urlscan.io logo urlscan.io
SecurityTrails logo

ramp.plus Open in urlscan Pro
52.22.233.219  Public Scan

Go To Rescan Add Verdict Report
URL: https://ramp.plus/
Submission: On September 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 19 HTTP transactions. The main IP is 52.22.233.219, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is ramp.plus.
TLS certificate: Issued by Amazon on July 9th 2019. Valid for: a year.
This is the only time ramp.plus was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 52.22.233.219 14618 (AMAZON-AES)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 23.111.9.35 33438 (HIGHWINDS2)
1 99.86.0.85 16509 (AMAZON-02)
1 52.27.125.121 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:b... 15169 (GOOGLE)
1 13.32.216.214 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 107.178.240.159 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.216.107.134 16509 (AMAZON-02)
1 35.175.2.154 14618 (AMAZON-AES)
19 13
3    52.22.233.219 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-233-219.compute-1.amazonaws.com
ramp.plus
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
stackpath.bootstrapcdn.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
1    99.86.0.85 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-0-85.fra6.r.cloudfront.net
cdn.segment.com
1    52.27.125.121 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-27-125-121.us-west-2.compute.amazonaws.com
api.segment.io
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2600:1901:0:bc29:: (United States)

ASN15169 (GOOGLE - Google LLC, US)
cdn.mxpnl.com
1    13.32.216.214 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-216-214.fra56.r.cloudfront.net
scripts.kissmetrics.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    107.178.240.159 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 159.240.178.107.bc.googleusercontent.com
api.mixpanel.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    52.216.107.134 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    35.175.2.154 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-175-2-154.compute-1.amazonaws.com
trk.kissmetrics.com
Domain Requested by
3 api.mixpanel.com cdn.mxpnl.com
3 ramp.plus ramp.plus
2 fonts.gstatic.com ramp.plus
2 www.google-analytics.com cdn.segment.com
ramp.plus
1 trk.kissmetrics.com scripts.kissmetrics.com
1 s3.amazonaws.com ramp.plus
1 fonts.googleapis.com ramp.plus
1 scripts.kissmetrics.com cdn.segment.com
1 cdn.mxpnl.com cdn.segment.com
1 api.segment.io cdn.segment.com
1 cdn.segment.com ramp.plus
1 use.fontawesome.com ramp.plus
1 stackpath.bootstrapcdn.com ramp.plus
19 13

This site contains links to these domains. Also see Links.

Domain
etr.plus
Subject Issuer Validity Valid
etr.plus
Amazon		 2019-07-09 -
2020-08-09		 a year crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2018-09-17 -
2019-11-21		 a year crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2019-06-24 -
2020-07-01		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018		 2019-07-29 -
2021-07-28		 2 years crt.sh
*.kissmetrics.com
RapidSSL RSA CA 2018		 2019-06-25 -
2020-06-24		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.mixpanel.com
RapidSSL RSA CA 2018		 2018-01-11 -
2020-05-01		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2018-12-03 -
2019-10-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ramp.plus/
Frame ID: 3567F62A6F5B84E13F8BE29753E8913B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

19
Requests

100 %
HTTPS

38 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

799 kB
Transfer

1287 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ramp.plus/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ramp.plus/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.233.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-233-219.compute-1.amazonaws.com
Software
/ Express
Resource Hash
583a9f5271b7cf2f3efc5ac115ddc76aa7c63d22c4c6427f02b2eab2ba44ce3e

Request headers

:method
GET
:authority
ramp.plus
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Fri, 13 Sep 2019 20:52:07 GMT
content-type
text/html; charset=utf-8
content-length
6320
x-powered-by
Express
etag
W/"18b0-ekVxA+Fb8E0Qvj3X0QuXqzIGhM8"
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Sec-Fetch-Mode
cors
Referer
https://ramp.plus/
Origin
https://ramp.plus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:52:07 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:11 GMT
status
200
etag
"1544639651"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
21050
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Sec-Fetch-Mode
cors
Referer
https://ramp.plus/
Origin
https://ramp.plus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:52:07 GMT
content-encoding
gzip
last-modified
Wed, 20 Jun 2018 20:19:16 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
main.css
ramp.plus/static/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ramp.plus/static/main.css?v=1.0.12
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.233.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-233-219.compute-1.amazonaws.com
Software
/ Express
Resource Hash
3ba252b689cbc3ba48ebf18762ab5ccc6585e459febd7c733ab63d3a53b49775

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:52:07 GMT
last-modified
Tue, 10 Sep 2019 15:58:50 GMT
x-powered-by
Express
etag
W/"2586-16d1be62290"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
content-length
9606
bundle.js
ramp.plus/static/ 		404 KB
405 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ramp.plus/static/bundle.js?v=1.0.12
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.233.219 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-233-219.compute-1.amazonaws.com
Software
/ Express
Resource Hash
3a79d5c6b01ea490beefadc62f6dc42444d59c8f57fa3fb9834564fbe8a8fcaf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:52:07 GMT
last-modified
Tue, 10 Sep 2019 15:58:50 GMT
x-powered-by
Express
etag
W/"64f98-16d1be62290"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
content-length
413592
analytics.min.js
cdn.segment.com/analytics.js/v1/kYzJY2QRyS3vQhtswSwSMM6Ij4SBsmcg/ 		319 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/kYzJY2QRyS3vQhtswSwSMM6Ij4SBsmcg/analytics.min.js
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.0.85 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-0-85.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8919f64bf8716d2a500711e6eabea730a737c35fec9e872a7d4c85ea299c27c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:34:00 GMT
content-encoding
gzip
age
275
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
67772
access-control-allow-origin
*
last-modified
Fri, 13 Sep 2019 17:22:01 GMT
server
AmazonS3
etag
"eeb97d86ab0348705e31bd60d2a2135c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
hu.L8.dpvV.tB0APIECHh5dt9VeC21XD
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
x-amz-cf-id
CZlTy3sAj5sX_Sfk9YiTHiezhFHgbdGnjC79mUcoCNKjU-l2mFU3vg==
p
api.segment.io/v1/ 		21 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/kYzJY2QRyS3vQhtswSwSMM6Ij4SBsmcg/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.125.121 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-27-125-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Sec-Fetch-Mode
cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Fri, 13 Sep 2019 20:52:07 GMT
access-control-allow-origin
https://ramp.plus
content-length
21
vary
Origin
content-type
application/json
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/kYzJY2QRyS3vQhtswSwSMM6Ij4SBsmcg/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
514
date
Fri, 13 Sep 2019 20:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 13 Sep 2019 22:43:33 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/kYzJY2QRyS3vQhtswSwSMM6Ij4SBsmcg/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:bc29:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b8c868fdd2f11d86739846d3728b57765e0523bce5494996237f2a1f0acde071

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:44:42 GMT
content-encoding
gzip
age
445
x-guploader-uploadid
AEnB2Uov13oaSp9H0VxhdPbzW7Ve3ShhvLQ-CJD_-6agKZh3RxNmK6mqRk7WdBlBRJ6JD1F9wIQ9cdyJ8OGq8j1oXV6_UGx4zw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
23725
last-modified
Thu, 22 Aug 2019 14:24:31 GMT
server
UploadServer
etag
"c9bbc71e4c51349554a79efa9ca9e0c3"
vary
Accept-Encoding
x-goog-hash
crc32c=lUpILg==, md5=ybvHHkxRNJVUp576nKngww==
content-language
en
access-control-allow-origin
*
x-goog-generation
1566483871866728
cache-control
public,max-age=600
x-goog-stored-content-length
23725
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Sep 2019 20:54:42 GMT
c016d2373fc3d2e14df5a4f649460966fb8530ce.2.js
scripts.kissmetrics.com/ 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.kissmetrics.com/c016d2373fc3d2e14df5a4f649460966fb8530ce.2.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/kYzJY2QRyS3vQhtswSwSMM6Ij4SBsmcg/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.216.214 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-216-214.fra56.r.cloudfront.net
Software
nginx/1.6.2 /
Resource Hash
5836fb7864f8ad9d525ad22f3ea2e52321b57cfcbef82fd68a8dfc12a1d64c54

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 20:52:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Nov 2018 15:55:08 GMT
Server
nginx/1.6.2
X-Amz-Cf-Pop
FRA56
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
P3P
CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
Via
1.1 d942ee6a387b745954972448a42def1c.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript; charset=utf-8
X-Amz-Cf-Id
v3sP3eUMCliBcMAWrYs6KiVbfW6_C3_zRcdmsv61689OPUUrQzc1UQ==
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1822616992&t=pageview&_s=1&dl=https%3A%2F%2Framp.plus%2F&dp=%2F&ul=en-us&de=UTF-8&dt=RAMP%20%7C%20Sign-up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEAB~&jid=681527044&gjid=259134615&cid=2008825943.1568407927&tid=UA-106864795-4&_gid=1263959375.1568407927&_r=1&z=108565163
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Sep 2019 20:52:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		2 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,600,700,80
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ac0cb93e0a221b4ff3693a9c64276aa39da81cd888ab8e26ccb4fe0ac06cacb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 13 Sep 2019 20:52:07 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 13 Sep 2019 20:52:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 13 Sep 2019 20:52:07 GMT
/
api.mixpanel.com/decide/ 		65 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=d4f63374402b15f4e1b611cec9cec7db&ip=1&_=1568407927377
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Sec-Fetch-Mode
cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:52:07 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://ramp.plus
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api.mixpanel.com/track/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9yYW1wLnBsdXMvIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDc0LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAiU2VnbWVudDogd2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjkuMSIsInRpbWUiOiAxNTY4NDA3OTI3LjM4LCJkaXN0aW5jdF9pZCI6ICIxNmQyYzY1YmE0Zjc3NS0wNjUzOWUyNTVjNmM1Mi0zNzY0N2UwMy0xZDRjMDAtMTZkMmM2NWJhNTA5ZWQiLCIkZGV2aWNlX2lkIjogIjE2ZDJjNjViYTRmNzc1LTA2NTM5ZTI1NWM2YzUyLTM3NjQ3ZTAzLTFkNGMwMC0xNmQyYzY1YmE1MDllZCIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogImh0dHBzOi8vcmFtcC5wbHVzLyIsIm1wX2Jyb3dzZXIiOiAiQ2hyb21lIiwibXBfcGxhdGZvcm0iOiAiTWFjIE9TIFgiLCJ0b2tlbiI6ICJkNGY2MzM3NDQwMmIxNWY0ZTFiNjExY2VjOWNlYzdkYiJ9fQ%3D%3D&ip=1&_=1568407927381
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Sec-Fetch-Mode
cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:52:07 GMT
via
1.1 google
status
200
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
1
x-trace-id
000000000000000044ea2ae0420c8768
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://ramp.plus
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
/
api.mixpanel.com/track/ 		1 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJMb2FkZWQgYSBQYWdlIiwicHJvcGVydGllcyI6IHsiJG9zIjogIk1hYyBPUyBYIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJGN1cnJlbnRfdXJsIjogImh0dHBzOi8vcmFtcC5wbHVzLyIsIiRicm93c2VyX3ZlcnNpb24iOiA3NCwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIlNlZ21lbnQ6IHdlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjI5LjEiLCJ0aW1lIjogMTU2ODQwNzkyNy4zODIsImRpc3RpbmN0X2lkIjogIjE2ZDJjNjViYTRmNzc1LTA2NTM5ZTI1NWM2YzUyLTM3NjQ3ZTAzLTFkNGMwMC0xNmQyYzY1YmE1MDllZCIsIiRkZXZpY2VfaWQiOiAiMTZkMmM2NWJhNGY3NzUtMDY1MzllMjU1YzZjNTItMzc2NDdlMDMtMWQ0YzAwLTE2ZDJjNjViYTUwOWVkIiwiJGluaXRpYWxfcmVmZXJyZXIiOiAiJGRpcmVjdCIsIiRpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiAiJGRpcmVjdCIsInBhdGgiOiAiLyIsInJlZmVycmVyIjogIiIsInNlYXJjaCI6ICIiLCJ0aXRsZSI6ICJSQU1QIHwgU2lnbi11cCIsInVybCI6ICJodHRwczovL3JhbXAucGx1cy8iLCJ0b2tlbiI6ICJkNGY2MzM3NDQwMmIxNWY0ZTFiNjExY2VjOWNlYzdkYiJ9fQ%3D%3D&ip=1&_=1568407927383
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Sec-Fetch-Mode
cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Sep 2019 20:52:07 GMT
via
1.1 google
status
200
x-envoy-upstream-service-time
17
alt-svc
clear
content-length
1
x-trace-id
00000000000000001e91bd6d88abdf24
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://ramp.plus
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Raleway:400,600,700,80
Origin
https://ramp.plus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 12:26:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:42 GMT
server
sffe
age
1239959
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
13228
x-xss-protection
0
expires
Sat, 29 Aug 2020 12:26:08 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Raleway:400,600,700,80
Origin
https://ramp.plus
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 18:08:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:04 GMT
server
sffe
age
873812
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
13428
x-xss-protection
0
expires
Wed, 02 Sep 2020 18:08:35 GMT
phone.png
s3.amazonaws.com/dev-ramp/web/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/dev-ramp/web/phone.png
Requested by
Host: ramp.plus
URL: https://ramp.plus/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.107.134 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0fa75d60f9a4084a6894c232d1fb85a98fc5adc25c4752d5f069989e3c18cc1d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/static/main.css?v=1.0.12
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Sep 2019 20:52:08 GMT
Last-Modified
Tue, 27 Nov 2018 19:05:24 GMT
Server
AmazonS3
x-amz-request-id
6A2B45ADC5AD5F98
ETag
"c27a15d0468ee3d22c435abef815347e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
203243
x-amz-id-2
I6cR02fcwUg+CvFcJShutNXG3xxL2oSr3l4uzwvlfpeWSpTAcHDgvah5sefSPX58VS/ZiW5flMQ=
e
trk.kissmetrics.com/ 		43 B
376 B 		Other
General
Check archive.org
Download Go to
Full URL
https://trk.kissmetrics.com/e
Requested by
Host: scripts.kissmetrics.com
URL: https://scripts.kissmetrics.com/c016d2373fc3d2e14df5a4f649460966fb8530ce.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.2.154 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-175-2-154.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ramp.plus/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 13 Sep 2019 20:52:07 GMT
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Fri, 13 Sep 2019 20:52:06 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| analytics string| GoogleAnalyticsObject function| ga object| mixpanel object| _kmq function| normalize object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __APOLLO_STATE__ string| KM_KEY number| KM_INCLUDE_HOSTNAME number| KM_SKIP_PAGE_VIEW number| KM_HANDLE_PRERENDER object| KM function| KMQ undefined| KMCTT_SOURCE string| KMCTT_ORIGIN function| _kmil string| KM_COOKIE_DOMAIN object| __APOLLO_CLIENT__

11 Cookies

Domain/Path Name / Value
.ramp.plus/ Name: km_vs
Value: 1
.ramp.plus/ Name: mp_d4f63374402b15f4e1b611cec9cec7db_mixpanel
Value: %7B%22distinct_id%22%3A%20%2216d2c65ba4f775-06539e255c6c52-37647e03-1d4c00-16d2c65ba509ed%22%2C%22%24device_id%22%3A%20%2216d2c65ba4f775-06539e255c6c52-37647e03-1d4c00-16d2c65ba509ed%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.ramp.plus/ Name: km_lv
Value: 1568407928
.ramp.plus/ Name: _gat
Value: 1
.ramp.plus/ Name: _ga
Value: GA1.2.2008825943.1568407927
.ramp.plus/ Name: _gid
Value: GA1.2.1263959375.1568407927
.ramp.plus/ Name: ajs_anonymous_id
Value: %228b832fae-8ef2-470a-97ec-a69a54ac2e76%22
.ramp.plus/ Name: km_ai
Value: 8NQSd%2FlIxLpMstHTIKRXQXIiLDk%3D
.ramp.plus/ Name: kvcd
Value: 1568407927545
.ramp.plus/ Name: ajs_group_id
Value: null
.ramp.plus/ Name: ajs_user_id
Value: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mixpanel.com
api.segment.io
cdn.mxpnl.com
cdn.segment.com
fonts.googleapis.com
fonts.gstatic.com
ramp.plus
s3.amazonaws.com
scripts.kissmetrics.com
stackpath.bootstrapcdn.com
trk.kissmetrics.com
use.fontawesome.com
www.google-analytics.com
107.178.240.159
13.32.216.214
2001:4de0:ac19::1:b:3a
23.111.9.35
2600:1901:0:bc29::
2a00:1450:4001:819::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
35.175.2.154
52.216.107.134
52.22.233.219
52.27.125.121
99.86.0.85
0fa75d60f9a4084a6894c232d1fb85a98fc5adc25c4752d5f069989e3c18cc1d
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
3a79d5c6b01ea490beefadc62f6dc42444d59c8f57fa3fb9834564fbe8a8fcaf
3ba252b689cbc3ba48ebf18762ab5ccc6585e459febd7c733ab63d3a53b49775
5836fb7864f8ad9d525ad22f3ea2e52321b57cfcbef82fd68a8dfc12a1d64c54
583a9f5271b7cf2f3efc5ac115ddc76aa7c63d22c4c6427f02b2eab2ba44ce3e
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
ac0cb93e0a221b4ff3693a9c64276aa39da81cd888ab8e26ccb4fe0ac06cacb9
b8c868fdd2f11d86739846d3728b57765e0523bce5494996237f2a1f0acde071
c8919f64bf8716d2a500711e6eabea730a737c35fec9e872a7d4c85ea299c27c
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a