x2-win.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://x2-win.com/
Submission: On January 05 via api (January 5th 2025, 4:39:30 pm UTC) from US — Scanned from NL

Summary HTTP 26 Redirects Links 3 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 26 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is x2-win.com.
TLS certificate: Issued by WE1 on January 4th 2025. Valid for: 3 months.

This is the only time x2-win.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
22	188.114.97.3 188.114.97.3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a		15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204		39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
2	142.250.186.35 142.250.186.35		15169 (GOOGLE) (GOOGLE)
26	5

22 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

x2-win.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	x2-win.com x2-win.com	347 KB
2	gstatic.com fonts.gstatic.com	73 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 15372	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
26	4

	Domain	Requested by
22	x2-win.com	x2-win.com
2	fonts.gstatic.com	fonts.googleapis.com
2	counter.yadro.ru	1 redirects x2-win.com
1	fonts.googleapis.com	x2-win.com
26	4

This site contains links to these domains. Also see Links.

Domain
vk.com
payeer.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
x2-win.com WE1	`2025-01-04` - `2025-04-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://x2-win.com/
Frame ID: 2ED7780E2551128EB6C126D7D25D9DDF
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

X2Win

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

26
Requests

96 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

423 kB
Transfer

1258 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/public196759605
Title: МЫ ВКОНТАКТЕ

Search URL Search Domain Scan URL

URL: https://payeer.com/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://counter.yadro.ru/hit?t16.6;r;s1600*1200*24;uhttps%3A//x2-win.com/;hX2Win;0.21096600310494584 HTTP 302
https://counter.yadro.ru/hit?q;t16.6;r;s1600*1200*24;uhttps%3A//x2-win.com/;hX2Win;0.21096600310494584

26 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
x2-win.com/ 22 KB
5 KB 124ms
90ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: ee9fb7f29e99dc2ee7211edcdf519a8f6fd10aaf24a5e25f4877871b146d93fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8fd4e782c8046703-AMS
content-encoding: zstd
content-type: text/html
date: Sun, 05 Jan 2025 16:39:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwLJ50V8pkIqbfpweJFnmVbqaaPaE%2BODgts94SQZSfYeXVUi4eu%2FU414J%2FyhNrcnBhPAPugvWhOspfA5BQSK4vidzrH8upDKlFPAYY2aWVy5UN4CYom0iJ2xhgTm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=14853&min_rtt=14746&rtt_var=2386&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4210&recv_bytes=4485&delivery_rate=702&cwnd=12000&unsent_bytes=0&cid=74582167111d0109&ts=96&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding
x-powered-by: PHP/5.4.16

GET
H3 200 bootstrap.min.css
x2-win.com/css/ 120 KB
21 KB 59ms
57ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/css/bootstrap.min.css
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c048b07c7327fa3e28b9f9ce709af86e906670434d6968e60d0b06b2f1d6fda6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7b6-1df10"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f4S8NtrUv%2FpY598NonyZuMI3uH%2FZDgzUHXLCCl61QOoFDSPIkz6ck3IVd%2BYm4lZbjlRxD3SvPLXIuOEqHJ%2FjQIAoVNhlYpX9hrk%2B0rxfcOnuMMIt9LwXmTV%2BRDuv"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15069&min_rtt=14746&rtt_var=1333&sent=29&recv=18&lost=0&retrans=0&sent_bytes=21577&recv_bytes=6255&delivery_rate=345518&cwnd=12000&unsent_bytes=0&cid=74582167111d0109&ts=153&x=1", cfExtPri, cfHdrFlush;dur=11
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: text/css
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78368936703-AMS
server: cloudflare

GET
H3 200 font-awesome.min.css
x2-win.com/css/ 27 KB
7 KB 46ms
43ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/css/font-awesome.min.css
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7b6-6b4a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KILb2QDt2%2F5EuMea1bhCk1TAfj2AeF5eTb7e%2Fj9YwvhrBaNBcCMc05wTguJC2Yifp8tpi7lNNIgHZ8RiPhrKVg6Igrzkcj0YZeNAcDCIk65gUQX4P2z8rj66zpZt"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15069&min_rtt=14746&rtt_var=1333&sent=27&recv=18&lost=0&retrans=0&sent_bytes=19286&recv_bytes=6255&delivery_rate=345518&cwnd=12000&unsent_bytes=0&cid=74582167111d0109&ts=150&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: text/css
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78368966703-AMS
server: cloudflare

GET
H3 200 style.css
x2-win.com/css/ 33 KB
9 KB 43ms
41ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/css/style.css
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2e62b38c88d1159f404d8eccc7bc05cd3e50b7a40734ddc1933caf41c1c3c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7b6-840f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53dx6J204ujBWWmK0MqWOO0cet59fkQMcDv3%2FTnRSH7fHdGSRbFLIGrR0T7LXQicWIiPtiNze%2BtjAAVrjvy4z6qR7J9AlufTWwa%2BzQaazN9h0iY9FPkbSMfhb%2F2%2B"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15069&min_rtt=14746&rtt_var=1333&sent=18&recv=18&lost=0&retrans=0&sent_bytes=9577&recv_bytes=6255&delivery_rate=345518&cwnd=12000&unsent_bytes=0&cid=74582167111d0109&ts=148&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: text/css
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78368996703-AMS
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 88ms
34ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,300,700

Requested by

Host: x2-win.com
URL: https://x2-win.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10a89bd297b0d31c29f4c75b83f10244b69a7ccfcf55f8a6f2a56dd1b09712b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 05 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 05 Jan 2025 16:02:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 jquery-2.1.4.min.js Show response
x2-win.com/js/ 85 KB
31 KB 72ms
71ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/js/jquery-2.1.4.min.js
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7d7-1538e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8PKUrI%2B8h%2FDJ9hQcDE5dcTuo9T%2FhtAM3ECazf2luluwKd5Ds7X7dlkxkpnuea0MFxczB7nN4p%2BEklJPS1DicT%2B33AL08OOc%2B9k%2Fy4XRwYmPtM0xJekfGLiJ0lfL"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15069&min_rtt=14746&rtt_var=1333&sent=29&recv=18&lost=0&retrans=0&sent_bytes=21577&recv_bytes=6255&delivery_rate=345518&cwnd=12000&unsent_bytes=0&cid=74582167111d0109&ts=155&x=1", cfExtPri, cfHdrFlush;dur=9
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: application/javascript
last-modified: Sat, 04 Jan 2025 22:36:07 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e783689a6703-AMS
server: cloudflare

GET
H3 200 jquery-ui.js Show response
x2-win.com/js/ 694 KB
135 KB 82ms
81ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/js/jquery-ui.js
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2508dc33e247681dd05e1beb2a23d524375d82a02a76b70dee92fcba5fbed743

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7d7-ad6c6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mawdNbWyOlLlGFop%2Fb%2Bp8th7EYzamNAc0ENDeAC4JKEsr3PQrCUDKZ3gK1tXOYvpALUnwsPAtrw5%2FJpPji%2B%2FIQwoNgs7BHXBIbF4jZ5C5A7NZ6pEQff7c6KWl6nf"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15126&min_rtt=14682&rtt_var=766&sent=48&recv=23&lost=0&retrans=0&sent_bytes=43286&recv_bytes=6470&delivery_rate=291208&cwnd=22800&unsent_bytes=0&cid=74582167111d0109&ts=166&x=1", cfExtPri, cfHdrFlush;dur=4
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: application/javascript
last-modified: Sat, 04 Jan 2025 22:36:07 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e783689c6703-AMS
server: cloudflare

GET
H3 200 jquery.countto.js Show response
x2-win.com/js/ 3 KB
2 KB 111ms
110ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/js/jquery.countto.js
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30307a7fec6de1fd6293e1947915518f5f70e67fc9f68235de3550f8297ac917

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7d7-c0c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAIcMONKxKJM%2BnQ%2FvGKi8gTQw0wLiCDYL5H7uKhfn3hyVaRk%2BG8Hy%2FZCAqq%2B0q%2FggGbxZgw92HdNWqa3eAe6rc1hIgOj6im2VcPrHqRtbcsnnpcQ7XWRwRxBI%2F3p"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15504&min_rtt=14682&rtt_var=722&sent=82&recv=31&lost=0&retrans=0&sent_bytes=81686&recv_bytes=7768&delivery_rate=512652&cwnd=37200&unsent_bytes=0&cid=74582167111d0109&ts=192&x=1", cfExtPri, cfHdrFlush;dur=2
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: application/javascript
last-modified: Sat, 04 Jan 2025 22:36:07 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e783b8dc6703-AMS
server: cloudflare

GET
H3 200 logo.png
x2-win.com/img/ 6 KB
6 KB 111ms
111ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/logo.png
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba396d789b0208feeb0e092b449a1744e91e5918cb2dbce893a80d7ca59b2f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7b6-1658"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUWHGXPN%2BvQwwR8LzXD95w7yjpdpeHQovkaTrU4gdzHoOMDpOivMgp2PihWD4gf%2FQxVraSmgs52hIJFr8bGLylz2aiShqOB3aQCLPo8iXaB57FJ9Gxa9j7mIw2Bu"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15507&min_rtt=14682&rtt_var=864&sent=142&recv=39&lost=0&retrans=0&sent_bytes=151872&recv_bytes=8114&delivery_rate=2136263&cwnd=70800&unsent_bytes=0&cid=74582167111d0109&ts=207&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/png
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e783c8f16703-AMS
accept-ranges: bytes
content-length: 5720
server: cloudflare

GET
H3 200 1797_Zm8H.jpg
x2-win.com/img/avatars/ 7 KB
7 KB 113ms
113ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/avatars/1797_Zm8H.jpg
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0d234de6e189a1e6cd2bb98357af3bdb934825190624f65b60c96738af61862

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7b9-1b23"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1DA0q%2ByiVHpnMuHzHWYgHNjAxtEYKoQ6faj2Jx7Xq%2FZ32ciB%2Fp8waVMs63LwVSuTBayA8EihFlJMUo%2BFlzsVA7zo3r%2BtoTwVlbnNv2kqssUM8NiEfE0SeHcn4C2"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15190&min_rtt=14564&rtt_var=670&sent=158&recv=43&lost=0&retrans=0&sent_bytes=170486&recv_bytes=8295&delivery_rate=2413282&cwnd=80400&unsent_bytes=0&cid=74582167111d0109&ts=212&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/jpeg
last-modified: Sat, 04 Jan 2025 22:35:37 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e783c8f26703-AMS
accept-ranges: bytes
content-length: 6947
server: cloudflare

GET
H3 200 fkwallet_small.png
x2-win.com/img/ps/ 2 KB
2 KB 50ms
48ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/ps/fkwallet_small.png
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64fd3058ef41c989aab7b333483c868e74c9a113dd3781e26b6733d82c31baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7b6-708"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOtuhG%2BfKjY0sIuWbjpqO6MgkEExNYaBhxTmasRFGvpOAkCq%2B4EQFkhxDenvGvDr5TIHhZf2KI2kKYIewas2MKdf%2FF2seaDDebaqoeZFitxBngQqpEcKALo49l2E"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15045&min_rtt=14444&rtt_var=332&sent=228&recv=63&lost=0&retrans=0&sent_bytes=246884&recv_bytes=11023&delivery_rate=4684472&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=274&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/png
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78429416703-AMS
accept-ranges: bytes
content-length: 1800
server: cloudflare

GET
H3 200 382_0xYN.jpg
x2-win.com/img/avatars/ 9 KB
9 KB 45ms
44ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/avatars/382_0xYN.jpg
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f6b90d09a729747732e3bb9387c8cb1a21f6cc4f73a009a4e9b2daae8cc817

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7c5-2253"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=de0cRJBVLURE4zPcVahqZiucWbAi%2BDhL5IANBa%2F1to%2Fh4ELOEOCnn7XzLB253W1tCLpxRIvAXpSfSYJp4t8InVq3IAjwyQn2XOCOs71k06JjNroS7chof74m3DMY"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15045&min_rtt=14444&rtt_var=332&sent=219&recv=63&lost=0&retrans=0&sent_bytes=237189&recv_bytes=11023&delivery_rate=4684472&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=268&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/jpeg
last-modified: Sat, 04 Jan 2025 22:35:49 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78429426703-AMS
accept-ranges: bytes
content-length: 8787
server: cloudflare

GET
H3 200 2961_S09r.jpg
x2-win.com/img/avatars/ 5 KB
6 KB 41ms
39ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/avatars/2961_S09r.jpg
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca0ac4365b5db197383039d8fa1bde8dc79538a74e238dea4ed675c9cb9ffe0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7d0-1517"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HcvG3d%2BNvjgXfuL7x%2BkRIl96tPvU6GmRfpDiqfQM7FhvOEdEfZrg11xml5q6VtMTQJVrLvOENku8gdxYZq6z%2BNKI7l8TvAocEYkOi3YPx5HNKv9Aqq1bjw4CBQy%2F"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15045&min_rtt=14444&rtt_var=332&sent=234&recv=63&lost=0&retrans=0&sent_bytes=251970&recv_bytes=11023&delivery_rate=4684472&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=282&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/jpeg
last-modified: Sat, 04 Jan 2025 22:36:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78439656703-AMS
accept-ranges: bytes
content-length: 5399
server: cloudflare

GET
H3 200 9658_hlHR.jpg
x2-win.com/img/avatars/ 8 KB
9 KB 85ms
84ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/avatars/9658_hlHR.jpg
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eb6b6452a3ea60ac2bd9c1242ffa84d224f40688b54f5a9c8ff6a81e21e1b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7cb-2183"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFr4434sOiZzWkDhSYQLS9N%2F0NpAVDF82KLWHgu8Wz1UagiePHjAFcb44yC4eKbqh45XCDlXDcOKdm8xggI6IpSxU1rn9LW0QuMy3Yb0pynhGVHXShUfdD7v4sNz"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15691&min_rtt=14444&rtt_var=816&sent=326&recv=69&lost=0&retrans=0&sent_bytes=356010&recv_bytes=12597&delivery_rate=801402&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=326&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/jpeg
last-modified: Sat, 04 Jan 2025 22:35:55 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78489b96703-AMS
accept-ranges: bytes
content-length: 8579
server: cloudflare

GET
H3 200 64_EXig.jpg
x2-win.com/img/avatars/ 9 KB
9 KB 79ms
78ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/avatars/64_EXig.jpg
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f484463d6daa37d477bf18524db8654417fc81f4696f23a97645d92ace368687

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7b8-22e1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UBgO4dQoFvbhZ6rXEk%2BuvVenpvPn6niIezTn1g03cy%2BWGT3%2BNwFRpBD9hr5ml8y5IbFFmPZyuOuhtvuNVEiZmR3UeEFKvQQEBX2Y1ThWxBf16MnrbiV4Df7jyt9g"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15691&min_rtt=14444&rtt_var=816&sent=313&recv=69&lost=0&retrans=0&sent_bytes=342045&recv_bytes=12597&delivery_rate=801402&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=321&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/jpeg
last-modified: Sat, 04 Jan 2025 22:35:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78489ba6703-AMS
accept-ranges: bytes
content-length: 8929
server: cloudflare

GET
H3 200 payeer.gif
x2-win.com/img/ 3 KB
4 KB 82ms
81ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/payeer.gif
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 464d65970e869421632096d069c8836c814f6ff97420e6934b3e62612a49d1d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7b6-cfa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACjtGlNSS6VjhW3HICU%2B%2FWzqMi0zjrg0E0qxnYu0DR%2F0XYiVSsTA46%2BDKx%2F0kPemrfY%2FpRokx7dMwvBZYs0FXD1ST29pwZzQWqLvz7xmqP0GcmRSo0EiIXGftMXv"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15691&min_rtt=14444&rtt_var=816&sent=322&recv=69&lost=0&retrans=0&sent_bytes=351891&recv_bytes=12597&delivery_rate=801402&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=324&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/gif
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78489bd6703-AMS
accept-ranges: bytes
content-length: 3322
server: cloudflare

GET
H3 200 sweet-alert.css
x2-win.com/css/ 12 KB
2 KB 41ms
40ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/css/sweet-alert.css
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9393c51566b57f676bb11f0c81ca4ce3a42618039c1d9e29b51291e406f783b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7b6-301e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uIEZmqlO8h72Uha6VVB8EI9daGZFnxtfaLivDMl6mKgpzugKJH%2F%2BGF9aIcrmnBaf4TY1rfwPAnqQLK3KDjEetqq1vg%2BC94pfzmSGF0IG0SZm43At3Mx84Py4AeaM"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15045&min_rtt=14444&rtt_var=332&sent=231&recv=63&lost=0&retrans=0&sent_bytes=249448&recv_bytes=11023&delivery_rate=4684472&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=282&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: text/css
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78439616703-AMS
server: cloudflare

GET
H3 200 sweet-alert.min.js Show response
x2-win.com/js/ 10 KB
4 KB 45ms
43ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/js/sweet-alert.min.js
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb62f1ff0cecb242ad694a3c39e90bfa48c0ac75a6d41f7cc20b2f790b7ac32e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7d7-2695"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36H7pRyNSf%2BJtCyPIp1lYojs5IwaLQ75jdBCnt2zDmonAzQO1JbC3GEsmDMBvBqXkjB7SzP9G7aP9IZItg%2F7tEFIMzm%2Bx34oSmTQ1po0zeoPVPvZUaGFOnF2Mups"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15045&min_rtt=14444&rtt_var=332&sent=240&recv=63&lost=0&retrans=0&sent_bytes=258209&recv_bytes=11023&delivery_rate=4684472&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=283&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: application/javascript
last-modified: Sat, 04 Jan 2025 22:36:07 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78439626703-AMS
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
x2-win.com/js/ 36 KB
10 KB 48ms
46ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/js/bootstrap.min.js
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6779b7d7-8fd0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zD%2FMKyihv8NcXHlsCs5g6u5TXADi7S5rEhjII5ESgRqMsXNE4buN9LmFvlOPpkgbIr89AmVGhj4xcygcKh4%2BixbRb2yQ1AH6%2BHbNe1Dft4dk2wLw0Qd4cBvgCg1"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15045&min_rtt=14444&rtt_var=332&sent=245&recv=64&lost=0&retrans=0&sent_bytes=262397&recv_bytes=11388&delivery_rate=4684472&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=284&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: application/javascript
last-modified: Sat, 04 Jan 2025 22:36:07 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78439636703-AMS
server: cloudflare

GET
H3 200 fkwallet_small.png
x2-win.com/img/ps/ 2 KB
0 34ms
33ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/ps/fkwallet_small.png
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64fd3058ef41c989aab7b333483c868e74c9a113dd3781e26b6733d82c31baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7b6-708"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOtuhG%2BfKjY0sIuWbjpqO6MgkEExNYaBhxTmasRFGvpOAkCq%2B4EQFkhxDenvGvDr5TIHhZf2KI2kKYIewas2MKdf%2FF2seaDDebaqoeZFitxBngQqpEcKALo49l2E"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15045&min_rtt=14444&rtt_var=332&sent=228&recv=63&lost=0&retrans=0&sent_bytes=246884&recv_bytes=11023&delivery_rate=4684472&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=274&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/png
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78429416703-AMS
accept-ranges: bytes
content-length: 1800
server: cloudflare

GET
H3 200 2961_S09r.jpg
x2-win.com/img/avatars/ 5 KB
0 45ms
45ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x2-win.com/img/avatars/2961_S09r.jpg
Requested by: Host: x2-win.com
URL: https://x2-win.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca0ac4365b5db197383039d8fa1bde8dc79538a74e238dea4ed675c9cb9ffe0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7d0-1517"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HcvG3d%2BNvjgXfuL7x%2BkRIl96tPvU6GmRfpDiqfQM7FhvOEdEfZrg11xml5q6VtMTQJVrLvOENku8gdxYZq6z%2BNKI7l8TvAocEYkOi3YPx5HNKv9Aqq1bjw4CBQy%2F"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15045&min_rtt=14444&rtt_var=332&sent=234&recv=63&lost=0&retrans=0&sent_bytes=251970&recv_bytes=11023&delivery_rate=4684472&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=282&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/jpeg
last-modified: Sat, 04 Jan 2025 22:36:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e78439656703-AMS
accept-ranges: bytes
content-length: 5399
server: cloudflare

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t16.6;r;s1600*1200*24;uhttps%3A//x2-win.com/;hX2Win;0.21096600310494584
https://counter.yadro.ru/hit?q;t16.6;r;s1600*1200*24;uhttps%3A//x2-win.com/;hX2Win;0.21096600310494584

175 B
661 B

58ms
57ms

Image
image/gif

88.212.201.204
UNITEDNET EDINAYA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t16.6;r;s1600*1200*24;uhttps%3A//x2-win.com/;hX2Win;0.21096600310494584

Requested by

Host: x2-win.com
URL: https://x2-win.com/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d4acbfdeb291a530eb07669191f3004464c6c71aaf6a9ea72496d36712a1c6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Fri, 05 Jan 2024 21:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 175
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Sun, 05 Jan 2025 16:39:26 GMT
Content-Type: image/gif
Server: nginx/1.17.9

Redirect headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Location: https://counter.yadro.ru/hit?q;t16.6;r;s1600*1200*24;uhttps%3A//x2-win.com/;hX2Win;0.21096600310494584
Pragma: no-cache
Connection: keep-alive
Expires: Fri, 05 Jan 2024 21:00:00 GMT
Content-Length: 32
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Sun, 05 Jan 2025 16:39:26 GMT
Content-Type: text/html
Server: nginx/1.17.9

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 26 KB
26 KB 63ms
29ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,300,700

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://x2-win.com
Referer: https://fonts.googleapis.com/

Response headers

age: 486745
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 01:27:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 01:27:01 GMT
last-modified: Thu, 14 Dec 2023 02:00:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26736
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 57ms
23ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,300,700

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://x2-win.com
Referer: https://fonts.googleapis.com/

Response headers

age: 458709
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 31 Dec 2025 09:14:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 31 Dec 2024 09:14:17 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 fontawesome-webfont.woff2
x2-win.com/fonts/ 65 KB
66 KB 46ms
46ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: x2-win.com
URL: https://x2-win.com/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://x2-win.com
Referer: https://x2-win.com/css/font-awesome.min.css

Response headers

cf-cache-status: MISS
etag: "6779b7b6-10440"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbFTS8ZpElYGTumqyikO8mW9ehW2LFmiB%2BHPdllt7KXrEC0vAj5XxLpVue%2BjqjKxyxeLUjazcgx6blBz32y9ivrXm25OyTcPKmg3zWVkDdZLHyjLnaueRrKOTHjk"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15691&min_rtt=14444&rtt_var=816&sent=255&recv=69&lost=0&retrans=0&sent_bytes=273167&recv_bytes=12597&delivery_rate=801402&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=313&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: font/woff2
last-modified: Sat, 04 Jan 2025 22:35:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e784699d6703-AMS
accept-ranges: bytes
content-length: 66624
server: cloudflare

GET
H3 200 favicon-32x32.png
x2-win.com/ 1 KB
2 KB 43ms
43ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x2-win.com/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82cc3fdf8a715917385fe98a6f798691dbbf29c4f367e9a8cbdb50ff980cfd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://x2-win.com/

Response headers

cf-cache-status: MISS
etag: "6779b7d7-545"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCpo1wmRXvzkAyiB5yzWZasWzTrDcwycIygB5ZL4zC0Zgc2E1Y6YPBuNiueOiSLsrLaipVq0co71A5dVs3lYUHukNNLfcxkW%2FHfgolQFbFrf%2FXILNejrPi6YRrbn"}],"group":"cf-nel","max_age":604800}
expires: Mon, 06 Jan 2025 16:39:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15745&min_rtt=14444&rtt_var=575&sent=335&recv=79&lost=0&retrans=0&sent_bytes=365496&recv_bytes=13374&delivery_rate=6047423&cwnd=117600&unsent_bytes=0&cid=74582167111d0109&ts=527&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 05 Jan 2025 16:39:26 GMT
content-type: image/png
last-modified: Sat, 04 Jan 2025 22:36:07 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fd4e785cac56703-AMS
accept-ranges: bytes
content-length: 1349
server: cloudflare

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| sweetAlertInitialize function| swal function| sweetAlert

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			x2-win.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: mr762g114o38b8pnpu51h6guu1
			.yadro.ru/	1970-01-21 10:59:20	Name: FTID Value: 1dUhM-1lnbex1dUhM-0029gD
			.yadro.ru/	1970-01-21 10:59:20	Name: VID Value: 1mmEgM0wEoux1dUhM-0029gb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
x2-win.com
142.250.186.35
188.114.97.3
2a00:1450:4001:82f::200a
88.212.201.204
10a89bd297b0d31c29f4c75b83f10244b69a7ccfcf55f8a6f2a56dd1b09712b6
2508dc33e247681dd05e1beb2a23d524375d82a02a76b70dee92fcba5fbed743
30307a7fec6de1fd6293e1947915518f5f70e67fc9f68235de3550f8297ac917
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
464d65970e869421632096d069c8836c814f6ff97420e6934b3e62612a49d1d5
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
54eb6b6452a3ea60ac2bd9c1242ffa84d224f40688b54f5a9c8ff6a81e21e1b2
5ba396d789b0208feeb0e092b449a1744e91e5918cb2dbce893a80d7ca59b2f0
66f6b90d09a729747732e3bb9387c8cb1a21f6cc4f73a009a4e9b2daae8cc817
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0d234de6e189a1e6cd2bb98357af3bdb934825190624f65b60c96738af61862
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a9393c51566b57f676bb11f0c81ca4ce3a42618039c1d9e29b51291e406f783b
b64fd3058ef41c989aab7b333483c868e74c9a113dd3781e26b6733d82c31baa
b82cc3fdf8a715917385fe98a6f798691dbbf29c4f367e9a8cbdb50ff980cfd3
c048b07c7327fa3e28b9f9ce709af86e906670434d6968e60d0b06b2f1d6fda6
d4acbfdeb291a530eb07669191f3004464c6c71aaf6a9ea72496d36712a1c6ab
dca0ac4365b5db197383039d8fa1bde8dc79538a74e238dea4ed675c9cb9ffe0
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
eb62f1ff0cecb242ad694a3c39e90bfa48c0ac75a6d41f7cc20b2f790b7ac32e
ee9fb7f29e99dc2ee7211edcdf519a8f6fd10aaf24a5e25f4877871b146d93fb
f484463d6daa37d477bf18524db8654417fc81f4696f23a97645d92ace368687
fc2e62b38c88d1159f404d8eccc7bc05cd3e50b7a40734ddc1933caf41c1c3c6
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995