Submitted URL: http://vsedlykoles.ru/
Effective URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
Submission: On December 22 via api from BE — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 8 domains to perform 8 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is top.call2me.xyz.
TLS certificate: Issued by WE1 on October 26th 2024. Valid for: 3 months.
This is the only time top.call2me.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 46.148.232.104 49505 (SELECTEL ...)
1 1 34.147.10.206 396982 (GOOGLE-CL...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains
Transfer
2 call2me.xyz
top.call2me.xyz
4 KB
2 vsedlykoles.ru
vsedlykoles.ru
464 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
62 KB
1 cpalink.co
track.cpalink.co
345 B
0 105ramenbet.com Failed
105ramenbet.com Failed
0 104ramenbet.com Failed
104ramenbet.com Failed
0 103ramenbet.com Failed
103ramenbet.com Failed
0 ramenbet.com Failed
ramenbet.com Failed
8 8
Domain Requested by
2 top.call2me.xyz vsedlykoles.ru
2 vsedlykoles.ru 1 redirects
1 cdnjs.cloudflare.com top.call2me.xyz
1 track.cpalink.co 1 redirects
0 105ramenbet.com Failed top.call2me.xyz
0 104ramenbet.com Failed top.call2me.xyz
0 103ramenbet.com Failed top.call2me.xyz
0 ramenbet.com Failed top.call2me.xyz
8 8

This site contains no links.

Subject Issuer Validity Valid
vsedlykoles.ru
R11
2024-11-20 -
2025-02-18
3 months crt.sh
call2me.xyz
WE1
2024-10-26 -
2025-01-24
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
Frame ID: 45A1D89F842FF10EEB6AB21AB7E4848F
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Loading...

Page URL History Show full URLs

  1. http://vsedlykoles.ru/ HTTP 307
    https://vsedlykoles.ru/ Page URL
  2. https://vsedlykoles.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=645 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6768... Page URL

Page Statistics

8
Requests

50 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

4
IPs

3
Countries

66 kB
Transfer

292 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vsedlykoles.ru/ HTTP 307
    https://vsedlykoles.ru/ Page URL
  2. https://vsedlykoles.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=645 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vsedlykoles.ru/ HTTP 307
  • https://vsedlykoles.ru/

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
vsedlykoles.ru/
Redirect Chain
  • http://vsedlykoles.ru/
  • https://vsedlykoles.ru/
280 B
315 B
Document
General
Full URL
https://vsedlykoles.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.148.232.104 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
parking.axelname.ru
Software
axelname /
Resource Hash
31b8e47b76f8f59b89fd79f341eefbcd49863e5a89793c760dfcdddb8f0aa5cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
200
content-type
text/html; charset=UTF-8
date
Sun, 22 Dec 2024 13:56:20 GMT
server
axelname
vary
Accept-Encoding

Redirect headers

Location
https://vsedlykoles.ru/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request registration
top.call2me.xyz/ru/
Redirect Chain
  • https://vsedlykoles.ru/redirect/
  • https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=645
  • https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
8 KB
4 KB
Document
General
Full URL
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
Requested by
Host: vsedlykoles.ru
URL: https://vsedlykoles.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d9156275716e6f45a4e0e17640a6b2fae4647c6f6e2f1f7c1bb6c162d0d4b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://vsedlykoles.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f609d608ce01903-FRA
content-encoding
zstd
content-type
text/html
date
Sun, 22 Dec 2024 13:56:21 GMT
last-modified
Fri, 20 Dec 2024 08:52:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuoozhklyZUSNkdynvvqgFDwxKKvOuEhk634C8VkUmq4N8yUcmOx4%2BmNcgcfs0cUhGMujhmWE%2Fg7LmpcqJ%2F9%2FEuwQMk32nJq5K9nbHzOgfSu3Zy8So08Dl14eXoKPataow%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=4898&min_rtt=4799&rtt_var=1871&sent=6&recv=6&lost=0&retrans=0&sent_bytes=2834&recv_bytes=1323&delivery_rate=880183&cwnd=252&unsent_bytes=0&cid=d4db8ae29bdcd217&ts=83&x=0" cfL4;desc="?proto=QUIC&rtt=5912&min_rtt=5862&rtt_var=1007&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4216&recv_bytes=4504&delivery_rate=898&cwnd=12000&unsent_bytes=0&cid=55adf3400d88706f&ts=166&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sun, 22 Dec 2024 13:56:21 GMT
location
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
server
nginx
x-adjust-use-original-forwarded-for
1
jsrsasign-all-min.js
cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/
283 KB
62 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/jsrsasign-all-min.js
Requested by
Host: top.call2me.xyz
URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b71baba57a2e71b44efcaa1a02d61f61456a57606e1096812221849b198e6dd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ece-46ad7"
age
244841
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRyfP2jK4ScqcUcR9odrOGrVhy%2FNCldHnmIvq4bvu1oFT7Kgpj1WQx4ovsH%2BtxsWDPN3lBKQSdWVvNagH9ubF%2B%2BLZjSk9RAzOJjx2sWueTVyTWKR7RjR%2F3AFaJnJ7q3WaTd5Qxsp98rPcAjKIkDcMjVB"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 13:56:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 22 Dec 2024 13:56:21 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:58 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f609d61ae3a8f41-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
62327
server
cloudflare
/
ramenbet.com/signature/
0
0

/
103ramenbet.com/signature/
0
0

/
104ramenbet.com/signature/
0
0

/
105ramenbet.com/signature/
0
0

favicon.ico
top.call2me.xyz/
548 B
810 B
Other
General
Full URL
https://top.call2me.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
167
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9hdgPUxmZZANImO2MFWWxthYpnSy%2BKboMuRuYuaUdGfCktuWRY8mOfpvpqBjpmGgVyHWCzdoh7VdSMwS8D7JRmsYnN29V%2FsFiqeeEQVOz10TW02YKjW%2BNJ26xMz6a0Yl3OJR7oC0Jn4hrFyCao4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f609d61ee6b1903-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6121&min_rtt=5862&rtt_var=834&sent=17&recv=14&lost=0&retrans=0&sent_bytes=8150&recv_bytes=5046&delivery_rate=656028&cwnd=12000&unsent_bytes=0&cid=55adf3400d88706f&ts=241&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 13:56:21 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ramenbet.com
URL
https://ramenbet.com/signature/?x=1734875781420
Domain
103ramenbet.com
URL
https://103ramenbet.com/signature/?x=1734875781420
Domain
104ramenbet.com
URL
https://104ramenbet.com/signature/?x=1734875781420
Domain
105ramenbet.com
URL
https://105ramenbet.com/signature/?x=1734875781420

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| YAHOO object| CryptoJS string| b64map string| b64pad function| hex2b64 function| b64tohex function| b64toBA number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| oaep_mgf1_arr function| oaep_pad function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncryptOAEP function| pkcs1unpad2 function| oaep_mgf1_str function| oaep_unpad function| RSASetPrivate function| RSASetPrivateEx function| RSAGenerate function| RSADoPrivate function| RSADecrypt function| RSADecryptOAEP function| ECFieldElementFp function| feFpEquals function| feFpToBigInteger function| feFpNegate function| feFpAdd function| feFpSubtract function| feFpMultiply function| feFpSquare function| feFpDivide function| ECPointFp function| pointFpGetX function| pointFpGetY function| pointFpEquals function| pointFpIsInfinity function| pointFpNegate function| pointFpAdd function| pointFpTwice function| pointFpMultiply function| pointFpMultiplyTwo function| ECCurveFp function| curveFpGetQ function| curveFpGetA function| curveFpGetB function| curveFpEquals function| curveFpGetInfinity function| curveFpFromBigInteger function| curveFpDecodePointHex function| jsonParse object| ASN1HEX object| KJUR function| Base64x function| stoBA function| BAtos function| BAtohex function| stohex function| stob64 function| stob64u function| b64utos function| b64tob64u function| b64utob64 function| hextob64u function| b64utohex function| utf8tob64u function| b64utoutf8 function| utf8tob64 function| b64toutf8 function| utf8tohex function| hextoutf8 function| hextorstr function| rstrtohex function| hextob64 function| hextob64nl function| b64nltohex function| hextoArrayBuffer function| ArrayBuffertohex function| uricmptohex function| hextouricmp function| encodeURIComponentAll function| newline_toUnix function| newline_toDos function| intarystrtohex function| strdiffidx object| PKCS5PKEY object| KEYUTIL function| _rsapem_pemToBase64 function| _rsapem_getPosArrayOfChildrenFromHex function| _rsapem_getHexValueArrayOfChildrenFromHex function| _rsapem_readPrivateKeyFromASN1HexString function| _rsapem_readPrivateKeyFromPEMString object| _RE_HEXDECONLY function| _rsasign_getHexPaddedDigestInfoForString function| _zeroPaddingOfSignature function| _rsasign_signString function| _rsasign_signWithMessageHash function| _rsasign_signStringWithSHA1 function| _rsasign_signStringWithSHA256 function| pss_mgf1_str function| _rsasign_signStringPSS function| _rsasign_signWithMessageHashPSS function| _rsasign_getDecryptSignatureBI function| _rsasign_getHexDigestInfoFromSig function| _rsasign_getAlgNameAndHashFromHexDisgestInfo function| _rsasign_verifySignatureWithArgs function| _rsasign_verifyHexSignatureForMessage function| _rsasign_verifyString function| _rsasign_verifyWithMessageHash function| _rsasign_verifyStringPSS function| _rsasign_verifyWithMessageHashPSS function| X509

2 Cookies

Domain/Path Name / Value
track.cpalink.co/ Name: afclick
Value: 67681a85e9ee9b0001f690f7
track.cpalink.co/ Name: afoffers
Value: {"1028":1734875781}

9 Console Messages

Source Level URL
Text
network error URL: https://top.call2me.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
Message:
Access to XMLHttpRequest at 'https://104ramenbet.com/signature/?x=1734875781420' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://104ramenbet.com/signature/?x=1734875781420
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
Message:
Access to XMLHttpRequest at 'https://103ramenbet.com/signature/?x=1734875781420' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://103ramenbet.com/signature/?x=1734875781420
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
Message:
Access to XMLHttpRequest at 'https://ramenbet.com/signature/?x=1734875781420' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ramenbet.com/signature/?x=1734875781420
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=67681a85e9ee9b0001f690f7
Message:
Access to XMLHttpRequest at 'https://105ramenbet.com/signature/?x=1734875781420' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://105ramenbet.com/signature/?x=1734875781420
Message:
Failed to load resource: net::ERR_FAILED