pt.rametc.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pt.rametc.com/o-que-e-o-arquivo-ntuserdat
Submission: On May 29 via api (May 29th 2023, 10:37:34 pm UTC) from US — Scanned from NL

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 24 domains to perform 57 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is pt.rametc.com.
TLS certificate: Issued by E1 on April 15th 2023. Valid for: 3 months.

This is the only time pt.rametc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	2600:9000:225... 2600:9000:225e:7a00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	188.166.100.156 188.166.100.156	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2010	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	99.86.4.86 99.86.4.86	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1	168.119.25.62 168.119.25.62	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	2a01:4f8:252:... 2a01:4f8:252:561a::2	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:252:... 2a01:4f8:252:564d::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a01:4f8:c0:3... 2a01:4f8:c0:33d8::1	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:128:7:54... 2a02:128:7:5417::2	() ()
57	19

21 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

pt.rametc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rametc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lodder7.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:7a00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.100.156 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2bb827677d.b93b701770.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rametc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-86.fra6.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

site2text-2021.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.62 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.62.25.119.168.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:252:561a::2 (Germany)

ASN24940 (HETZNER-AS, DE)

ntvpwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:252:564d::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

de2f3cbf8f.36c48052b9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:33d8::1 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

rtbrennab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5417::2 (None, )

ASN- ()

tb.baimgfroggd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	rametc.com pt.rametc.com rametc.com	700 KB
6	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 384163	143 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	150 KB
2	36c48052b9.com 1 redirects de2f3cbf8f.36c48052b9.com	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 44500	401 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10747	1 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 35218	212 KB
1	baimgfroggd.site tb.baimgfroggd.site	209 B
1	rtbrennab.com 1 redirects rtbrennab.com — Cisco Umbrella Rank: 52163	373 B
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 77717	18 KB
1	ntvpwpush.com ntvpwpush.com — Cisco Umbrella Rank: 39152	654 B
1	b93b701770.com 2bb827677d.b93b701770.com	207 B
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 16399	1 KB
1	web.app site2text-2021.web.app — Cisco Umbrella Rank: 963505	418 B
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 19894	238 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 54033	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 587	258 B
1	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 61399	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 344	1 KB
1	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 19864	56 KB
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 395	5 KB
1	cstwpush.com cst.cstwpush.com — Cisco Umbrella Rank: 392145	861 B
1	wpu.sh 1 redirects cst.wpu.sh	97 B
1	lodder7.biz lodder7.biz	8 KB
57	24

	Domain	Requested by
24	rametc.com	pt.rametc.com rametc.com
6	cdn.zx-adnet.com	pt.rametc.com cdn.zx-adnet.com
3	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	de2f3cbf8f.36c48052b9.com	1 redirects js.cabnnr.com
2	fp.metricswpsh.com	js.wpadmngr.com
2	counter.yadro.ru	1 redirects pt.rametc.com
2	get.optad360.io	pt.rametc.com get.optad360.io
2	pt.rametc.com	pt.rametc.com
1	tb.baimgfroggd.site	js.cabnnr.com
1	rtbrennab.com	1 redirects
1	js.cabnnr.com	js.wpadmngr.com
1	ntvpwpush.com	js.wpadmngr.com
1	2bb827677d.b93b701770.com	js.wpadmngr.com
1	notification.tubecup.net	js.wpadmngr.com
1	site2text-2021.web.app	storage.googleapis.com
1	js.wpshsdk.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	optad360.mgr.consensu.org	pt.rametc.com
1	cdn.jsdelivr.net	get.optad360.io
1	js.wpadmngr.com	cst.wpu.sh
1	storage.googleapis.com	cdn.zx-adnet.com
1	cst.cstwpush.com	pt.rametc.com
1	cst.wpu.sh	1 redirects
1	lodder7.biz	pt.rametc.com
57	25

This site contains links to these domains. Also see Links.

Domain
no.rametc.com
clickadilla.com

Subject Issuer	Validity	Valid
rametc.com E1	`2023-04-15` - `2023-07-14`	3 months	crt.sh
lodder7.biz E1	`2023-05-16` - `2023-08-14`	3 months	crt.sh
d.hive.properties GTS CA 1D4	`2023-05-08` - `2023-08-06`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
js.wpadmngr.com R3	`2023-05-16` - `2023-08-14`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
optad360.mgr.consensu.org Amazon RSA 2048 M02	`2023-04-23` - `2024-05-21`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
na.nawpush.com R3	`2023-04-03` - `2023-07-02`	3 months	crt.sh
js.wpshsdk.com R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh
web.app GTS CA 1D4	`2023-05-10` - `2023-08-08`	3 months	crt.sh
notification.tubecup.net R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
2bb827677d.b93b701770.com R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh
js.cabnnr.com R3	`2023-04-23` - `2023-07-22`	3 months	crt.sh
36c48052b9.com R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh
tb.baimgfroggd.site R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://pt.rametc.com/o-que-e-o-arquivo-ntuserdat
Frame ID: 00A01327C3FED22FF6F378BAFF7A75EB
Requests: 53 HTTP requests in this frame

Frame: https://ntvpwpush.com/dl/cookies
Frame ID: 7F766E7A97EBB731B2D3FA123E3B8C6A
Requests: 1 HTTP requests in this frame

Frame: https://de2f3cbf8f.36c48052b9.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6Ik8lMkNxdWUlMkMlQzMlQTklMkNvJTJDYXJxdWl2byUyQ05UVVNFUi5EQVQlMkMlMkNGdW4lQzMlQTclQzMlQTNvJTJDTyUyQ2FycXVpdm8lMkNOVFVTRVIuREFUJTJDJUMzJUE5JTJDdW0lMkNhcnF1aXZvJTJDZGUlMkNsb2clMkNDYWRhJTJDYXJxdWl2byUyQ05UVVNFUi5EQVQlMkNkbyUyQ3VzdSVDMyVBMXJpbyUyQ2NvbnQlQzMlQTltJTJDb3MlMkNwYXIlQzMlQTJtZXRyb3MlMkNkZSUyQ2NvbmZpZ3VyYSVDMyVBNyVDMyVBM28lMkNkbyUyQ3JlZ2lzdHJvJTJDcGFyYSUyQ3N1YSUyQ2NvbnRhJTJDaW5kaXZpZHVhbCUyQ08lMkNyZWdpc3RybyUyQ2RvJTJDV2luZG93cyUyQ2NvbW8lMkNpbmRpY2ElMkNhJTJDTWljcm9zb2Z0JTJDJUMzJUE5JTJDdW0lMkMlMjJiYW5jbyUyQ2RlJTJDZGFkb3MlMkNoaWVyJUMzJUExcnF1aWNvJTJDY2VudHJhbCUyMiUyQ3F1ZSUyQ2NvbnQlQzMlQTltJTJDaW5mb3JtYSVDMyVBNyVDMyVCNWVzJTJDc29icmUlMkNvJTJDc29mdHdhcmUlMkNoYXJkd2FyZSUyQ2UlMkNwZXJmaXMlMkNkZSUyQ3VzdSVDMyVBMXJpbyUyQ25vJTJDY29tcHV0YWRvciUyQ08lMkNXaW5kb3dzJTJDZmEsIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiNDcxNjkzOTcyIiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTAyNzksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6Im5sYWJlbC1iIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MCwidjIiOjEsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMDI3OSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9wdC5yYW1ldGMuY29tL28tcXVlLWUtby1hcnF1aXZvLW50dXNlcmRhdCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiIyZWVkMTdlZWM0NDMzZjQ5YzFjM2RiYmY4NWJiOWFlYSIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjg1Mzk5ODUzNTAyfX0=
Frame ID: 5FFCFDC657106B56428FB6D0E8F80900
Requests: 1 HTTP requests in this frame

Frame: https://tb.baimgfroggd.site/in/1784/?user_id=&bid={BIDFLOOR_STEP}&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&utm1=&utm2=&utm3=&utm4=&ts={TIMESTAMP}&tcbbi={TCB_BANNER_IMG}&tcbbc={TCB_BANNER_CLICK}
Frame ID: 830E548BF560E6CEB5B2ACDC2056E459
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

O que é o arquivo NTUSER.DAT?

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

57
Requests

95 %
HTTPS

60 %
IPv6

24
Domains

25
Subdomains

19
IPs

4
Countries

1302 kB
Transfer

3849 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://no.rametc.com/
Title: https://rametc.com

Search URL Search Domain Scan URL

URL: https://clickadilla.com/?ref=NtBAgLsN&utm_source=label_test2&utm_medium=banner
Title: СlickAdilla

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 36

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//pt.rametc.com/o-que-e-o-arquivo-ntuserdat;0.0231007553789917 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//pt.rametc.com/o-que-e-o-arquivo-ntuserdat;0.0231007553789917

Request Chain 55

https://de2f3cbf8f.36c48052b9.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImIiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6Ik8lMkNxdWUlMkMlQzMlQTklMkNvJTJDYXJxdWl2byUyQ05UVVNFUi5EQVQlMkMlMkNGdW4lQzMlQTclQzMlQTNvJTJDTyUyQ2FycXVpdm8lMkNOVFVTRVIuREFUJTJDJUMzJUE5JTJDdW0lMkNhcnF1aXZvJTJDZGUlMkNsb2clMkNDYWRhJTJDYXJxdWl2byUyQ05UVVNFUi5EQVQlMkNkbyUyQ3VzdSVDMyVBMXJpbyUyQ2NvbnQlQzMlQTltJTJDb3MlMkNwYXIlQzMlQTJtZXRyb3MlMkNkZSUyQ2NvbmZpZ3VyYSVDMyVBNyVDMyVBM28lMkNkbyUyQ3JlZ2lzdHJvJTJDcGFyYSUyQ3N1YSUyQ2NvbnRhJTJDaW5kaXZpZHVhbCUyQ08lMkNyZWdpc3RybyUyQ2RvJTJDV2luZG93cyUyQ2NvbW8lMkNpbmRpY2ElMkNhJTJDTWljcm9zb2Z0JTJDJUMzJUE5JTJDdW0lMkMlMjJiYW5jbyUyQ2RlJTJDZGFkb3MlMkNoaWVyJUMzJUExcnF1aWNvJTJDY2VudHJhbCUyMiUyQ3F1ZSUyQ2NvbnQlQzMlQTltJTJDaW5mb3JtYSVDMyVBNyVDMyVCNWVzJTJDc29icmUlMkNvJTJDc29mdHdhcmUlMkNoYXJkd2FyZSUyQ2UlMkNwZXJmaXMlMkNkZSUyQ3VzdSVDMyVBMXJpbyUyQ25vJTJDY29tcHV0YWRvciUyQ08lMkNXaW5kb3dzJTJDZmEsIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiNDcxNjkzOTcyIiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTAyNzksIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6Im5sYWJlbC1iIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozOTcyLCJidHlwZSI6MCwidjIiOjEsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMDI3OSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9wdC5yYW1ldGMuY29tL28tcXVlLWUtby1hcnF1aXZvLW50dXNlcmRhdCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiIyZWVkMTdlZWM0NDMzZjQ5YzFjM2RiYmY4NWJiOWFlYSIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjg1Mzk5ODUzNTAyfX0= HTTP 302
https://rtbrennab.com/banner/in/show/?mid=6893841138744146740&pid=0&site=10279&sc=NL&usage_type=DCH&subid=471693972&sid=0&cid=12028&price=0&is_cpm=1&cpm=0.01&ecpm=0.01&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=pt.rametc.com&hostname=auc-banner-hz-3&site_id=0&spot_id=10279&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&auction_queue=0&pop_winurl=&ip=2a00:1630:2:606::3&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=IAB26-2&min_cpm=0.00000001&placement_type_id=407&skin_test=&verify_hash=&score=173.29044620497785&ml=&tag_ab=b&v2=1&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB26-2&url=%2F%2Ftb.baimgfroggd.site%2Fin%2F1784%2F%3Fuser_id%3D%26bid%3D%7BBIDFLOOR_STEP%7D%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ts%3D%7BTIMESTAMP%7D%26tcbbi%3D%7BTCB_BANNER_IMG%7D%26tcbbc%3D%7BTCB_BANNER_CLICK%7D&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=O%2Cque%2C%C3%A9%2Co%2Carquivo%2CNTUSER.DAT%2C%2CFun%C3%A7%C3%A3o%2CO%2Carquivo%2CNTUSER.DAT%2C%C3%A9%2Cum%2Carquivo%2Cde%2Clog%2CCada%2Carquivo%2CNTUSER.DAT%2Cdo%2Cusu%C3%A1rio%2Ccont%C3%A9m%2Cos%2Cpar%C3%A2metros%2Cde%2Cconfigura%C3%A7%C3%A3o%2Cdo%2Cregistro%2Cpara%2Csua%2Cconta%2Cindividual%2CO%2Cregistro%2Cdo%2CWindows%2Ccomo%2Cindica%2Ca%2CMicrosoft%2C%C3%A9%2Cum%2C%22banco%2Cde%2Cdados%2Chier%C3%A1rquico%2Ccentral%22%2Cque%2Ccont%C3%A9m%2Cinforma%C3%A7%C3%B5es%2Csobre%2Co%2Csoftware%2Chardware%2Ce%2Cperfis%2Cde%2Cusu%C3%A1rio%2Cno%2Ccomputador%2CO%2CWindows%2Cfa,&stratagem=nlabel-b&ssp=3972&refresh=1&priority=0&bb=0.0001 HTTP 302
https://tb.baimgfroggd.site/in/1784/?user_id=&bid={BIDFLOOR_STEP}&katds_labels=4,5,6,7,8,9,46,47,54,55,61,109&utm1=&utm2=&utm3=&utm4=&ts={TIMESTAMP}&tcbbi={TCB_BANNER_IMG}&tcbbc={TCB_BANNER_CLICK}

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request o-que-e-o-arquivo-ntuserdat Show response
pt.rametc.com/ 19 KB
5 KB 157ms
78ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
.lodder7.biz/	1970-01-20 12:53:11	Name: uuid Value: 8cbfc740-c82e-4f81-a98f-a8abd2113c2e
pt.rametc.com/	1970-01-20 12:53:11	Name: _pbjs_userid_consent_data Value: 6683316680106290
.rametc.com/	1970-01-20 20:55:35	Name: _sharedID Value: 41d15eda-2598-48b9-a784-f6800e203a91
.yadro.ru/	1970-01-20 20:55:30	Name: FTID Value: 1aTIaf1989OZ1aTIaf002PSH
.yadro.ru/	1970-01-20 20:55:30	Name: VID Value: 1Gib8b1MuveZ1aTIag002F8D
.rametc.com/	1970-01-20 20:55:35	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTg4NjlhOGMtYzI3ZC02NTJiLTg4MzMtZTk3ODRmYjRmNmMzIiwiY3JlYXRlZCI6IjIwMjMtMDUtMjlUMjI6Mzc6MzAuMDYzWiIsInVwZGF0ZWQiOiIyMDIzLTA1LTI5VDIyOjM3OjMwLjA2M1oiLCJ2ZXJzaW9uIjpudWxsfQ==
ntvpwpush.com/	1970-01-20 12:53:11	Name: fp Value: null
ntvpwpush.com/	1970-01-20 12:53:11	Name: refdomain Value:
ntvpwpush.com/	1970-01-20 12:53:11	Name: mm Value: false
ntvpwpush.com/	1970-01-20 12:53:11	Name: gyr Value: 0
ntvpwpush.com/	1970-01-20 12:53:11	Name: ad_tags Value: O%2Cque%2C%C3%A9%2Co%2Carquivo%2CNTUSER.DAT%2C%2CFun%C3%A7%C3%A3o%2CO%2Carquivo%2CNTUSER.DAT%2C%C3%A9%2Cum%2Carquivo%2Cde%2Clog%2CCada%2Carquivo%2CNTUSER.DAT%2Cdo%2Cusu%C3%A1rio%2Ccont%C3%A9m%2Cos%2Cpar%C3%A2metros%2Cde%2Cconfigura%C3%A7%C3%A3o%2Cdo%2Cregistro%2Cpara%2Csua%2Cconta%2Cindividual%2CO%2Cregistro%2Cdo%2CWindows%2Ccomo%2Cindica%2Ca%2CMicrosoft%2C%C3%A9%2Cum%2C%22banco%2Cde%2Cdados%2Chier%C3%A1rquico%2Ccentral%22%2Cque%2Ccont%C3%A9m%2Cinforma%C3%A7%C3%B5es%2Csobre%2Co%2Csoftware%2Chardware%2Ce%2Cperfis%2Cde%2Cusu%C3%A1rio%2Cno%2Ccomputador%2CO%2CWindows%2Cfa
ntvpwpush.com/	1970-01-20 12:53:11	Name: tag_ab Value: b
ntvpwpush.com/	1970-01-20 12:53:11	Name: timezone Value: 0
ntvpwpush.com/	1970-01-20 12:53:11	Name: utm1 Value:
ntvpwpush.com/	1970-01-20 12:53:11	Name: utm2 Value:
ntvpwpush.com/	1970-01-20 12:53:11	Name: utm4 Value:
ntvpwpush.com/	1970-01-20 12:53:11	Name: accel Value: 0
ntvpwpush.com/	1970-01-20 12:53:11	Name: screen_resolution Value: 1600x1200
fp.metricswpsh.com/	1970-01-20 20:55:35	Name: id Value: 14319075753451468524

pt.rametc.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

60 %IPv6

24 Domains

25 Subdomains

19 IPs

4 Countries

1302 kBTransfer

3849 kBSize

19 Cookies

2 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pt.rametc.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

60 %
IPv6

24
Domains

25
Subdomains

19
IPs

4
Countries

1302 kB
Transfer

3849 kB
Size

19
Cookies

57 HTTP transactions
0 data transactions