v=5.50.5.14&t=1732784243&cwid=e046p0tv&cwrt=C&cwt=onlineform&pt=%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20RamenBet%20-%20%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B5%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%B8%D0%B3%D1%80%D1%8B%20%D0%B8%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B&ref=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79
Requested by
Host: salescs.com
URL: https://salescs.com/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.35.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-35-9.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://90ramenbet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=31536000, public
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Nov 2024 16:00:54 GMT
expires
Wed, 01 Jan 2025 00:00:00 GMT
la-ver
5.50.5.14
last-modified
Tue, 01 Jan 2008 00:00:00 GMT
server
Apache/2.4.57 (Unix)
vary
Accept-Encoding
via
1.1 varnish (prod-ec1)
x-content-type-options
nosniff
x-varnish
161131213
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-M46WT768F8&gtm=45je4bk0v9175457518z89174127247za200zb9174127247&_p=1732809649574&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=706543647.1732809651&ecid=970764459&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=2&sid=1732809651&sct=1&seg=0&dl=https%3A%2F%2F90ramenbet.com%2Fru%2Fregistration%3Fapkpop%3D0%26partner%3Dp42277p3313169pede1%26promo%3D11028%26source%3D674893af864df5000145ad79&dr=https%3A%2F%2Ftop.call2me.xyz%2F&dt=&en=dom_load_time&ep.locale=Russia&ep.partner_id=p42277p3313169pede1&epn.custom_timestamp=1732809650292&epn.dom_loading_time_sec=0.79&_et=44&up.partner_id=p42277p3313169pede1&up.partner_source=674893af864df5000145ad79&up.partner_promo=11028&tfd=7357
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M46WT768F8&l=dataLayer&cx=c&gtm=45He4bk0v9174127247za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f101.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://90ramenbet.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 16:00:56 GMT
content-type
text/plain
server
Golfe2
favicon_svg
ramen.cdn-pomadorro.com/media/ui/ramenbet/
5 KB
5 KB
Other
General
Full URL
https://ramen.cdn-pomadorro.com/media/ui/ramenbet/favicon_svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
afaf7b7791edbf60d78eec281da058fd7cf86abf2ac12b266972654a29d2a721

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

x-cache-status
MISS
cache-control
max-age=172800
expires
Sat, 30 Nov 2024 16:00:56 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
4753
date
Thu, 28 Nov 2024 16:00:56 GMT
content-type
image/svg+xml; charset=utf-8
server
nginx
x-cdn-host-id
ds7961
favicon_ico
ramen.cdn-pomadorro.com/media/ui/ramenbet/
4 KB
4 KB
Other
General
Full URL
https://ramen.cdn-pomadorro.com/media/ui/ramenbet/favicon_ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.5 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
6a254a1b0e267cf16057f30fceb582792fd0adf35c515bc9e5503b5bb525f688

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://90ramenbet.com/

Response headers

x-cache-status
MISS
cache-control
max-age=172800
expires
Sat, 30 Nov 2024 16:00:56 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
content-length
4286
date
Thu, 28 Nov 2024 16:00:56 GMT
content-type
image/ico
server
nginx
x-cdn-host-id
ds7961

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ramenbet.com
URL
https://ramenbet.com/signature/?x=1732809648611
Domain
89ramenbet.com
URL
https://89ramenbet.com/signature/?x=1732809648611
Domain
91ramenbet.com
URL
https://91ramenbet.com/signature/?x=1732809648611

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| dataLayer object| webpackChunk function| fbq function| _fbq object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| __SENTRY__ object| litPropertyMetadata object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| Buffer object| global object| process function| CoinbaseWalletSDK function| CoinbaseWalletProvider function| WalletLink function| WalletLinkProvider string| __reactRouterVersion function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| CACHED_IMAGES object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy function| hashCode object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker object| liveAgentButton function| init_button_e046p0tv object| widgets number| widgetsLength

19 Cookies

Domain/Path Name / Value
track.cpalink.co/ Name: afclick
Value: 674893af864df5000145ad79
track.cpalink.co/ Name: afoffers
Value: {"1028":1732809647}
90ramenbet.com/ Name: _xsrf
Value: 2|ce10528e|9f65a88ad145c9f005d900bfb866c512|1732809649
90ramenbet.com/ Name: lang
Value: ru
.90ramenbet.com/ Name: _cfuvid
Value: F2QeknCi_q1CjO8AYxgvxWaxqHIwPKkleNKHmMHe2w4-1732809649173-0.0.1.1-604800000
.90ramenbet.com/ Name: cf_clearance
Value: gC.Dv1b0aVVnkGVLt2bPOEuRNRCXY6CQX6IXS8uEeus-1732809650-1.2.1.1-M1KKY9xUK3YH.EYt_BD7swlbHr8r80Wlj1JXimTWjiTf4UsM89wM_22qRIHHte6CceyDi8o1RdJiI006PRrv7fRSiiwnPP3XcsLiKQOkzI12okSaRDog9NofRfsDi2W5CUkUk1daqetx3cjy0eXz5fwvF4FR2JkfTZmIWCBrqxlFa0cqLZkk3whk9px5ia2V0Y5e77EvnRsi.R_EFB16.IaOPbZqqmaS_M_BrfbFUZuXGIzKzpNumMBdkBaINv0IjnVMOptceGav9UlXq9LBypxzLrqYl_7tuXPef.9NOJFz942rJvAeqkuPqmWNU.hBUJpjZTiFYURzL5yS6lf4Z_dggUTlxhAtVH6C.zI8OazeLgvGhhToKIwyQnYc5h61
.90ramenbet.com/ Name: _fbp
Value: fb.1.1732809650318.864302940866803566
90ramenbet.com/ Name: element_visibility_counter
Value: 0
.90ramenbet.com/ Name: _ga
Value: GA1.1.706543647.1732809651
90ramenbet.com/ Name: cbsid
Value: .eJyFkU-SoyAYxe_SJ1DopNpFL4xGghWwdUwUdgE7KkJ6qtr_px9iDjALiqoH33v8eG_fS7zeirRNWr-lOVs5Ii4PU5eE6coAb0joA5b7LgVxR1a5SxBtOcLtOfBbBmPNykzzyOueO1Y_NVZ4IirtSX7siaprkrO99djTsNtm5CnWlfZcabot8wxj1y7NgV6rU9xUSI9CeY1E_SSg75GAT6yMHWGuy1fpO0RhSKG_kvW4Wu-dRNeO50djfUdRfHg21-bXRoJnBtVfOYM0rHcERCYJmcMRs2z-RPLUZUUKkz_4Fwfxwguupc3YGEzjVKfDmrQfY4W86WxoI9C0iOIyfJ_0_rxsM26F3DsDUS9R9JeDd8tzGKpi_n1ycqMXCbO7PXNuAd7jAI_ycRltxuNWUkcaqxfegNupxo9DIx_ZwEu8_YkM04UoCWVILCOZqdITLzJNXm-dpPF6sWyeM8n9JQk2fRXwujBweXWppJOE3coK9k5V1nF1mSz3TMNrw0O523JN9MuKXctKqkugu4293bx-BKTOq8_O5kU9t_d4mQ4MeP1rdm6efFV5-H_3-fHVPWhG-z9dCan1r-4cXdcbzEYZeUogrcUjs5oHhZlHVmR3qw23JyfijThRfU8_P9_-AU336iM.GiolNA.KBQPmXvgwiyenWyPIw_UNvjyjeE
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.90ramenbet.com/ Name: _hjSessionUser_3905265
Value: eyJpZCI6ImIyNzFkY2U5LWI2NTEtNTJmZS05YmQ0LTU3N2I5Yjg1Mzg5YiIsImNyZWF0ZWQiOjE3MzI4MDk2NTI0OTgsImV4aXN0aW5nIjp0cnVlfQ==
.90ramenbet.com/ Name: _hjSession_3905265
Value: eyJpZCI6Ijk5NThiNzg2LTYzYzItNDZmNi04MTVmLWVlMTJmNGIxYWM1MSIsImMiOjE3MzI4MDk2NTI1MDQsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
90ramenbet.com/ Name: LaVisitorNew
Value: Y
.90ramenbet.com/ Name: LaVisitorId_c2FsZXNjcy5jb20v
Value: flrjhus7jg6nha97mjs9pn7fhp10l
90ramenbet.com/ Name: LaSID
Value: l76mc7t5e9jzjb9x7lpfx8wnjilsi
90ramenbet.com/ Name: LaUserDetails
Value: %7B%22t_project%22%3A%22ramenbet.com%22%7D
90ramenbet.com/ Name: sign_up_session
Value: false
.90ramenbet.com/ Name: _ga_M46WT768F8
Value: GS1.1.1732809651.1.0.1732809656.55.0.970764459

1 Console Messages

Source Level URL
Text
network error URL: https://top.call2me.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

89ramenbet.com
90ramenbet.com
91ramenbet.com
analytics.google.com
cdnjs.cloudflare.com
connect.facebook.net
ragemods.ru
ramen.cdn-pomadorro.com
ramenbet.com
salescs.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
telegram.org
top.call2me.xyz
track.cpalink.co
vc.hotjar.io
www.facebook.com
www.google.ca
www.googletagmanager.com
89ramenbet.com
91ramenbet.com
ramenbet.com
104.17.24.14
104.21.34.174
13.33.252.108
142.251.111.155
142.251.179.101
142.251.179.94
149.154.167.99
157.240.241.35
172.253.63.154
18.164.96.46
3.168.122.75
3.75.35.9
34.147.10.206
45.133.44.5
46.148.232.104
57.144.180.128
64.233.180.97
89.47.57.161
0ae6cc13ffab0dfdd1af53a4da3bbfaed0cc4a37f28cd902a5cb974df69850dc
0e109043d68da11461e3718751a02805c842c50f63833d87082c9eafed836b5d
159b0171b017d6bd9d0a027f013908f02ec49c9d24b1d3c70ad6d461b6ca695f
1b7bf3d091cf6810e4ed01ce6ee12dcacd0740592e6a358ad06d2780dc04d87b
2221edb5ea90abdccd15e470d35602891f36205656134c89d3bdfa8ee2f1b93d
276f8deed1f1e14f09f1a2d2da05a648b88c99a5d39fc6bd303a5cd771ae29b0
2842ef466b3b11160930c64e0a217d0747d467c14533fd6123c923305ed0afaa
2a8d21799decd0911d5de65d4567e4ecff73ee6b2b23cdfbeea175d352e81160
2defc2379742e186afa2a087b34a7a7eed4d707e9e205155b37584a1183ec2c5
32454375eb51f254b0d3fc14a2a0062892a7549effa743056e7720dac6fcf507
3a6db94f673819d291756d113f8620cfc8587078d898ffdf0b103bf58ab8f28b
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
3b51013db77d669b6a4a5098381cc09e2b15c8970d4e53e104f01194e7389967
3c3725e25303677cd265f8278f6ae23271b96f43dac345e71d3255ac302d1721
3d1cfa911581c37c54fe529b75d516d9dfa4389c66c5b32b81609d8866afb5e1
3fe3646f61e6c6229bf1cc84d0117b3c3189521afe3d61a9c1ed5e3ffc0e390c
428af96e297a081e66d43c535573716eb289ea4d33c9c7df13bb6267f32f583e
446bdd3f51016cad41c8a0e4e97528b71e4669c17658affeda8b9b9e088778a9
47c7d0c83fc6365e3efdb901c4f187158f622a07e953b133207ea3ae3a602f12
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
59eda655b2af9936e87548893472328efa781a853b01f4aa8aa2352ec330f05e
6292dfec5c8892273ddd3b5b53800eb139b242649e30a6d6032f4b735f7cbf29
6318016335aa31b0081fbb05f1f3973ebe6d70aab2937b7f2382f534d9767f5e
6a254a1b0e267cf16057f30fceb582792fd0adf35c515bc9e5503b5bb525f688
6c036711258f9f658c2898f138c08e2f2a7de24a7aaa1b5eb5729aff2d209593
6eb823eece8930371c7ee7c7061e5f2e4bd692ec9c5bbff8cc031b2fe9fd2329
7079f8047d399633a5f94f1ccc7094180720e2173c87a9d1551a583834ae7205
7a79c3980ffdeee14b36308c0f9e55525f791c1ceaa217848cb906f9c187c6d4
7fe4c98b4b3176746f251f200bc20cb98553035b4aa0b86a28873aca50fe7032
889b7b5115755872fb1f8b80fe904d30d6c80691ef70c7f34aa023283544512c
8c1c7bf7663a757636a8a98fefd4f3731cb355d8d30913342cfcd466f5bb8846
8da51baf64e7cd8088c8158a8efa85ddbe2cd3fb5451b327e3b8378459ab8b0b
90a03dc58805a1de97a24bb7c058d63aa3b06f4548681fa87d2abcd6bb30efea
997108c47ea64ed5a535ed72dfa93f1d36066880acdd733c58bec89fff347ddd
9b71baba57a2e71b44efcaa1a02d61f61456a57606e1096812221849b198e6dd
9e5bb880d006da06b0b0699fa7eae4fa3df57ddf80856eb303d4ec665ac45c29
9ed4ffbe6dc36cd327890cf5d347b4a7ef8321fb7bf4d1661ea0cb07cb37cb7c
a2d3125bb86e675f73f356de5a74a9815a7566d10b3eb4b6a3c072491cd8df0f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab8e96036ccc8c12932749fb66f59be5ecbeef736ae549a7212437b28f7dc8be
afaf7b7791edbf60d78eec281da058fd7cf86abf2ac12b266972654a29d2a721
b389bd6b51ca4892495eabec6452b6b6f552adb674e49724f56998515434a372
b7705288906355a82a588e06b76bbee2d972da61b05057fd8b4649ec0378a4d8
bae54b7b301603b0843e73e7cdf263870e8e65163ac4288bf06cfd430537c1d5
c09ee4c789968bff0584105c3d389e0be8ce76c634fa10ca3332144043e08202
c3add8d380e59eee5e5387a495f8b8dcbe1bb9be4acd91def77b2e0d0705e521
cc6e23a83f3ae63095f1a0c6c5576517cc21ff18f6ce670e7a0a8ac5b818445e
cd5ec7c03cc0267860cc9d3517d9f36ba1e7d7b7befc1df8684f2c9174181c07
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d78690e84f33bef698d98531abf36799b082c49d3314d8e8b384b60c947de73e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80b0dd7cc34bb3438a77d16a32ae8ef362bd57b5ef088b9813587ac89afaf04
e9e372d2c2f0950d0fbeef292c6c78af46dd4481440f05c4026ad9166b2516d1
ecf29e83528db53c538f89f8b30ba850fd31fe358e376de07439971faa63c077
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9bf7511fdb1cd4c863ed08c43255dd87e4fdb01e887f018325e2e45d2238231
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad