urlscan.io logo urlscan.io
SecurityTrails logo

top.call2me.xyz Open in urlscan Pro
172.67.163.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://waxnail.ru/
Effective URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
Submission: On November 06 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 8 domains to perform 8 HTTP transactions. The main IP is 172.67.163.140, located in United States and belongs to CLOUDFLARENET, US. The main domain is top.call2me.xyz.
TLS certificate: Issued by WE1 on October 26th 2024. Valid for: 3 months.
This is the only time top.call2me.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 46.148.232.104 49505 (SELECTEL)
1 1 34.147.10.206 396982 (GOOGLE-CL...)
2 172.67.163.140 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains		 Transfer
2 call2me.xyz
top.call2me.xyz
4 KB
2 waxnail.ru
waxnail.ru
461 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
62 KB
1 cpalink.co
track.cpalink.co
345 B
0 65ramenbet.com Failed
65ramenbet.com Failed
0 64ramenbet.com Failed
64ramenbet.com Failed
0 63ramenbet.com Failed
63ramenbet.com Failed
0 ramenbet.com Failed
ramenbet.com Failed
8 8
Domain Requested by
2 top.call2me.xyz waxnail.ru
2 waxnail.ru 1 redirects
1 cdnjs.cloudflare.com top.call2me.xyz
1 track.cpalink.co 1 redirects
0 65ramenbet.com Failed top.call2me.xyz
0 64ramenbet.com Failed top.call2me.xyz
0 63ramenbet.com Failed top.call2me.xyz
0 ramenbet.com Failed top.call2me.xyz
8 8

This site contains no links.

Subject Issuer Validity Valid
waxnail.ru
R11		 2024-10-31 -
2025-01-29		 3 months crt.sh
call2me.xyz
WE1		 2024-10-26 -
2025-01-24		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
Frame ID: BE6CF0D6D6FC1921894DB5028A7BA4FB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. https://waxnail.ru/ Page URL
  2. https://waxnail.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=621 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672a... Page URL

Page Statistics

8
Requests

50 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

4
IPs

4
Countries

66 kB
Transfer

292 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://waxnail.ru/ Page URL
  2. https://waxnail.ru/redirect/ HTTP 302
    https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=621 HTTP 302
    https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
waxnail.ru/ 		276 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://waxnail.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.148.232.104 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
parking.axelname.ru
Software
axelname /
Resource Hash
ca4bfd4936ac74e21aa6d349cc5ba3d47f824c70893a989c5dacd74c37b2d9d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
197
content-type
text/html; charset=UTF-8
date
Wed, 06 Nov 2024 04:18:45 GMT
server
axelname
vary
Accept-Encoding
Primary Request registration
top.call2me.xyz/ru/
Redirect Chain
  • https://waxnail.ru/redirect/
  • https://track.cpalink.co/click?pid=11028&offer_id=1028&sub1=621
  • https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
Requested by
Host: waxnail.ru
URL: https://waxnail.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
060a30303b115f5a3afcfc5ec9982bcd58b9e6c967b6b0afa610a7aa73be3be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://waxnail.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8de248124c2a2eab-LAX
content-encoding
br
content-type
text/html
date
Wed, 06 Nov 2024 04:18:47 GMT
last-modified
Fri, 01 Nov 2024 09:18:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdbi13xOpHcaRYPwzaj0tRovcO6tpeEolxDIf546wRmf9Gor1EvcmCMX5X6L%2BG0rh7ITBa1YGq%2Br%2FXWC6fhuVRDxyw4iMZR2xLDFKemG2mswTlUqYv7154qf1oMPV%2FmkRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=5141&sent=6&recv=6&lost=0&retrans=0&sent_bytes=2831&recv_bytes=1276&delivery_rate=814343&cwnd=199&unsent_bytes=0&cid=f2e3e8d3a827366e&ts=103&x=0" cfL4;desc="?proto=QUIC&rtt=63476&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4559&delivery_rate=328&cwnd=12000&unsent_bytes=0&cid=cc103d8fe1f91981&ts=808&x=1" cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding

Redirect headers

access-control-allow-origin
*
content-length
0
date
Wed, 06 Nov 2024 04:18:46 GMT
location
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
server
nginx
x-adjust-use-original-forwarded-for
1
jsrsasign-all-min.js
cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/ 		283 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jsrsasign/6.2.2/jsrsasign-all-min.js
Requested by
Host: top.call2me.xyz
URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b71baba57a2e71b44efcaa1a02d61f61456a57606e1096812221849b198e6dd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ece-46ad7"
age
7106952
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8UjUtGKli5oJmgTCC4%2FXFBKWp%2FYSjMl0APhWrqCI%2BUUOhWgih0gIlng1kW5FYAaVy%2Bd3vBGSX51KMDOo7BICOHRZEymvBCn0OQneV%2Fy7Mq5BOO3PTL4MmiNDJ0Qn0oyXlNWjeqR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 27 Oct 2025 04:18:47 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 04:18:47 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8de24817eda5fa26-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
62327
server
cloudflare
/
ramenbet.com/signature/ 		0
0
/
63ramenbet.com/signature/ 		0
0
/
64ramenbet.com/signature/ 		0
0
/
65ramenbet.com/signature/ 		0
0
favicon.ico
top.call2me.xyz/ 		548 B
727 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top.call2me.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5wsCTC148%2BQaMU8FhNccYCJA9y5yHqQHr4NFxnUzbxdV3y6gMmon%2Fi9NnBCRWfwFWAbLLm74DdU7JXB9aggXVz80Cv6fs%2Bx8F8gbj8VwOo3IuOmwOTDwUdKAyOe3IkUTFw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8de24819ffc92eab-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=62788&sent=15&recv=13&lost=0&retrans=0&sent_bytes=7667&recv_bytes=5057&delivery_rate=58158&cwnd=12000&unsent_bytes=0&cid=cc103d8fe1f91981&ts=1888&x=1", cfHdrFlush;dur=0
date
Wed, 06 Nov 2024 04:18:48 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ramenbet.com
URL
https://ramenbet.com/signature/?x=1730866727951
Domain
63ramenbet.com
URL
https://63ramenbet.com/signature/?x=1730866727951
Domain
64ramenbet.com
URL
https://64ramenbet.com/signature/?x=1730866727951
Domain
65ramenbet.com
URL
https://65ramenbet.com/signature/?x=1730866727951

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| YAHOO object| CryptoJS string| b64map string| b64pad function| hex2b64 function| b64tohex function| b64toBA number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| oaep_mgf1_arr function| oaep_pad function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt function| RSAEncryptOAEP function| pkcs1unpad2 function| oaep_mgf1_str function| oaep_unpad function| RSASetPrivate function| RSASetPrivateEx function| RSAGenerate function| RSADoPrivate function| RSADecrypt function| RSADecryptOAEP function| ECFieldElementFp function| feFpEquals function| feFpToBigInteger function| feFpNegate function| feFpAdd function| feFpSubtract function| feFpMultiply function| feFpSquare function| feFpDivide function| ECPointFp function| pointFpGetX function| pointFpGetY function| pointFpEquals function| pointFpIsInfinity function| pointFpNegate function| pointFpAdd function| pointFpTwice function| pointFpMultiply function| pointFpMultiplyTwo function| ECCurveFp function| curveFpGetQ function| curveFpGetA function| curveFpGetB function| curveFpEquals function| curveFpGetInfinity function| curveFpFromBigInteger function| curveFpDecodePointHex function| jsonParse object| ASN1HEX object| KJUR function| Base64x function| stoBA function| BAtos function| BAtohex function| stohex function| stob64 function| stob64u function| b64utos function| b64tob64u function| b64utob64 function| hextob64u function| b64utohex function| utf8tob64u function| b64utoutf8 function| utf8tob64 function| b64toutf8 function| utf8tohex function| hextoutf8 function| hextorstr function| rstrtohex function| hextob64 function| hextob64nl function| b64nltohex function| hextoArrayBuffer function| ArrayBuffertohex function| uricmptohex function| hextouricmp function| encodeURIComponentAll function| newline_toUnix function| newline_toDos function| intarystrtohex function| strdiffidx object| PKCS5PKEY object| KEYUTIL function| _rsapem_pemToBase64 function| _rsapem_getPosArrayOfChildrenFromHex function| _rsapem_getHexValueArrayOfChildrenFromHex function| _rsapem_readPrivateKeyFromASN1HexString function| _rsapem_readPrivateKeyFromPEMString object| _RE_HEXDECONLY function| _rsasign_getHexPaddedDigestInfoForString function| _zeroPaddingOfSignature function| _rsasign_signString function| _rsasign_signWithMessageHash function| _rsasign_signStringWithSHA1 function| _rsasign_signStringWithSHA256 function| pss_mgf1_str function| _rsasign_signStringPSS function| _rsasign_signWithMessageHashPSS function| _rsasign_getDecryptSignatureBI function| _rsasign_getHexDigestInfoFromSig function| _rsasign_getAlgNameAndHashFromHexDisgestInfo function| _rsasign_verifySignatureWithArgs function| _rsasign_verifyHexSignatureForMessage function| _rsasign_verifyString function| _rsasign_verifyWithMessageHash function| _rsasign_verifyStringPSS function| _rsasign_verifyWithMessageHashPSS function| X509

2 Cookies

Domain/Path Name / Value
track.cpalink.co/ Name: afclick
Value: 672aee268292f900012f20c5
track.cpalink.co/ Name: afoffers
Value: {"1028":1730866726}

9 Console Messages

Source Level URL
Text
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
Message:
Access to XMLHttpRequest at 'https://63ramenbet.com/signature/?x=1730866727951' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://63ramenbet.com/signature/?x=1730866727951
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
Message:
Access to XMLHttpRequest at 'https://65ramenbet.com/signature/?x=1730866727951' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://65ramenbet.com/signature/?x=1730866727951
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
Message:
Access to XMLHttpRequest at 'https://64ramenbet.com/signature/?x=1730866727951' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://64ramenbet.com/signature/?x=1730866727951
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://top.call2me.xyz/ru/registration?apkpop=0&partner=p42277p3313169pede1&promo=11028&source=672aee268292f900012f20c5
Message:
Access to XMLHttpRequest at 'https://ramenbet.com/signature/?x=1730866727951' from origin 'https://top.call2me.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ramenbet.com/signature/?x=1730866727951
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://top.call2me.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()