urlscan.io logo urlscan.io
SecurityTrails logo

rampscampaign.org Open in urlscan Pro
2606:4700:3037::6815:4fba  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rampscampaign.org/
Effective URL: https://rampscampaign.org/
Submission Tags: @phish_report
Submission: On January 17 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::6815:4fba, located in United States and belongs to CLOUDFLARENET, US. The main domain is rampscampaign.org.
TLS certificate: Issued by GTS CA 1P5 on December 13th 2023. Valid for: 3 months.
This is the only time rampscampaign.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3036::ac43:9319 (United States)

ASN13335 (CLOUDFLARENET, US)
rampscampaign.org
17    2606:4700:3037::6815:4fba (United States)

ASN13335 (CLOUDFLARENET, US)
rampscampaign.org
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ci3.googleusercontent.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
m5.paperblog.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
18 rampscampaign.org
rampscampaign.org
205 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
syndication.twitter.com — Cisco Umbrella Rank: 1527
132 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
87 KB
1 paperblog.com
m5.paperblog.com
2 KB
1 googleusercontent.com
ci3.googleusercontent.com — Cisco Umbrella Rank: 496
1 gstatic.com
www.gstatic.com
19 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
231 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019
7 KB
0 internetdefenseleague.org Failed
members.internetdefenseleague.org Failed
27 9
Domain Requested by
18 rampscampaign.org 1 redirects rampscampaign.org
2 platform.twitter.com rampscampaign.org
platform.twitter.com
2 connect.facebook.net rampscampaign.org
connect.facebook.net
1 syndication.twitter.com platform.twitter.com
1 m5.paperblog.com rampscampaign.org
1 ci3.googleusercontent.com rampscampaign.org
1 www.gstatic.com rampscampaign.org
1 www.google.com 1 redirects
1 maxcdn.bootstrapcdn.com rampscampaign.org
0 members.internetdefenseleague.org Failed rampscampaign.org
27 10

This site contains links to these domains. Also see Links.

Domain
essaypro.com
essayservice.com
writemy.com
Subject Issuer Validity Valid
rampscampaign.org
GTS CA 1P5		 2023-12-13 -
2024-03-12		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-27 -
2024-01-25		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
paperblog.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
syndication.twitter.com
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://rampscampaign.org/
Frame ID: B4FA3CB761A85A117FBF32BB26428223
Requests: 25 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Frampscampaign.org
Frame ID: 6F99A1AAB69DD6DAC8B6421FA13CC121
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RAMPS | Radical Action for Mountains' and People's Survival. A direct action campaign based in Appalachia.

Page URL History Show full URLs

  1. http://rampscampaign.org/ HTTP 301
    https://rampscampaign.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

27
Requests

93 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

451 kB
Transfer

1206 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rampscampaign.org/ HTTP 301
    https://rampscampaign.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rampscampaign.org/
Redirect Chain
  • http://rampscampaign.org/
  • https://rampscampaign.org/
39 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
d96b9a5830f96628ebd5f27542657653070f2d72f77791a11829f931c2ba98d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84709ede8d674c84-HEL
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 17 Jan 2024 18:21:54 GMT
last-modified
Wed, 30 Nov 2022 19:29:10 19NovGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLtKk5%2F%2B9DSSTAY%2Bxt24FDxFWDfKbhnd2Bg2bOcEbVUpqvIUBqtQ2XsvnQOqm0QWF%2BsjPV2clcJG2uiGiDr7hV%2BGdyFO2PKwMthW5K5nn5Crf3Oa%2B6PZqGQM9L4KZm99QNw8Kk0dKGPpt%2Fojmi7tpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
84709eddc9ac56aa-OSL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 17 Jan 2024 18:21:54 GMT
Expires
Wed, 17 Jan 2024 19:21:54 GMT
Location
https://rampscampaign.org/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNLt5brfvg7aqhcwL8t6NZD1MA6Dui2yeo9fwRFdTEhKv7ExvFmKZHdfv0XfoPIOc%2FrrHVmYJ3Mpev3MLGUi78j9jzJHt5%2Bs1GKNQ%2F3khTI6plScYlILS5Y8J49JfSCuEW1hOo61MUSBJW1xaO9kjA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.css
rampscampaign.org/wp-content/themes/ramps/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/themes/ramps/style.css
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e4959172f2fca56af32a0d973890ef4ea0f73e92e82004e2f4893662f52a90d8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:12 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"cfa37854e8716a345a77658b7388dcb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMyhO3Lz3uBlom7e3pFAQk9t5xdWSX4fmHhxrFiuXiFQDknLa%2FzKVkdLu1KcpNERCcb1DAAnWsntYRdAB5lLoGqh2uPnB3eU9ZIW%2B4tQpZLGyN9a77f2j42C5POcU9d52pbL4UT6TV0YWBn2Rkk5dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee13b954c84-HEL
alt-svc
h3=":443"; ma=86400
jquery-1.5.2.min.js
rampscampaign.org/wp-content/themes/ramps/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/themes/ramps/jquery-1.5.2.min.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
92ce48e8e53c066666111b33b6ea67aadfc7fb00f53d362987a06ac168f65a35

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:10 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"d48cf5a5864ed577e9bb30a52ac00537"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoycY0BDiPtYWOkAfXKYJLwejsBNpKUYdJ7e4%2Fnr1Pi0ugAXJxO%2BzR8G8rFd7p7d5%2BPmBa7%2B5idbaru79dqhdIoEsBkwscczVsdYslZBo64DVdf%2F1KmYCko5eNvqIsT0Uh0f8DfzsDlwrYlZ%2BxhFow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee13b9b4c84-HEL
alt-svc
h3=":443"; ma=86400
classic-themes.min.css
rampscampaign.org/wp-includes/css/ 		0
344 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Bd1MG2XqQ7VOBTxvWJV9%2BhydmK5NKpayXJMacmcB1%2F1QhPEUbd9HZE1sc8rq7Xtb2%2B8hPnuXZlCufp61mgkrZ6fdccZFPT7UmCRN1ZVPHoz0NYkp9sJf03mMVfeVeF4jrvT1z5sqL0g5J1EiAUDiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
84709ee13b974c84-HEL
alt-svc
h3=":443"; ma=86400
content-length
0
cff-style.min.css
rampscampaign.org/wp-content/plugins/custom-facebook-feed/assets/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/custom-facebook-feed/assets/css/cff-style.min.css?ver=4.1.5
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:11 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"aeff8a6712739ea5cc1e1dd530cf8962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdM15aOWvHjMeeIZhEHRvGgCnT9foLLFW0J4Ug3I8iLZ04IFJ2TZ%2BdjfA%2FmNSCP%2F%2FxsZfsEGOzSeKrDHTkHtxHmS%2FwB8y6hSyIcLvkKM3y%2F8GOi4HeoLCy9y%2Btd9sdLz9vIH4sOXWIZ0Sf57ZMaPTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee13b984c84-HEL
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=a04f7a4fccb60e0d973ca889556f804a
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
722
cdn-cachedat
10/31/2023 18:48:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
27528b8d906dbfc03ddaba1804e0e870
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
84709ee1ade670f9-HEL
cdn-requestpullsuccess
True
ramps.js
rampscampaign.org/wp-content/themes/ramps/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/themes/ramps/ramps.js?ver=a04f7a4fccb60e0d973ca889556f804a
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyO0AiSYEUeM34EJ6bAEeaKkdfirQpkJstK4COefeQ1WvXpfZiVc3mFX1k3S9h6oQ6F913N7NA0mITAnMVTJe98%2Bi903uii5CA1FPC0w3pMhGHpV7FaW1cVs13npiX6Y8Kidn%2F3%2FFT%2BgKcHDNAqBVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
84709ee13b9c4c84-HEL
alt-svc
h3=":443"; ma=86400
content-length
0
jquery.min.js
rampscampaign.org/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
7ba559f6e5a470027048747b2393615510d56e2a2f06bc32dc3d743a2ed6c86a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:08 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"11668de82f81b46e6cc0dc0b192749d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcTC7DlLD%2BVOJh7pZla5pQQiAdnhlzuVtB%2B6TQgXzd9f57ICHUrZtAH94bTC%2FKEuIT1Eou4JLbVVALDDkQCJYPR%2FaWzkpixpgbrEi6yy0926NWWqHGxv3gChFcFeKcOGd%2BoMNeQKU54s1XR%2Fr5JacA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee13ba74c84-HEL
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
rampscampaign.org/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
a401f117b1f57a3fcbf532459aff51ba2a984c7eefea8e29ab1b1765855a039e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:06 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"5acf9481b96f56099638cb060c6534bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoJi65Tl5dlPKnpNdASN73V5twe96WtThxIgcfzUg1YacI9cnxRAcASrAq2V7VttuH%2BLdyb0DuGAB%2FuOI4RtFvF1KaZWxbqMDmJpu4erSmG5ajiTjOFlMP1L33X%2BTz3gYh17Fz3MCcCTMtjitIvWDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee13baa4c84-HEL
alt-svc
h3=":443"; ma=86400
action_alerts.css
rampscampaign.org/wp-content/plugins/action_alerts/ 		706 B
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/action_alerts/action_alerts.css
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
4c075267eab11d5d01c1e43265bd24097d568c0050c09758188ae91bdec4c52b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:11 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"9a543b97ea4c1850aa65e3c32e16b825"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWC3pmVOiuo4iZxXY2Dk1h59TAYOs8ojnYC1%2F3kyFW3z2K%2BZWY8EHggKXvTDEHkw3BOOUCdBi45FyMqLZk9JleuquH%2BithEe8YhnxQzpNt1oiJPKoxJ1pqnUhYNjQEieZqbTO2ZgT5%2Bi3smqAeiLdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee13ba04c84-HEL
alt-svc
h3=":443"; ma=86400
donation_tracker.css
rampscampaign.org/wp-content/plugins/donation_tracker/ 		963 B
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/donation_tracker/donation_tracker.css
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
5482bd9f2937d4cc8da0690e4472f42ccde58fc2684e43eb84f23dddbe469e65

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:14 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"e93b935cd833fe957eec108e1e9155c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lai1K5LieXOjLNyZGRxQk%2FsT5pBPZa4xp%2Bl22N9iWzJLVXnFOYn%2FOAjqrM%2F88JbxqWGDXeQ8A1DFBVAR%2FU%2BLra0b8FlMMJbfrCAxbV5beG1972FL%2BFXJlRQsXP6NlI0gFoXUGIsqxzvfkOje%2BceXJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee13ba34c84-HEL
alt-svc
h3=":443"; ma=86400
ramps_reg_form.css
rampscampaign.org/wp-content/plugins/ramps_reg_form/ 		2 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/ramps_reg_form/ramps_reg_form.css
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
3a04a94f4211bbc8b4fec3f0a5cd776be7cb1548b96b4fdb9934eeae911a3197

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:06 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"849c787db2bb8c6e945f22621bed6f07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfHLrNgrgR4b9bqX%2BlSuHTf%2F1X5G%2FiYinWtqlaix%2Buem%2FT%2Fh6zAkoa9OfqVuF6tEnj5DOc7V8QPRhTNUOWcjUO0eIPZFOzJlA%2BbIc%2FwKOFuMt%2FWZHbiRrhvCZdbGeGnlmRLJLzPOajNM4K0uiIUlaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee13ba64c84-HEL
alt-svc
h3=":443"; ma=86400
updated%20current%20ramps%20header.jpg
rampscampaign.org/wp-content/themes/ramps/images/headers/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rampscampaign.org/wp-content/themes/ramps/images/headers/updated%20current%20ramps%20header.jpg
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
a66ad4b48d6d79051408e052af684b7fba69e3eb96d4604ef063043a6a2a67f6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/8.0.30
alt-svc
h3=":443"; ma=86400
content-length
78220
last-modified
Sat, 22 Oct 2022 23:21:21 23OctGMT
server
cloudflare
etag
"4592813407c8ce8f8fddbe4cb9d4fd3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIfdQrgkXtkYVPGm%2BP60nkgfpgr%2FGrBm9mMhA7zos%2FWWFaS1ruTxMztn7wkWqfFBiYOP%2FD11nEx%2FVOQY4rmOssko6OEKOYvGaknt4KcrwPYPw2gRdceJIUNfhXCx6iYBoRzruWnI8yBPEZwYdHEPKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
84709ee16bfb4c84-HEL
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 17:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18534
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 17:52:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="gviz"
vary
Accept-Encoding, Origin
report-to
{"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Wed, 17 Jan 2024 18:56:18 GMT

Redirect headers

date
Wed, 17 Jan 2024 18:14:52 GMT
x-content-type-options
nosniff
server
sffe
age
422
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Wed, 17 Jan 2024 18:44:52 GMT
facebook-larry.png
rampscampaign.org/wp-content/themes/ramps/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rampscampaign.org/wp-content/themes/ramps/images/facebook-larry.png
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
4ee1f497542e205bf733f175d02d3ac1a1bcd2aca8aee00ce3a3b95394c84770

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/8.0.30
alt-svc
h3=":443"; ma=86400
content-length
22035
last-modified
Sat, 22 Oct 2022 23:19:06 23OctGMT
server
cloudflare
etag
"8073843b914ffecdcb420446ce08ad3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCciI9G2vrOqWj%2FTcfnoaVSoLE%2FluHvvD1oRtYBAr8uUXdefzCqYyktgcQfy0IHnvnJCSR7Nqk4ZZTm46frSawzxnYMvbPdF8iVyq9oycsTDvbNNxT6xi8jlW8PCjo0%2FLlytU%2BQQCvO1nPgJUP2f5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
84709ee3a999b518-OSL
r9Q6jZywDJBoNm8WdRIfTbeu6943FW3q2mgzBaEHFVL2hdhNXnehx_bn-P5zZetK3GZzpiR0zSp0Aoz9fgsOMq4bsDcOFBcYx85ybmhTQmvRPUpXds2mD9RvJuizl90Fofg0ayx7nubiZQhrr8Tzvy_LxafR9h9ZD4zVFOc=s0-d-e1-ft
ci3.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci3.googleusercontent.com/proxy/r9Q6jZywDJBoNm8WdRIfTbeu6943FW3q2mgzBaEHFVL2hdhNXnehx_bn-P5zZetK3GZzpiR0zSp0Aoz9fgsOMq4bsDcOFBcYx85ybmhTQmvRPUpXds2mD9RvJuizl90Fofg0ayx7nubiZQhrr8Tzvy_LxafR9h9ZD4zVFOc=s0-d-e1-ft
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
email-decode.min.js
rampscampaign.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 17:29:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65983c8b-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwUU1eylnHHacx8Y%2FD8S7xsgsTGzFQa6ogxWgU2oPEj3fsxiNsDcoqENHwsi2%2BXu5t9mL1p27e9ITA7nRljfJd4%2B%2Bc64hmpmhImFPxkdIyJCfacpKPKgbLXSYtvHrThMU8PQ8AV29ZpgEyZg47XFWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84709ee68e72b518-OSL
expires
Fri, 19 Jan 2024 18:21:55 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d515302f668d53bc893921d5dd18bb5f9c47b068bbfa92332101bae82c62417e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 18:21:55 GMT
content-md5
anAzUMs7H2zu4Y0iWOTG9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1690
reporting-endpoints
x-fb-debug
X7C0SrB3FiRHM+1JKoyQ1xO8fLYiQ1BWbnYEmdzaHdWIOCwgQeIw71dOde+OTtNiZbSNpuTX6NzdlWQf9rHWuw==
x-fb-content-md5
b41b410f818be5db0771248b77ede4a6
cross-origin-opener-policy
same-origin-allow-popups
etag
"7a272c9a7d84354ec406c6d2494565c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 17 Jan 2024 18:32:09 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F706) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 18:21:55 GMT
Content-Encoding
gzip
Age
1071
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (ska/F706)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
minilogo.png
m5.paperblog.com/assets/images/logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m5.paperblog.com/assets/images/logos/minilogo.png
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
734ce4c0a360b8fc5126bc81cca3abf0b1e210600f794937e3811264bb75e9ec

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:55 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Feb 2011 15:00:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4809607
etag
W/"4d63cf94-513"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqa%2BZxisoNhXmS7BmSaK7qeSRnxTHHP8S%2F5k2lMUPWKp2dQ8hZc2VJBHMj%2FTBBrA6X4192atfZal%2FqSaUB5kZ7mjhXarVB5L73Ry%2FJrmSMox3NErlZEqCKvuI4c2%2B6exRepiIyF2iBY1tA%2BphG82"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
84709ee72b6156bb-OSL
alt-svc
h3=":443"; ma=86400
expires
Fri, 22 Nov 2024 02:21:34 GMT
cff-scripts.min.js
rampscampaign.org/wp-content/plugins/custom-facebook-feed/assets/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/custom-facebook-feed/assets/js/cff-scripts.min.js?ver=4.1.5
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
31e7ae335f3dd41d2e13749ae82356bdfae3e51d5c6578d55f267ec227a2552f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:11 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"f22be43074663365aa640173648f9505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIy%2FAQbprLKEiTVOnZqFYtgXyUt9PY%2B3Gj%2FUsi%2FyB8FvKJQlnam1iCNXBQXdghWL74NemOiQPTHQj9vOn4YQuMNgXnGZv85biW%2Fp%2BA1pLE7qgeENzvFqS1NzYfmtKiK1nfYYxYCKYZErfAOT5p%2BLsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee68e74b518-OSL
alt-svc
h3=":443"; ma=86400
modal.js
rampscampaign.org/wp-content/plugins/cat-signal/js/ 		305 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-content/plugins/cat-signal/js/modal.js?ver=1.0
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
2df7b6f3c0c1fc063b0a5aaf9ec5d793c5f8d451db0df5be12d3b353369112d3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 22 Oct 2022 23:19:10 23OctGMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
W/"a9dff7178cedcfe7bdcd000c242f69b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5JtM1vN95I73%2B8fEb8KGXWyTjq0iOAYXo5ikcUkudWxEXUZAZNtYHNFIZuBrBwXWXzvuDpSfuoHarhVXqO%2FZIVZhe2RbH%2BVXoxTC5n9q8dXRD0%2BzxpAWzyzQUa3%2FgEaYO89UI4TWSfJ5ffHoUouSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
84709ee68e75b518-OSL
alt-svc
h3=":443"; ma=86400
wp-emoji-release.min.js
rampscampaign.org/wp-includes/js/ 		0
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rampscampaign.org/wp-includes/js/wp-emoji-release.min.js?ver=a04f7a4fccb60e0d973ca889556f804a
Requested by
Host: rampscampaign.org
URL: https://rampscampaign.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rampscampaign.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 18:21:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.30
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBENFtkyMyfuv02FBOe46%2BWe9VELZjtJsDg%2FSIvvxdLfVkfvoXSHhb4p7G16taZ0%2FsAF4HNB1qWQcbPkapWVfg8XPb7Nrl8bESLsJJZ4jlYKhulV5Av8PiQ2AOcZQhI2BG6evr3hs1VjG%2BQYVy6F4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
84709ee68e78b518-OSL
alt-svc
h3=":443"; ma=86400
content-length
0
all.js
connect.facebook.net/en_US/ 		299 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=9c676652a430486e2404f192f429d62c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7bbc47a6c8a0bc9a6b16ac15cd906b7c1f000acacca2c038db523d7272a72191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://rampscampaign.org/
Origin
https://rampscampaign.org
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 18:21:55 GMT
content-md5
EskdZAq69ItdZtE64Q9WWw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86363
reporting-endpoints
x-fb-debug
JOyfjzc1bDdysVQ/kLSNhIr7LUDIi5peug5pijwLGythpTo9WFwvt3A/bSQi8wvkLVX+UF7ZB1NrPeF13t7/6Q==
x-fb-content-md5
8d3e42ae712bac22076b23721702b277
cross-origin-opener-policy
same-origin-allow-popups
etag
"f017f2ad01bec0158894d6a4a5d062db"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 16 Jan 2025 16:12:06 GMT
/
members.internetdefenseleague.org/include/ 		0
0
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 6F99 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Frampscampaign.org
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F70F) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://rampscampaign.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3200422
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Wed, 17 Jan 2024 18:21:56 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (ska/F70F)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
settings
syndication.twitter.com/ Frame 6F99 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=89792c93786d9020ec2d3147e3ad283c0e1d30bf
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Frampscampaign.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
109
date
Wed, 17 Jan 2024 18:21:56 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 17 Jan 2024 18:21:56 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
c3e9527825f71bd3
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
d40b0fdd46e4a7ae19865907378ecd420f32f15127c7566257c9f7d2fb48e984
content-length
337

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
members.internetdefenseleague.org
URL
https://members.internetdefenseleague.org/include/?url=&campaign=&variant=modal

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| _wpemojiSettings object| google object| FB object| __twttrll object| twttr object| __twttr string| cffajaxurl string| cfflinkhashtags object| __buffer boolean| cff_js_exists undefined| cffAddMasonry function| cff_init function| checkConsent function| cffCmplzGetCookie function| addFullFeatures function| afterConsentToggled function| cffGetFeedLocatorDataArray function| locationGuess object| _idl

0 Cookies

4 Console Messages

Source Level URL
Text
security warning URL: https://rampscampaign.org/
Message:
Mixed Content: The page at 'https://rampscampaign.org/' was loaded over HTTPS, but requested an insecure element 'http://m5.paperblog.com/assets/images/logos/minilogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://rampscampaign.org/(Line 528)
Message:
Mixed Content: The page at 'https://rampscampaign.org/' was loaded over HTTPS, but requested an insecure element 'http://m5.paperblog.com/assets/images/logos/minilogo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://ci3.googleusercontent.com/proxy/r9Q6jZywDJBoNm8WdRIfTbeu6943FW3q2mgzBaEHFVL2hdhNXnehx_bn-P5zZetK3GZzpiR0zSp0Aoz9fgsOMq4bsDcOFBcYx85ybmhTQmvRPUpXds2mD9RvJuizl90Fofg0ayx7nubiZQhrr8Tzvy_LxafR9h9ZD4zVFOc=s0-d-e1-ft#https://gallery.mailchimp.com/84d35a0479b3601b2b478406e/images/95b462ca-dd61-4fae-96f4-86903cb37466.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://members.internetdefenseleague.org/include/?url=&campaign=&variant=modal
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ci3.googleusercontent.com
connect.facebook.net
m5.paperblog.com
maxcdn.bootstrapcdn.com
members.internetdefenseleague.org
platform.twitter.com
rampscampaign.org
syndication.twitter.com
www.google.com
www.gstatic.com
members.internetdefenseleague.org
104.244.42.200
2606:2800:234:59:254c:406:2366:268c
2606:4700:3036::ac43:9319
2606:4700:3037::6815:4fba
2606:4700::6812:acf
2a00:1450:4001:80f::2001
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3120::3
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2df7b6f3c0c1fc063b0a5aaf9ec5d793c5f8d451db0df5be12d3b353369112d3
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
31e7ae335f3dd41d2e13749ae82356bdfae3e51d5c6578d55f267ec227a2552f
321412f90dbd945fd109249ded4b28c181d0c525689c6528adc2cde73f1723f0
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
3a04a94f4211bbc8b4fec3f0a5cd776be7cb1548b96b4fdb9934eeae911a3197
4c075267eab11d5d01c1e43265bd24097d568c0050c09758188ae91bdec4c52b
4ee1f497542e205bf733f175d02d3ac1a1bcd2aca8aee00ce3a3b95394c84770
5482bd9f2937d4cc8da0690e4472f42ccde58fc2684e43eb84f23dddbe469e65
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
734ce4c0a360b8fc5126bc81cca3abf0b1e210600f794937e3811264bb75e9ec
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ba559f6e5a470027048747b2393615510d56e2a2f06bc32dc3d743a2ed6c86a
7bbc47a6c8a0bc9a6b16ac15cd906b7c1f000acacca2c038db523d7272a72191
92ce48e8e53c066666111b33b6ea67aadfc7fb00f53d362987a06ac168f65a35
a401f117b1f57a3fcbf532459aff51ba2a984c7eefea8e29ab1b1765855a039e
a66ad4b48d6d79051408e052af684b7fba69e3eb96d4604ef063043a6a2a67f6
d515302f668d53bc893921d5dd18bb5f9c47b068bbfa92332101bae82c62417e
d96b9a5830f96628ebd5f27542657653070f2d72f77791a11829f931c2ba98d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4959172f2fca56af32a0d973890ef4ea0f73e92e82004e2f4893662f52a90d8