go.2qwin.top - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 172.67.145.195, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.2qwin.top.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.

This is the only time go.2qwin.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.145.195 172.67.145.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.150.61 172.67.150.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.208.160 172.67.208.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3

2 172.67.145.195 (United States)

ASN13335 (CLOUDFLARENET, US)

go.2qwin.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.150.61 (United States)

ASN13335 (CLOUDFLARENET, US)

static.2q.capital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.208.160 (United States)

ASN13335 (CLOUDFLARENET, US)

h5.2q.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	2q.capital static.2q.capital	47 KB
2	2qwin.top go.2qwin.top	4 KB
1	2q.link h5.2q.link
5	3

	Domain	Requested by
2	static.2q.capital	go.2qwin.top
2	go.2qwin.top
1	h5.2q.link	static.2q.capital
5	3

This site contains no links.

Subject Issuer	Validity	Valid
2qwin.top GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
2q.capital E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
2q.link GTS CA 1P5	`2024-02-12` - `2024-05-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://go.2qwin.top/
Frame ID: C02C78C26DF2AF517590506093E0A651
Requests: 4 HTTP requests in this frame

Frame: https://h5.2q.link/sports
Frame ID: 756DBA4D111B26BA29C904D929DEE11E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2q - QUALITY WITH SPORTSMANSHIP - Chất lượng đi đôi tinh thần thể thao

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

51 kB
Transfer

145 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response go.2qwin.top/	1 KB 981 B	673ms 621ms	Document text/html	172.67.145.195 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.2qwin.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.195 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8d786a27e77d9a413357d059c351ff204e910ca700f27b651c3461a659ace3c6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 871342f5c95f4bbd-BUF content-encoding br content-type text/html date Mon, 08 Apr 2024 15:23:58 GMT last-modified Tue, 09 Jan 2024 11:54:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8GcQscN1KAH0oKcy4rL89BSAH6n6rviX2dFF462a0s%2BBlYnpa1MZX1IS%2B%2BIM0M%2FXxSfOZUPESHIr%2FAdH0jTcc3MkwU5s86zorprBspn1HbvNCfTgj%2BDHxyqUpNTTBWo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	main.2035cb5b.js Show response static.2q.capital/build/2q/web/production/49d881f/static/js/	139 KB 46 KB	590ms 502ms	Script application/javascript	172.67.150.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.2q.capital/build/2q/web/production/49d881f/static/js/main.2035cb5b.js Requested by Host: go.2qwin.top URL: https://go.2qwin.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5fff37fe03fcbf329b9003a99c54f335b82921e24847f26f0072af56f9ade13e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.2qwin.top/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:23:58 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 10 Jan 2024 03:09:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-request-id F9PQZCEMT65H3DGS etag W/"c652da097e0e497a3ba43290ae1fd352" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xdt3eDaQMD7l4NCFyc%2BEI5D4hZyHz%2Fhz0ogbt2A%2BWkYAsoo1r6BQdzWqornzQTJb3Yulu5x5OBRzXIiGSb40SISu9hJlSxzjsS2jLdaKy6dXLW96lM3JpSjBoI99BHZgXp3rBg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 871342fa5f371044-ORD alt-svc h3=":443"; ma=86400 x-amz-id-2 1tT51KGVuMsHsDmWT5//0mdJVQ1CmZ7uvFa4Lksvsd0VluKMdpE3pVztaV+TIyAJOIYfv9xMBDs=
GET H3	200	main.74b4fcaf.css static.2q.capital/build/2q/web/production/49d881f/static/css/	343 B 800 B	586ms 499ms	Stylesheet text/css	172.67.150.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.2q.capital/build/2q/web/production/49d881f/static/css/main.74b4fcaf.css Requested by Host: go.2qwin.top URL: https://go.2qwin.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2a8d49cbe6449d6a22426e3c64db8a7abfde21052a76244ecf4507ae7f9b78d4` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.2qwin.top/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:23:58 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 10 Jan 2024 03:09:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-request-id QVQ86SM1WF6CMAGN etag W/"510ccdef8ef0fac07b9d7466027e0c3a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5C6c2QFIRyR7oFwpUa2ACN4SKKZz30sN6%2FaQJWh2bll3QRo4au0qkZU%2BIMh%2BmmJhXHP9NoP62RyB6hInh00WYBtjWM5GfFei%2FEfCAhJdRc%2BYwz10dICH6utTXGvs5hbP6XTT4w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 871342fa5f381044-ORD alt-svc h3=":443"; ma=86400 x-amz-id-2 PUu41GnbJSQobTJ3qLo5bXZi0PwVL4q/MtwlmJ5ANTy4/MfbNh9usg700SRiijJyhZcIS8KKhRI=
GET H3	200	sports h5.2q.link/ Frame 756D	0 0	623ms 476ms	Document text/html	172.67.208.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.2q.link/sports Requested by Host: static.2q.capital URL: https://static.2q.capital/build/2q/web/production/49d881f/static/js/main.2035cb5b.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.160 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://go.2qwin.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 871342ff7d87111f-ORD content-encoding br content-type text/html date Mon, 08 Apr 2024 15:23:59 GMT last-modified Wed, 03 Apr 2024 03:08:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gd%2Bgq31SWUkv5uaplb144DlQk6BHdJKWlh9Q1HfoaGhBO0xRugRsjXLbi%2FiIICksyipkKLFoM6Cv8vJ3ErbbDiG76mT5seM1K8FUncvMv1Fuy6fRmqgmSgOocd%2Fn"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	favicon.ico go.2qwin.top/	4 KB 3 KB	523ms 522ms	Other image/x-icon	172.67.145.195 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.2qwin.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.145.195 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `17afec7575e931bd5f7fd9fa62fd104552e267182eceed44fa48cdc9e6a3ef68` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://go.2qwin.top/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 15:23:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 11:54:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"659d33e3-10be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRssiPK1KL%2Fteq1L9yQygoq%2FaMwQYfpRjZOkjkxRf7NQkkZP1CQtINtVHPfwKiTg8gSvqV8t6ENwHTEkNvmmoFbcMnFBbBEu3PsoHPD0F2JfvVnYoZfXsLlOd%2BJUN%2BU%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 871342fe7d264bbd-BUF alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.2qwin.top
h5.2q.link
static.2q.capital
172.67.145.195
172.67.150.61
172.67.208.160
17afec7575e931bd5f7fd9fa62fd104552e267182eceed44fa48cdc9e6a3ef68
2a8d49cbe6449d6a22426e3c64db8a7abfde21052a76244ecf4507ae7f9b78d4
5fff37fe03fcbf329b9003a99c54f335b82921e24847f26f0072af56f9ade13e
8d786a27e77d9a413357d059c351ff204e910ca700f27b651c3461a659ace3c6

go.2qwin.top Open in urlscan Pro 172.67.145.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

51 kBTransfer

145 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

go.2qwin.top Open in urlscan Pro
172.67.145.195 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

51 kB
Transfer

145 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions