Submitted URL: https://samara-gerb.ru/
Effective URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
Submission: On November 08 via api from BE — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 8 domains to perform 8 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is top.call2me.xyz.
TLS certificate: Issued by WE1 on October 26th 2024. Valid for: 3 months.
This is the only time top.call2me.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 46.148.232.104 49505 (SELECTEL)
1 1 34.147.10.206 396982 (GOOGLE-CL...)
2 188.114.97.3 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains
Transfer
2 call2me.xyz
top.call2me.xyz
4 KB
2 samara-gerb.ru
samara-gerb.ru
464 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
62 KB
1 cpalink.co
track.cpalink.co
344 B
0 65ramenbet.com Failed
65ramenbet.com Failed
0 64ramenbet.com Failed
64ramenbet.com Failed
0 63ramenbet.com Failed
63ramenbet.com Failed
0 ramenbet.com Failed
ramenbet.com Failed
8 8
Domain Requested by
2 top.call2me.xyz samara-gerb.ru
2 samara-gerb.ru 1 redirects
1 cdnjs.cloudflare.com top.call2me.xyz
1 track.cpalink.co 1 redirects
0 65ramenbet.com Failed top.call2me.xyz
0 64ramenbet.com Failed top.call2me.xyz
0 63ramenbet.com Failed top.call2me.xyz
0 ramenbet.com Failed top.call2me.xyz
8 8

This site contains no links.

Subject Issuer Validity Valid
samara-gerb.ru
R10
2024-11-02 -
2025-01-31
3 months crt.sh
call2me.xyz
WE1
2024-10-26 -
2025-01-24
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
Frame ID: 23C6033587C8FCE60CA2C423AD1D3873
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Loading...

Page URL History Show full URLs

  1. https://samara-gerb.ru/ Page URL
  2. https://samara-gerb.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=628 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672d... Page URL

Page Statistics

8
Requests

50 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

4
IPs

3
Countries

66 kB
Transfer

292 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://samara-gerb.ru/ Page URL
  2. https://samara-gerb.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=628 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
samara-gerb.ru/
280 B
315 B
Document
General
Full URL
https://samara-gerb.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.148.232.104 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
parking.axelname.ru
Software
axelname /
Resource Hash
178846f93e665f834da64bb3534c0de1584c9cb6e97ad9c7cfcac3ac6105ecd5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
200
content-type
text/html; charset=UTF-8
date
Fri, 08 Nov 2024 06:05:43 GMT
server
axelname
vary
Accept-Encoding
Primary Request registration
top.call2me.xyz/ru/
Redirect Chain
  • https://samara-gerb.ru/redirect/
  • https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=628
  • https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
8 KB
4 KB
Document
General
Full URL
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
Requested by
Host: samara-gerb.ru
URL: https://samara-gerb.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
060a30303b115f5a3afcfc5ec9982bcd58b9e6c967b6b0afa610a7aa73be3be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samara-gerb.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8df35f807b5f1d9a-FRA
content-encoding
zstd
content-type
text/html
date
Fri, 08 Nov 2024 06:05:44 GMT
last-modified
Fri, 01 Nov 2024 09:18:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GOTQKsbqpM2B0VxOcV%2Fi1tID5%2FneMb9V0cVYv3i23%2B3BKQ0RBzduP11lKi3Od56wJf%2FgjmnjEqFfUHQhnqFXUIDa2aLgrhILhcKfL84j1ekQQ5KkWGGNzvl%2BtfTNKrGvFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=5241&sent=6&recv=6&lost=0&retrans=0&sent_bytes=2831&recv_bytes=1274&delivery_rate=802431&cwnd=178&unsent_bytes=0&cid=385b5c5005961386&ts=106&x=0" cfL4;desc="?proto=QUIC&rtt=42697&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4217&recv_bytes=4565&delivery_rate=434&cwnd=12000&unsent_bytes=0&cid=71fd3e0f267c900a&ts=220&x=1" cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 08 Nov 2024 06:05:44 GMT
location
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
server
nginx
x-adjust-use-original-forwarded-for
1
jsrsasign-all-min.js
cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/
283 KB
62 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/jsrsasign-all-min.js
Requested by
Host: top.call2me.xyz
URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b71baba57a2e71b44efcaa1a02d61f61456a57606e1096812221849b198e6dd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ece-46ad7"
age
35596
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UR3iVCaVY1062cs%2B%2FE25D6oOR7gg5bLhtd7qutqOQQU88LVOu88bWjucZYjBztJLK34Ib%2BAMHWfOOqVvzI3uuky95%2BuS%2Bk3LJ67mP1aHDJ%2BsFvdL3tRXj1bOdVALqpuaLOtp3gy2"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 06:05:44 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 08 Nov 2024 06:05:44 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8df35f8248ce3a96-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
62327
server
cloudflare
/
ramenbet.com/signature/
0
0

/
63ramenbet.com/signature/
0
0

/
64ramenbet.com/signature/
0
0

/
65ramenbet.com/signature/
0
0

favicon.ico
top.call2me.xyz/
548 B
747 B
Other
General
Full URL
https://top.call2me.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szbPl657Sia6bnuVYUjcCreE2GqnfJ%2BCiqmJFw0IRmnYR7vt8Z6lPCvB6nQta7k03uU6JeChZGV8%2B80lk20g71o1ArHzki3Dc7YkMB%2FHjoUWRbJd84jJ6%2Bzye9yaQs9qfWk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8df35f835d491d9a-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42164&sent=17&recv=14&lost=0&retrans=0&sent_bytes=8081&recv_bytes=5106&delivery_rate=97933&cwnd=12000&unsent_bytes=0&cid=71fd3e0f267c900a&ts=563&x=1", cfHdrFlush;dur=0
date
Fri, 08 Nov 2024 06:05:44 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ramenbet.com
URL
https://ramenbet.com/signature/?x=1731045944823
Domain
63ramenbet.com
URL
https://63ramenbet.com/signature/?x=1731045944823
Domain
64ramenbet.com
URL
https://64ramenbet.com/signature/?x=1731045944823
Domain
65ramenbet.com
URL
https://65ramenbet.com/signature/?x=1731045944823

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| YAHOO object| CryptoJS string| b64map string| b64pad function| hex2b64 function| b64tohex function| b64toBA number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| oaep_mgf1_arr function| oaep_pad function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncryptOAEP function| pkcs1unpad2 function| oaep_mgf1_str function| oaep_unpad function| RSASetPrivate function| RSASetPrivateEx function| RSAGenerate function| RSADoPrivate function| RSADecrypt function| RSADecryptOAEP function| ECFieldElementFp function| feFpEquals function| feFpToBigInteger function| feFpNegate function| feFpAdd function| feFpSubtract function| feFpMultiply function| feFpSquare function| feFpDivide function| ECPointFp function| pointFpGetX function| pointFpGetY function| pointFpEquals function| pointFpIsInfinity function| pointFpNegate function| pointFpAdd function| pointFpTwice function| pointFpMultiply function| pointFpMultiplyTwo function| ECCurveFp function| curveFpGetQ function| curveFpGetA function| curveFpGetB function| curveFpEquals function| curveFpGetInfinity function| curveFpFromBigInteger function| curveFpDecodePointHex function| jsonParse object| ASN1HEX object| KJUR function| Base64x function| stoBA function| BAtos function| BAtohex function| stohex function| stob64 function| stob64u function| b64utos function| b64tob64u function| b64utob64 function| hextob64u function| b64utohex function| utf8tob64u function| b64utoutf8 function| utf8tob64 function| b64toutf8 function| utf8tohex function| hextoutf8 function| hextorstr function| rstrtohex function| hextob64 function| hextob64nl function| b64nltohex function| hextoArrayBuffer function| ArrayBuffertohex function| uricmptohex function| hextouricmp function| encodeURIComponentAll function| newline_toUnix function| newline_toDos function| intarystrtohex function| strdiffidx object| PKCS5PKEY object| KEYUTIL function| _rsapem_pemToBase64 function| _rsapem_getPosArrayOfChildrenFromHex function| _rsapem_getHexValueArrayOfChildrenFromHex function| _rsapem_readPrivateKeyFromASN1HexString function| _rsapem_readPrivateKeyFromPEMString object| _RE_HEXDECONLY function| _rsasign_getHexPaddedDigestInfoForString function| _zeroPaddingOfSignature function| _rsasign_signString function| _rsasign_signWithMessageHash function| _rsasign_signStringWithSHA1 function| _rsasign_signStringWithSHA256 function| pss_mgf1_str function| _rsasign_signStringPSS function| _rsasign_signWithMessageHashPSS function| _rsasign_getDecryptSignatureBI function| _rsasign_getHexDigestInfoFromSig function| _rsasign_getAlgNameAndHashFromHexDisgestInfo function| _rsasign_verifySignatureWithArgs function| _rsasign_verifyHexSignatureForMessage function| _rsasign_verifyString function| _rsasign_verifyWithMessageHash function| _rsasign_verifyStringPSS function| _rsasign_verifyWithMessageHashPSS function| X509

2 Cookies

Domain/Path Name / Value
track.cpalink.co/ Name: afclick
Value: 672daa383e54c0000128a1ee
track.cpalink.co/ Name: afoffers
Value: {"1028":1731045944}

9 Console Messages

Source Level URL
Text
network error URL: https://top.call2me.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
Message:
Access to XMLHttpRequest at 'https://63ramenbet.com/signature/?x=1731045944823' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://63ramenbet.com/signature/?x=1731045944823
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
Message:
Access to XMLHttpRequest at 'https://64ramenbet.com/signature/?x=1731045944823' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://64ramenbet.com/signature/?x=1731045944823
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
Message:
Access to XMLHttpRequest at 'https://ramenbet.com/signature/?x=1731045944823' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ramenbet.com/signature/?x=1731045944823
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672daa383e54c0000128a1ee
Message:
Access to XMLHttpRequest at 'https://65ramenbet.com/signature/?x=1731045944823' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://65ramenbet.com/signature/?x=1731045944823
Message:
Failed to load resource: net::ERR_FAILED