urlscan.io logo urlscan.io
SecurityTrails logo

pay2win.cc Open in urlscan Pro
2606:4700:20::681a:ee8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pay2win.cc/
Effective URL: https://pay2win.cc/
Submission: On July 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 2606:4700:20::681a:ee8, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay2win.cc.
TLS certificate: Issued by E6 on June 8th 2024. Valid for: 3 months.
This is the only time pay2win.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:310... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 6
4    2606:4700:20::681a:ee8 (United States)

ASN13335 (CLOUDFLARENET, US)
pay2win.cc
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:4700:3108::ac42:292d (United States)

ASN13335 (CLOUDFLARENET, US)
stores-api.billgang.com
t-api.billgang.com
9    2606:4700::6812:324 (United States)

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
9 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 17154
123 KB
8 billgang.com
stores-api.billgang.com
t-api.billgang.com
11 KB
4 pay2win.cc
pay2win.cc
273 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 98
1 gstatic.com
fonts.gstatic.com
78 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
986 B
24 6
Domain Requested by
9 imagedelivery.net
4 t-api.billgang.com pay2win.cc
4 stores-api.billgang.com pay2win.cc
4 pay2win.cc pay2win.cc
1 www.youtube.com pay2win.cc
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com pay2win.cc
24 7

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
pay2win.cc
E6		 2024-06-08 -
2024-09-06		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
billgang.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
imagedelivery.net
E5		 2024-07-09 -
2024-10-07		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pay2win.cc/
Frame ID: A7C4C076E736F3A56C9F05B5B567AB22
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/x90_LRoVDEo
Frame ID: C4FFB32388553F5A53F014F32994A46F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home — pay2win

Page URL History Show full URLs

  1. http://pay2win.cc/ HTTP 307
    https://pay2win.cc/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

486 kB
Transfer

1160 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pay2win.cc/ HTTP 307
    https://pay2win.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay2win.cc/
Redirect Chain
  • http://pay2win.cc/
  • https://pay2win.cc/
1 KB
928 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pay2win.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca93afe8be48c22de4719358506effce2fd390bd9b50a504302e73b7b507616d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a243076dc0e6abb-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 12 Jul 2024 21:40:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sbfn0TWYHjaKcsuA8ypdz6dSGOU%2F8X%2ByZQwNCGefPa4xCGqDt00fYxvldVYoZWjwXRqu%2B1yMqQRdp%2FzrWSIu9OvIxAGhdVBBiNcDJxIkA5YouhpBDcQ6a1QfxyyHH5t8g4zp%2B5ZW4ls%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://pay2win.cc/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		2 KB
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jul 2024 21:33:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jul 2024 21:40:02 GMT
index-oNFtaUn1.js
pay2win.cc/assets/ 		859 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay2win.cc/assets/index-oNFtaUn1.js
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb39ca8647bc0ab564842a000c91f19a40c2474718d8d1d4396e555ff42be38

Request headers

Referer
https://pay2win.cc/
Origin
https://pay2win.cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 12 Jul 2024 21:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zzxMDphBA5viFJvyjXLiPJR4JV6frw7Y3ZARh9CnqP%2Fpr%2Be3Xbys9hob%2B1vjHt8YluEvTfaV2O0WllatCWoWnrXhTJaL21JqX84dJhf8dJirsMvKFbtMBsbKJaTxTBkFqCG5ii6diBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8a243078de756abb-FRA
alt-svc
h3=":443"; ma=86400
index-CSeDjF6Q.css
pay2win.cc/assets/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay2win.cc/assets/index-CSeDjF6Q.css
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5

Request headers

Referer
https://pay2win.cc/
Origin
https://pay2win.cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 12 Jul 2024 21:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2F99uXYso8ckxB3%2B1ayHRm7MhSghm3FNNStcpNvgBMKY%2BsP2Q2k21LJUjQf9PyVLv6T94ZwvqMCe7otfnmBf%2Fp8Ae97J0Uvpry0UwMELxz3qPHLRg%2B2Ye21dMHrWpsujEA5H3JYgz1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8a243078de776abb-FRA
alt-svc
h3=":443"; ma=86400
general
stores-api.billgang.com/shops/pay2win.cc/ 		431 B
740 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/pay2win.cc/general
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320007e8eaac7bfd2741d3bf93467fd3fd782f532381700ac854184a78c1294e

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
34
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BY5XEvSGoPaonGD%2BeUqxwgEc4ZbG13mTBDHjaV1uZfVf62P7CO69rFXPXdvFqVTx6TLcFUDweLX7B0UEZLWIsIZOLhroVmQ%2F6FqeBZV7WziptVayESoweo16ob4m4iw0zqsSsrLTSddo7%2FcUsp4MdS4sHYj4"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8a24307b480d5d5f-FRA
alt-svc
h3=":443"; ma=86400
settings
stores-api.billgang.com/shops/pay2win.cc/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/pay2win.cc/settings
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84dae82c5ef97afb69f7e08f2ae8d6bbe812912a9e58502118bdb771390fee88

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
36
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fd1ZGU6hBRXk0HAqihPoSpTUUs2TVeWOLBzJ4wXrLuvOlTR8re4MHTqGDpYyhvzW7IR2Pcfu7i9Rc2TS1PSDQz7WyyoOxkT2bDYeRxZ4xfqBDF7GqO%2BysAd%2F3PO6pQ2K1noxRz9Zv0XHWQhluXVIosG29d8X"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8a24307b48115d5f-FRA
alt-svc
h3=":443"; ma=86400
w=100
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/w=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c60e6a2dc8fe9b03078acae7f9b6a8b25f3fd7e7204d298d9fcaeb4fb379eb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=24+0 c=3+32 v=2024.6.0 l=2341
date
Fri, 12 Jul 2024 21:40:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2341
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfjFXpKtZekASzJuxAMPpCre1mNEWuYOetQxiZZywEDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307b4ed1380e-FRA
iconSprite.svg
pay2win.cc/ 		21 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay2win.cc/iconSprite.svg
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ee8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f94547f911fafb348945a99d496d0c0a030b21d689ca9bffa8a1767359c039bf

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 12 Jul 2024 21:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BlNE24wvKHPATiJ0ilk%2BoKBPtl4q8vjb1cfGKA0j7lXy42QaPLVSrKkrlqYFBcCE2LfMR0jY%2Fp1p9W2lMfydppGSz%2BomAUx%2BCAmSbtzEwuMQXqi0HVYwC744R0D9Wicnd%2B%2FP4gyCSAo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a24307be9b06abb-FRA
alt-svc
h3=":443"; ma=86400
%2F
stores-api.billgang.com/shops/pay2win.cc/ 		13 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/pay2win.cc/%2F
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6192d0d32530068f3fde2c1c9cf7f5d61bafb5f6edd73ed11eb8b381999036f

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
287
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83TMKciL3kWFMMz8nYkqyxcos%2FtZ8PTRBlHdk1YTegroK89kjvQQlDIPhEyKQPFZWO9hOhfpv0q3DJrlhQKyH4zOtCF5UFrundkimRvGCE8%2FCoF18mvJYAf2uabSfOgr9dX3Sh%2F3vJqU4T2aQIs340WnwERO"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8a24307bf8cc5d5f-FRA
alt-svc
h3=":443"; ma=86400
%2F
stores-api.billgang.com/shops/pay2win.cc/ 		13 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/pay2win.cc/%2F
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6192d0d32530068f3fde2c1c9cf7f5d61bafb5f6edd73ed11eb8b381999036f

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVhHajEi1OLNJPGK%2FA3b0kroTx8muMlyLIInSZWMIHbyXnoWG3bCwQPw69ToZt2JGphmhYVjKmGm0KqIPyU6HcPGLeXROwRWxJ%2FLsgOZu8zDaCdz9JZMxPyP%2BR1GAf39%2B%2FmyYHqwLwkMrcta6qEG8db7vz4S"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8a24307e0b175d5f-FRA
alt-svc
h3=":443"; ma=86400
p
t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/ 		54 B
478 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9395ff11cec3ce453b4b6ab286581febfb7f7d200920f6c9389d276495c31b8e

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ToXL%2BRZfieA%2FbygyRvlUuqNFtKLTJqv7W7r%2FHVU1grPZGt%2F0N9tO34ix252zd6z1XN3Nyx1mZBRj1jT1DIRLBv74zpFzrADmYjmaLmaAiK2ziSJ6z8ktN2vJENtJzMllCJrO8O8BxIm3famMVBOmKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8a24307c08e85d5f-FRA
alt-svc
h3=":443"; ma=86400
3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2
fonts.gstatic.com/s/bricolagegrotesque/v2/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bricolagegrotesque/v2/3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pay2win.cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:41:14 GMT
x-content-type-options
nosniff
age
302328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78872
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 21:32:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:41:14 GMT
w=1920
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/fee34350-1597-4e0c-3248-c17183374c00/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/fee34350-1597-4e0c-3248-c17183374c00/w=1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
523243dee434c910e0f14c392221f59b9e08201c061bd69278eaead3794dffac
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=1189+160 c=0+0 v=2024.6.0 l=36122
date
Fri, 12 Jul 2024 21:40:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
36122
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfetrlGLavR9vUur1ilvad7ssep_fOabiIY6DV23sxDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307c0fb5380e-FRA
w=500
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/w=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b47b166c4797996711c420eec1690a8eb28227dfeb92c5a6cb9b1fce1d8798
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=262+610 c=0+0 v=2024.6.0 l=15512
date
Fri, 12 Jul 2024 21:40:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
15512
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfjFXpKtZekASzJuxAMPpCre1mhi8yaH7pEf2-gNpVDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307c0fb7380e-FRA
w=150
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/w=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22c0f9d114ce72e4883f1c0cfad21e391518525fa4ac471ba27f75c81fa7174
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=201+0 c=5+62 v=2024.6.0 l=3480
date
Fri, 12 Jul 2024 21:40:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
3480
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfjFXpKtZekASzJuxAMPpCre1mr3a4R_Tyycf9pL2QDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307c0fb8380e-FRA
s
t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/092cbacc-bb9a-401f-b2ba-282ec68a11a5/ 		54 B
483 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/092cbacc-bb9a-401f-b2ba-282ec68a11a5/s
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7641de271ac39e589a92e716c4f2eecbc1c53b1c04377fe799616897c71b966

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 21:40:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dv3i%2BL7VPdYv2P8RSUfRGpZIN0f7H83AIuG%2FfkqBqU5MVk9TtDHU%2F9cPKb4YF4SwPcyxDtBI%2BH9Ko7pM7JUEVA0y3TVDNS76RKn5YCtok%2FcSajuEzcmwAlVh1JlNSsrvAqAuNmB%2B7wbktOT%2BIPCO4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8a24307d1a0c5d5f-FRA
alt-svc
h3=":443"; ma=86400
e
t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/092cbacc-bb9a-401f-b2ba-282ec68a11a5/s/7e16e809-fc16-40ae-8c24-ae00bb11e988/ 		54 B
478 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/092cbacc-bb9a-401f-b2ba-282ec68a11a5/s/7e16e809-fc16-40ae-8c24-ae00bb11e988/e
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c3a1613ad1e740a740e0fb18c4371d8184a69c25f1735113d65fc1868e5755

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jul 2024 21:40:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZ0F93F2hhunPcYeVZfZFeMqdJcHhpE7nk8L59p%2Fay4FCK%2BTQ6t%2BGVXkGMbu%2FtrZ3fxgR9NDCZwel6K2SOvZIKbV5M45zed0te7qGxyFFflMotJXRFrEgn4W1LtrmGz8iY5aWbtuYx2tR6pI0rwPRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8a24307ddadc5d5f-FRA
alt-svc
h3=":443"; ma=86400
e
t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/092cbacc-bb9a-401f-b2ba-282ec68a11a5/s/7e16e809-fc16-40ae-8c24-ae00bb11e988/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/092cbacc-bb9a-401f-b2ba-282ec68a11a5/s/7e16e809-fc16-40ae-8c24-ae00bb11e988/e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pay2win.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a24307d7a7e5d5f-FRA
date
Fri, 12 Jul 2024 21:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACQNahX8sqdoRmAn%2BAVH5oLb9D9vzyI8dcBS9f7SH73D%2BqQGU3HicC7Ld7PbrEX%2FdW0mcGCvH5A92NLjb4LIA%2FY0Rco4Ih3FDWPk2WwHRszofaFsc%2BGBM0AFU4loJybtBHmBCYJD%2BDHwwFWH1wveUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x90_LRoVDEo
www.youtube.com/embed/ Frame C4FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/x90_LRoVDEo
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-oNFtaUn1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay2win.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jul 2024 21:40:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
w=500
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/62f99a18-b228-4a8f-0e92-7dd104636100/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/62f99a18-b228-4a8f-0e92-7dd104636100/w=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91a5fbb1d943ca213ceff791f6ec63c5d543d6c25e7b07d332cec636c62a2d73
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=283+153 c=0+0 v=2024.6.0 l=13114
date
Fri, 12 Jul 2024 21:40:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
13114
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfT6RS4XPDUzMGmv__ryt7Oyd_hi8yaH7pEf2-gNpVDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307e8a0e903d-FRA
w=500
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/fb2f1e18-e59c-463e-fa72-6aae01b74300/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/fb2f1e18-e59c-463e-fa72-6aae01b74300/w=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bba638ad4369f4e81421ea6878d9adec95b53c28c2507a9c8641927038a0eaa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=987+152 c=0+0 v=2024.6.0 l=16137
date
Fri, 12 Jul 2024 21:40:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
16137
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfsIhJTf0G9RFWR7f2flvOxeYbhi8yaH7pEf2-gNpVDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307e8a11903d-FRA
w=500
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/075ddbb4-7a04-4f3e-20cd-685af7659400/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/075ddbb4-7a04-4f3e-20cd-685af7659400/w=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1ef769b6cfd144b785c324fcc487d9a6b9c27e41e1fc2afe6a90a5cf5f6a4d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=1313+297 c=0+0 v=2024.6.0 l=14121
date
Fri, 12 Jul 2024 21:40:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
14121
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfbc5dfK0VCFJH9mCRL7wYhQIwhi8yaH7pEf2-gNpVDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307e8a14903d-FRA
w=500
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/cf50993d-92c1-4f74-7529-2d98ab1c5b00/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/cf50993d-92c1-4f74-7529-2d98ab1c5b00/w=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e7efe178e813ee505bc6e5bcba4bc8144a2f9673eec98c401c68d36363c5f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=572+138 c=0+0 v=2024.6.0 l=13554
date
Fri, 12 Jul 2024 21:40:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
13554
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfUj_HDO8gUNpkJfx1S49kufJ8hi8yaH7pEf2-gNpVDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307e8a17903d-FRA
w=500
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7a20c99d-8c56-489c-18c1-3521b3238400/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7a20c99d-8c56-489c-18c1-3521b3238400/w=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b70394b453a1a298bb342db03e72c46eabb713197d08922008b6db3e1181a44
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

Referer
https://pay2win.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-images
internal=ok/- q=0 n=1733+127 c=37+199 v=2024.6.0 l=9084
date
Fri, 12 Jul 2024 21:40:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
9084
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf_HiqEATwEPS_AZO_avZ9h8Mqhi8yaH7pEf2-gNpVDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
8a24307e8a19903d-FRA

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: ibi2ilqB3wE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: z4ZkojCBOlE
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgVw%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
imagedelivery.net
pay2win.cc
stores-api.billgang.com
t-api.billgang.com
www.youtube.com
2606:4700:20::681a:ee8
2606:4700:3108::ac42:292d
2606:4700::6812:324
2a00:1450:4001:81c::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2003
1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5
320007e8eaac7bfd2741d3bf93467fd3fd782f532381700ac854184a78c1294e
50c60e6a2dc8fe9b03078acae7f9b6a8b25f3fd7e7204d298d9fcaeb4fb379eb
523243dee434c910e0f14c392221f59b9e08201c061bd69278eaead3794dffac
57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9
75b47b166c4797996711c420eec1690a8eb28227dfeb92c5a6cb9b1fce1d8798
7b70394b453a1a298bb342db03e72c46eabb713197d08922008b6db3e1181a44
84dae82c5ef97afb69f7e08f2ae8d6bbe812912a9e58502118bdb771390fee88
87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e
91a5fbb1d943ca213ceff791f6ec63c5d543d6c25e7b07d332cec636c62a2d73
91e7efe178e813ee505bc6e5bcba4bc8144a2f9673eec98c401c68d36363c5f1
9395ff11cec3ce453b4b6ab286581febfb7f7d200920f6c9389d276495c31b8e
9bba638ad4369f4e81421ea6878d9adec95b53c28c2507a9c8641927038a0eaa
a7c3a1613ad1e740a740e0fb18c4371d8184a69c25f1735113d65fc1868e5755
b22c0f9d114ce72e4883f1c0cfad21e391518525fa4ac471ba27f75c81fa7174
ca93afe8be48c22de4719358506effce2fd390bd9b50a504302e73b7b507616d
db1ef769b6cfd144b785c324fcc487d9a6b9c27e41e1fc2afe6a90a5cf5f6a4d
dcb39ca8647bc0ab564842a000c91f19a40c2474718d8d1d4396e555ff42be38
e6192d0d32530068f3fde2c1c9cf7f5d61bafb5f6edd73ed11eb8b381999036f
e7641de271ac39e589a92e716c4f2eecbc1c53b1c04377fe799616897c71b966
f94547f911fafb348945a99d496d0c0a030b21d689ca9bffa8a1767359c039bf