Submitted URL: http://shashlyik.ru/
Effective URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
Submission: On December 22 via api from BE — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 8 domains to perform 8 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is top.call2me.xyz.
TLS certificate: Issued by WE1 on October 26th 2024. Valid for: 3 months.
This is the only time top.call2me.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 46.148.232.104 49505 (SELECTEL ...)
1 1 34.147.10.206 396982 (GOOGLE-CL...)
2 188.114.97.3 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains
Transfer
2 call2me.xyz
top.call2me.xyz
4 KB
2 shashlyik.ru
shashlyik.ru
462 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
62 KB
1 cpalink.co
track.cpalink.co
346 B
0 105ramenbet.com Failed
105ramenbet.com Failed
0 104ramenbet.com Failed
104ramenbet.com Failed
0 103ramenbet.com Failed
103ramenbet.com Failed
0 ramenbet.com Failed
ramenbet.com Failed
8 8
Domain Requested by
2 top.call2me.xyz shashlyik.ru
2 shashlyik.ru 1 redirects
1 cdnjs.cloudflare.com top.call2me.xyz
1 track.cpalink.co 1 redirects
0 105ramenbet.com Failed top.call2me.xyz
0 104ramenbet.com Failed top.call2me.xyz
0 103ramenbet.com Failed top.call2me.xyz
0 ramenbet.com Failed top.call2me.xyz
8 8

This site contains no links.

Subject Issuer Validity Valid
shashlyik.ru
R10
2024-11-21 -
2025-02-19
3 months crt.sh
call2me.xyz
WE1
2024-10-26 -
2025-01-24
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
Frame ID: 213D8E4FCB4FF7C7C4446BCD2AE21C39
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Loading...

Page URL History Show full URLs

  1. http://shashlyik.ru/ HTTP 307
    https://shashlyik.ru/ Page URL
  2. https://shashlyik.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=648 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767... Page URL

Page Statistics

8
Requests

50 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

4
IPs

3
Countries

66 kB
Transfer

292 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shashlyik.ru/ HTTP 307
    https://shashlyik.ru/ Page URL
  2. https://shashlyik.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=648 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://shashlyik.ru/ HTTP 307
  • https://shashlyik.ru/

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
shashlyik.ru/
Redirect Chain
  • http://shashlyik.ru/
  • https://shashlyik.ru/
278 B
313 B
Document
General
Full URL
https://shashlyik.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.148.232.104 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
parking.axelname.ru
Software
axelname /
Resource Hash
9d1f2864cdaa4c9aba776dbac8538a4eabb630019df6105e5071989c8d1c9271

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
198
content-type
text/html; charset=UTF-8
date
Sun, 22 Dec 2024 08:45:05 GMT
server
axelname
vary
Accept-Encoding

Redirect headers

Location
https://shashlyik.ru/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request registration
top.call2me.xyz/ru/
Redirect Chain
  • https://shashlyik.ru/redirect/
  • https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=648
  • https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
8 KB
4 KB
Document
General
Full URL
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
Requested by
Host: shashlyik.ru
URL: https://shashlyik.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d9156275716e6f45a4e0e17640a6b2fae4647c6f6e2f1f7c1bb6c162d0d4b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shashlyik.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f5ed56e7a5930f0-FRA
content-encoding
zstd
content-type
text/html
date
Sun, 22 Dec 2024 08:45:05 GMT
last-modified
Fri, 20 Dec 2024 08:52:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRclARo2BMl0bN0K27xxy1LLroa4FyqaRwewvIhIIEYb6VmlCBly7d217iilG6j2p3RhWrLa9y4haOVS22%2BEyXvhMMRFbNGbV1bI7HrodwVtqt8fBi6NBh5y4JzSpu64DA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=4380&min_rtt=4379&rtt_var=1644&sent=6&recv=6&lost=0&retrans=0&sent_bytes=2833&recv_bytes=1267&delivery_rate=962406&cwnd=71&unsent_bytes=0&cid=5d1fca5d863c6d4e&ts=112&x=0" cfL4;desc="?proto=QUIC&rtt=6852&min_rtt=6436&rtt_var=1383&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4287&recv_bytes=4607&delivery_rate=861&cwnd=12000&unsent_bytes=0&cid=32e3736e333062fd&ts=200&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sun, 22 Dec 2024 08:45:05 GMT
location
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
server
nginx
x-adjust-use-original-forwarded-for
1
jsrsasign-all-min.js
cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/
283 KB
62 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/jsrsasign-all-min.js
Requested by
Host: top.call2me.xyz
URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b71baba57a2e71b44efcaa1a02d61f61456a57606e1096812221849b198e6dd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ece-46ad7"
age
2812304
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8n5CiX5c5FNAbvhGdAMXU9wl6lqC8CaqWtgG4z4UZPruMwGkUvbu1900CZwY5JT3NNkSJ50FVM5przp5hgGC2KiQDnx2V7cxQoKFSLKcIIQXKhDtuLhWjZTrHc3lBleXWgWtm%2BqA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 08:45:05 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 22 Dec 2024 08:45:05 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:58 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f5ed56fded15d51-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
62327
server
cloudflare
/
ramenbet.com/signature/
0
0

/
103ramenbet.com/signature/
0
0

/
104ramenbet.com/signature/
0
0

/
105ramenbet.com/signature/
0
0

favicon.ico
top.call2me.xyz/
548 B
799 B
Other
General
Full URL
https://top.call2me.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
59
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlWpgP9tQQrMuptRVtrzRbKMwQKIFcvBONeEoDVMjSE8ueST5LPO9I8CRZlOHeYhmp%2FAjDvL2cHAwfwRZptMCe5siMwtvOKPozN2BYE8YVAsteHGi%2FJeFHtoinHY8%2B%2FQeNM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5ed5701d2b30f0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6774&min_rtt=6436&rtt_var=911&sent=18&recv=14&lost=0&retrans=0&sent_bytes=8191&recv_bytes=5105&delivery_rate=598132&cwnd=12000&unsent_bytes=0&cid=32e3736e333062fd&ts=299&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 08:45:05 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ramenbet.com
URL
https://ramenbet.com/signature/?x=1734857105935
Domain
103ramenbet.com
URL
https://103ramenbet.com/signature/?x=1734857105935
Domain
104ramenbet.com
URL
https://104ramenbet.com/signature/?x=1734857105935
Domain
105ramenbet.com
URL
https://105ramenbet.com/signature/?x=1734857105935

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| YAHOO object| CryptoJS string| b64map string| b64pad function| hex2b64 function| b64tohex function| b64toBA number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| oaep_mgf1_arr function| oaep_pad function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncryptOAEP function| pkcs1unpad2 function| oaep_mgf1_str function| oaep_unpad function| RSASetPrivate function| RSASetPrivateEx function| RSAGenerate function| RSADoPrivate function| RSADecrypt function| RSADecryptOAEP function| ECFieldElementFp function| feFpEquals function| feFpToBigInteger function| feFpNegate function| feFpAdd function| feFpSubtract function| feFpMultiply function| feFpSquare function| feFpDivide function| ECPointFp function| pointFpGetX function| pointFpGetY function| pointFpEquals function| pointFpIsInfinity function| pointFpNegate function| pointFpAdd function| pointFpTwice function| pointFpMultiply function| pointFpMultiplyTwo function| ECCurveFp function| curveFpGetQ function| curveFpGetA function| curveFpGetB function| curveFpEquals function| curveFpGetInfinity function| curveFpFromBigInteger function| curveFpDecodePointHex function| jsonParse object| ASN1HEX object| KJUR function| Base64x function| stoBA function| BAtos function| BAtohex function| stohex function| stob64 function| stob64u function| b64utos function| b64tob64u function| b64utob64 function| hextob64u function| b64utohex function| utf8tob64u function| b64utoutf8 function| utf8tob64 function| b64toutf8 function| utf8tohex function| hextoutf8 function| hextorstr function| rstrtohex function| hextob64 function| hextob64nl function| b64nltohex function| hextoArrayBuffer function| ArrayBuffertohex function| uricmptohex function| hextouricmp function| encodeURIComponentAll function| newline_toUnix function| newline_toDos function| intarystrtohex function| strdiffidx object| PKCS5PKEY object| KEYUTIL function| _rsapem_pemToBase64 function| _rsapem_getPosArrayOfChildrenFromHex function| _rsapem_getHexValueArrayOfChildrenFromHex function| _rsapem_readPrivateKeyFromASN1HexString function| _rsapem_readPrivateKeyFromPEMString object| _RE_HEXDECONLY function| _rsasign_getHexPaddedDigestInfoForString function| _zeroPaddingOfSignature function| _rsasign_signString function| _rsasign_signWithMessageHash function| _rsasign_signStringWithSHA1 function| _rsasign_signStringWithSHA256 function| pss_mgf1_str function| _rsasign_signStringPSS function| _rsasign_signWithMessageHashPSS function| _rsasign_getDecryptSignatureBI function| _rsasign_getHexDigestInfoFromSig function| _rsasign_getAlgNameAndHashFromHexDisgestInfo function| _rsasign_verifySignatureWithArgs function| _rsasign_verifyHexSignatureForMessage function| _rsasign_verifyString function| _rsasign_verifyWithMessageHash function| _rsasign_verifyStringPSS function| _rsasign_verifyWithMessageHashPSS function| X509

2 Cookies

Domain/Path Name / Value
track.cpalink.co/ Name: afclick
Value: 6767d1915b0dfb00013866a9
track.cpalink.co/ Name: afoffers
Value: {"1028":1734857105}

9 Console Messages

Source Level URL
Text
network error URL: https://top.call2me.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
Message:
Access to XMLHttpRequest at 'https://103ramenbet.com/signature/?x=1734857105935' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://103ramenbet.com/signature/?x=1734857105935
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
Message:
Access to XMLHttpRequest at 'https://ramenbet.com/signature/?x=1734857105935' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ramenbet.com/signature/?x=1734857105935
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
Message:
Access to XMLHttpRequest at 'https://105ramenbet.com/signature/?x=1734857105935' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://105ramenbet.com/signature/?x=1734857105935
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=6767d1915b0dfb00013866a9
Message:
Access to XMLHttpRequest at 'https://104ramenbet.com/signature/?x=1734857105935' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://104ramenbet.com/signature/?x=1734857105935
Message:
Failed to load resource: net::ERR_FAILED