register.salty-ball.com
Open in
urlscan Pro
2606:4700:3035::6815:5e9b
Public Scan
Submitted URL: https://0.0265331.com/click?pid=6&offer_id=431&ref_id=cb615970302e325ecc62cZFvErs2PC2O_ff0a38f8_3f0e4cf5&sub1=ff0a38f8...
Effective URL: https://register.salty-ball.com/wilbs/en/?aid=v4NbzZz1d5TNyVqg4&var4=agn_343&hobj=eyJoc2lkIjogIjMzOWU4MGY5NzBmNTc2ZjA3YTMzYWNkYz...
Submission: On April 24 via manual from GB
Effective URL: https://register.salty-ball.com/wilbs/en/?aid=v4NbzZz1d5TNyVqg4&var4=agn_343&hobj=eyJoc2lkIjogIjMzOWU4MGY5NzBmNTc2ZjA3YTMzYWNkYz...
Submission: On April 24 via manual from GB
Summary
This website contacted 9 IPs
in 3 countries
across 8 domains to perform 14 HTTP transactions.
The main IP is 2606:4700:3035::6815:5e9b, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is register.salty-ball.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 9th 2021. Valid for: a year.
This is the only time register.salty-ball.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 9th 2021. Valid for: a year.
This is the only time register.salty-ball.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 2606:4700:303... 2606:4700:3036::ac43:a73e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 139.45.197.237 139.45.197.237 | 9002 (RETN-AS) (RETN-AS) | |
| 1 1 | 35.157.74.22 35.157.74.22 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 2 | 2606:4700:303... 2606:4700:3035::6815:5e9b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
| 7 | 2606:4700:303... 2606:4700:3032::ac43:89ca | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 139.45.196.202 139.45.196.202 | 9002 (RETN-AS) (RETN-AS) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a03:2880:f03... 2a03:2880:f03d:1c:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 14 | 9 |
1
35.157.74.22
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-74-22.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-74-22.eu-central-1.compute.amazonaws.com
| router.solarsofas.com |
2
2606:4700:3035::6815:5e9b
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| router.salty-ball.com | |
| register.salty-ball.com |
7
2606:4700:3032::ac43:89ca
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| register.salty-ball.com | |
| api.salty-ball.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
salty-ball.com
1 redirects
router.salty-ball.com register.salty-ball.com api.salty-ball.com |
393 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
32 KB |
| 1 |
facebook.net
connect.facebook.net |
24 KB |
| 1 |
beevakum.net
beevakum.net |
28 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
793 B |
| 1 |
solarsofas.com
1 redirects
router.solarsofas.com |
497 B |
| 1 |
pardedatl.com
1 redirects
pardedatl.com |
833 B |
| 1 |
0265331.com
0.0265331.com |
871 B |
| 14 | 8 |
| Domain | Requested by | |
|---|---|---|
| 7 | register.salty-ball.com |
register.salty-ball.com
|
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | api.salty-ball.com |
register.salty-ball.com
|
| 1 | connect.facebook.net |
register.salty-ball.com
|
| 1 | beevakum.net |
register.salty-ball.com
|
| 1 | fonts.googleapis.com |
register.salty-ball.com
|
| 1 | router.salty-ball.com | 1 redirects |
| 1 | router.solarsofas.com | 1 redirects |
| 1 | pardedatl.com | 1 redirects |
| 1 | 0.0265331.com | |
| 14 | 10 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| salty-ball.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-09-27 - 2021-09-27 |
a year | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
| beevakum.net R3 |
2021-02-06 - 2021-05-07 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-04-06 - 2021-07-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://register.salty-ball.com/wilbs/en/?aid=v4NbzZz1d5TNyVqg4&var4=agn_343&hobj=eyJoc2lkIjogIjMzOWU4MGY5NzBmNTc2ZjA3YTMzYWNkYzc3ZGVmYjkxNWNjZTk0MjAxZGUyYTU5YzhjMGI0ZDViNWFkMzM3MTgiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAic2FsdHktYmFsbC5jb20iLCAic3ViX2lkIjogIjM3MzA1MzUiLCAiZmJfaWQiOiAie3Zhcl8zfSIsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIiwgImtfYWN0aXZlIjogZmFsc2UsICJ0bV9hY3RpdmUiOiBmYWxzZX0=
Frame ID: 7A1D3465A3F4D14E359F426328CCB923
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://0.0265331.com/click?pid=6&offer_id=431&ref_id=cb615970302e325ecc62cZFvErs2PC2O_ff0a38f8_3f... Page URL
-
https://pardedatl.com/link?z=3730535&var=ff0a38f8&ymid=6083e12cf1ec7200014de590
HTTP 302
https://router.solarsofas.com/click/k5/v4NbzZz1d5TNyVqg4?click_id=409750202077946037&fb_id={var_3}&sub_id=... HTTP 303
https://router.salty-ball.com/?lp=wilbs&skin=1&sidng=nokA7MPok4KmgN65bX7nRlYose&aid=v4NbzZz1d5TNyVqg4&PCTX... HTTP 302
https://register.salty-ball.com/wilbs/en/?aid=v4NbzZz1d5TNyVqg4&var4=agn_343&hobj=eyJoc2lkIjogIjMzOWU4MGY5Nz... Page URL
Detected technologies
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^cloudflare$/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://salty-ball.com/terms?lang=en
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: https://salty-ball.com/privacy-policy?lang=en
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: https://salty-ball.com/support?lang=en
Title: Support
Title: Support
Search URL Search Domain Scan URL
URL: https://salty-ball.com/cookies-policy?lang=en
Title: click here.
Title: click here.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://0.0265331.com/click?pid=6&offer_id=431&ref_id=cb615970302e325ecc62cZFvErs2PC2O_ff0a38f8_3f0e4cf5&sub1=ff0a38f8&keyword=Mindf*ck&sub8=Mindf*ck&m=Mindf*ck Page URL
-
https://pardedatl.com/link?z=3730535&var=ff0a38f8&ymid=6083e12cf1ec7200014de590
HTTP 302
https://router.solarsofas.com/click/k5/v4NbzZz1d5TNyVqg4?click_id=409750202077946037&fb_id={var_3}&sub_id=3730535&var3=ff0a38f8 HTTP 303
https://router.salty-ball.com/?lp=wilbs&skin=1&sidng=nokA7MPok4KmgN65bX7nRlYose&aid=v4NbzZz1d5TNyVqg4&PCTX=409750202077946037&var3=3730535&var4=agn_343&click_id=409750202077946037&fb_id=%7Bvar_3%7D&sub_id=3730535&var3=ff0a38f8 HTTP 302
https://register.salty-ball.com/wilbs/en/?aid=v4NbzZz1d5TNyVqg4&var4=agn_343&hobj=eyJoc2lkIjogIjMzOWU4MGY5NzBmNTc2ZjA3YTMzYWNkYzc3ZGVmYjkxNWNjZTk0MjAxZGUyYTU5YzhjMGI0ZDViNWFkMzM3MTgiLCAiX19sb2NhdGlvbmNvZGUiOiAiREUiLCAicHJpY2luZyI6IHsibmFtZSI6ICJldTQ5IiwgInByaWNlIjogIjQ5Ljk5IiwgImN1cnJlbmN5IjogIkVVUiIsICJ0cmlhbCI6IHRydWUsICJwZXJpb2QiOiAzMCwgImJpbGxpbmdfcGVyaW9kIjogMSwgImJpbGxpbmdfc3RlcCI6ICJtb250aCIsICJ0cmlhbF9zdGVwIjogImRheSIsICJ0cmlhbF9wZXJpb2QiOiA3LCAiZGlzcGxheV9wcmljZSI6ICI0OS45OSBcdTIwYWMiLCAiZGlzcGxheV92X3ByaWNlIjogIjEgXHUyMGFjIiwgInZfcHJpY2UiOiAiMSJ9LCAic2tpbiI6IHRydWUsICJwYXltZW50X3R5cGUiOiAiY2FyZCIsICJkb21haW4iOiAic2FsdHktYmFsbC5jb20iLCAic3ViX2lkIjogIjM3MzA1MzUiLCAiZmJfaWQiOiAie3Zhcl8zfSIsICJhY3Rpb24iOiAicmVnaXN0cmF0aW9uIiwgImtfYWN0aXZlIjogZmFsc2UsICJ0bV9hY3RpdmUiOiBmYWxzZX0= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
click
0.0265331.com/ |
217 B 871 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
register.salty-ball.com/wilbs/en/ Redirect Chain
|
48 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
5 KB 793 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
styles.e10a6d99eb4b38ffdeaf.css
register.salty-ball.com/wilbs/assets/ |
124 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
email-decode.min.js
register.salty-ball.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
runtime.e10a6d99eb4b38ffdeaf.js
register.salty-ball.com/wilbs/assets/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
app.e10a6d99eb4b38ffdeaf.js
register.salty-ball.com/wilbs/assets/ |
608 KB 166 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
styles.e10a6d99eb4b38ffdeaf.js
register.salty-ball.com/wilbs/assets/ |
96 B 672 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
micro.tag.min.js
beevakum.net/pfe/current/ |
77 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
487 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
967 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
dmAXjD.js
register.salty-ball.com/s/534064/ |
363 KB 168 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
92 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info
api.salty-ball.com/ |
840 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| languageOptions object| config object| errorCodes object| notifications object| webpackJsonp function| jQuery function| $ object| Landify function| _ boolean| __MOCKS__ function| fbq function| _fbq object| ntfcSDK object| dftp function| s8KK function| f5GG function| S4XX function| u1nn function| z8002 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| register.salty-ball.com/ | Name: session_id Value: bb76d9335dfe40cdbecea4582dafacfa |
|
| .salty-ball.com/ | Name: __cfduid Value: d5bde6b0f4c9cb82ddd976480233affb91619255596 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.0265331.com
api.salty-ball.com
beevakum.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pardedatl.com
register.salty-ball.com
router.salty-ball.com
router.solarsofas.com
139.45.196.202
139.45.197.237
2606:4700:3032::ac43:89ca
2606:4700:3035::6815:5e9b
2606:4700:3036::ac43:a73e
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:82a::2003
2a03:2880:f03d:1c:face:b00c:0:3
35.157.74.22
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
1859db51849582a23238e20c37d11bdf13e38a4b4843546bc45e4cdfcd332572
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2fa42ca1d32bd387243a6f2f0ed986a1d9f172a8511fa2ca1b0057138e5255e1
3b59465097a590b593ad6c932f738db260687cfca0218601fb0e515acd9ec150
3c1b9bf1cfdc1147cb1ac2acf4387767dd440cdc75eafcffa041f9c78abcdf0b
40ab705b3347cd8471bb3412dc2a897f520c53b0ed6c5cebaf4759d41574ba23
45a18aca0f58c7894fdd7813130e8849cf446810c125fdec8a93baaa1d4f2358
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
621d67442854d9e36af870b5701bdd46dd46bf67ade6be1b1503b8a1ba611fb1
7b876322eefcdf42b4aa31e4572118663fc18be61cb5e4cd7c140fe3c27cd93d
8034ea23e877584b730bab5c90260bf55ad1ed7c87b85b10c3c9cf050b28b2bc
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
9f67e4bd8a8188d6154efde66106e8b2f9b5f7d978a1292844d652ad8fe9b442
b3fb5f6b3218cec027f34fc81f54f066ec4ad174dfcc81cd98697ea0a799585d
beac257125c32039261fdbbb0cfda53f0d52ba15c4a3cf0f98bce58d5c848cc4
c06bf10e0563a3486e3b2f5c1a7e984dc980dcabd97614f05577bbcf3913ccec
d34350fb776d328ec1870d49d0dca894d0852be6eac19690dc66d9a49f527be7
ff01668af81a2f9c402b4c1dc371d6d4d0ee3b161161a8400cb0c8c183d0521e