hail0c.2qwin.top Open in urlscan Pro
2606:4700:3037::ac43:91c3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ad-opc.uapry0d.bid/
Effective URL:
https://hail0c.2qwin.top/
Submission: On March 23 via api (March 23rd 2024, 2:01:38 pm UTC) from US — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3037::ac43:91c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is hail0c.2qwin.top.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.

This is the only time hail0c.2qwin.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:ce4d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::6815:1ec6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.2.56.64 52.2.56.64	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3037::ac43:91c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3037::6815:bc6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:fed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
1	52.95.162.78 52.95.162.78	16509 (AMAZON-02) (AMAZON-02)
11	6

1 2606:4700:3034::ac43:ce4d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ad-opc.uapry0d.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1ec6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

oiurptz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.56.64 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: us-ip-2.short.io

1ru1.short.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:91c3 (United States)

ASN13335 (CLOUDFLARENET, US)

hail0c.2qwin.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::6815:bc6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.2q.capital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:fed (United States)

ASN13335 (CLOUDFLARENET, US)

h5.2q.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.162.78 (China)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-east-1.amazonaws.com

game-sport.s3-ap-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	2q.capital static.2q.capital	714 KB
1	amazonaws.com game-sport.s3-ap-east-1.amazonaws.com	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	2q.link h5.2q.link	1 KB
1	2qwin.top hail0c.2qwin.top	983 B
1	short.gy 1 redirects 1ru1.short.gy	85 B
1	oiurptz.co 1 redirects oiurptz.co	442 B
1	uapry0d.bid 1 redirects ad-opc.uapry0d.bid	456 B
11	8

	Domain	Requested by
6	static.2q.capital	hail0c.2qwin.top h5.2q.link
1	game-sport.s3-ap-east-1.amazonaws.com	h5.2q.link
1	fonts.googleapis.com	h5.2q.link
1	h5.2q.link	static.2q.capital
1	hail0c.2qwin.top
1	1ru1.short.gy	1 redirects
1	oiurptz.co	1 redirects
1	ad-opc.uapry0d.bid	1 redirects
11	8

This site contains no links.

Subject Issuer	Validity	Valid
2qwin.top GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
2q.capital E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
2q.link GTS CA 1P5	`2024-02-12` - `2024-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.s3.ap-east-1.amazonaws.com Amazon RSA 2048 M01	`2024-01-24` - `2025-01-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://hail0c.2qwin.top/
Frame ID: 9ADF30301E6413A530C473735818276E
Requests: 3 HTTP requests in this frame

Frame: https://h5.2q.link/sports
Frame ID: 6D9B61567D5C82C4B3C0A9A9E7D9B5B1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2q - QUALITY WITH SPORTSMANSHIP - Chất lượng đi đôi tinh thần thể thao

Page URL History Show full URLs

https://ad-opc.uapry0d.bid/ HTTP 301
https://oiurptz.co/xVfxRX HTTP 302
https://1ru1.short.gy/ysaqpp HTTP 302
https://hail0c.2qwin.top/ Page URL

Page Statistics

11
Requests

91 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

737 kB
Transfer

2468 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ad-opc.uapry0d.bid/ HTTP 301
https://oiurptz.co/xVfxRX HTTP 302
https://1ru1.short.gy/ysaqpp HTTP 302
https://hail0c.2qwin.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hail0c.2qwin.top/
Redirect Chain

https://ad-opc.uapry0d.bid/
https://oiurptz.co/xVfxRX
https://1ru1.short.gy/ysaqpp
https://hail0c.2qwin.top/

1 KB
983 B

731ms
587ms

Document
text/html

2606:4700:3037::ac43:91c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hail0c.2qwin.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:91c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d786a27e77d9a413357d059c351ff204e910ca700f27b651c3461a659ace3c6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 868ef42648fd4bbb-BUF
content-encoding: br
content-type: text/html
date: Sat, 23 Mar 2024 14:01:29 GMT
last-modified: Tue, 09 Jan 2024 11:54:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCkDglSer29GKsDFUHzpLcceOuoLOEcRKH0bV9ZXf9qSQY4QjamMvb8BCQIMaVlJzA064vKOYrqQMbc552w4OOpf0DS6pMeABUycSB%2Bo8FoY11zszGYEUlvqu6KFoO8BUOTN6OP1Io9lp%2BBTl%2BxG"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

content-length: 0
date: Sat, 23 Mar 2024 14:01:29 GMT
location: https://hail0c.2qwin.top/
x-powered-by: Short.io/Edge

GET
H2 200 main.2035cb5b.js Show response
static.2q.capital/build/2q/web/production/49d881f/static/js/ 139 KB
46 KB 3372ms
3241ms Script
application/javascript 2606:4700:3037::6815:bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.2q.capital/build/2q/web/production/49d881f/static/js/main.2035cb5b.js
Requested by: Host: hail0c.2qwin.top
URL: https://hail0c.2qwin.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fff37fe03fcbf329b9003a99c54f335b82921e24847f26f0072af56f9ade13e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hail0c.2qwin.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:01:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Jan 2024 03:09:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: PQPKHKVVMT2R4TTP
etag: W/"c652da097e0e497a3ba43290ae1fd352"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCDAymzXvoHGnm%2B8PC19TxA4AtoTt9uAKULR9XoBlJLQlSzQ%2Bq0FDCOrmQV3%2FnAphg5Mip75gtIEWjnthEDr1PbZU0VkD3wAMC3wqTQjYzRzWvFmRO%2BDrveNq6zLAh399KT2hu%2BcBnIV83BcWfB8BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 868ef42adc664bcd-BUF
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Dhuib3Ow3iRZF+GdubMXUPP5oNFZvkL3X1aGbdEXUNyw6Iw3Uf4KNTPz+jZTK1y6LyBmM1acC7M=

GET
H2 200 main.74b4fcaf.css
static.2q.capital/build/2q/web/production/49d881f/static/css/ 343 B
811 B 781ms
650ms Stylesheet
text/css 2606:4700:3037::6815:bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.2q.capital/build/2q/web/production/49d881f/static/css/main.74b4fcaf.css
Requested by: Host: hail0c.2qwin.top
URL: https://hail0c.2qwin.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a8d49cbe6449d6a22426e3c64db8a7abfde21052a76244ecf4507ae7f9b78d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hail0c.2qwin.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:01:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 10 Jan 2024 03:09:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: PQPHB30E7WPVWYGE
etag: W/"510ccdef8ef0fac07b9d7466027e0c3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOJBfn6LF8SFO5fu19isRyqFk2MldqH3hv9VXPVWwHfDqcEsqtkox9fz%2Fks5gpYCqXRPHu%2B2%2FFfkIfE%2FwW9kiz8jH4sXYU3RqikGbcfPESwsK0U4eEN%2BGqkTXBWXLLMT4pSPkHH9cvhhqVgDbRxyrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 868ef42adc654bcd-BUF
alt-svc: h3=":443"; ma=86400
x-amz-id-2: DhqyzrDo9PXza9DvwklFnDgl3xF9UAdqZ5UcAExli4J9a7n/7OiDbxfGjKRf5IMalFJWKOC4PvE=

GET
H2 200 sports Show response
h5.2q.link/ Frame 6D9B 2 KB
1 KB 708ms
552ms Document
text/html 2606:4700:3031::6815:fed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.2q.link/sports
Requested by: Host: static.2q.capital
URL: https://static.2q.capital/build/2q/web/production/49d881f/static/js/main.2035cb5b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:fed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a8928cb189090f519db2ace6204d0ed7ef7523daf72b05a58b2fcafa245cfa

Request headers

Referer: https://hail0c.2qwin.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 868ef4416d864bd8-BUF
content-encoding: br
content-type: text/html
date: Sat, 23 Mar 2024 14:01:34 GMT
last-modified: Wed, 20 Mar 2024 02:59:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtFAYjK9T%2BncRXfIggNlJzvK8jBBz9vjnJn1%2By1T1wxXbmrG4SsYSXIzm8Hrt5WmgH34AP7n1oD8SeA4dGClRZOhG%2B%2FcGvXaGVOFSWdVmeqWcJwMwkatpPJYD9yjbrO4xpXxSV%2BxFfDJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ Frame 6D9B 28 KB
2 KB 161ms
54ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alfa+Slab+One&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500&family=Roboto:wght@400;500;700&display=swap

Requested by

Host: h5.2q.link
URL: https://h5.2q.link/sports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5077d23c1e27e15209bd5a90b26b6cb46de84d3e3c70de34d4a744abb7efdb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.2q.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Mar 2024 14:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Mar 2024 14:01:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Mar 2024 14:01:34 GMT

GET
H2 200 react-lib.693d283b.js Show response
static.2q.capital/build/2q/h5/production/6122ba6/static/js/ Frame 6D9B 146 KB
48 KB 1451ms
1445ms Script
application/javascript 2606:4700:3037::6815:bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.2q.capital/build/2q/h5/production/6122ba6/static/js/react-lib.693d283b.js
Requested by: Host: h5.2q.link
URL: https://h5.2q.link/sports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68fc5b28adfa9270dbea806baa3945b9e8f12c30792f893dfe8b275b5ecc1ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.2q.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:01:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 02:58:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: QZPKAV9X4CNPSD2P
etag: W/"84af972b77272747799f5a8f385e5c70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bHbF%2BhLYnuouXb%2Fpe5SexH1Nu4dQrBniXVATLQkAsYUNLxqfoWlp%2FA2EHZxxQx5mSGOePmE%2BIGxPQT0RElVLWk5XYXLhCPfK92go%2BJVRP7V0CDtvBwblJq8Bz1DpVm3xeKe8rBdvEkUI48lmt9IeTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 868ef446de914bcd-BUF
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HOvBFspIwD4PuML/mijfJ8KDu51CtFWGyXcuCA2LOh6qpozbeulXBr5ghHGH4juMKLkPp+nIKiQ=

GET
H2 200 vendors.8bdcb0bc.js Show response
static.2q.capital/build/2q/h5/production/6122ba6/static/js/ Frame 6D9B 2 MB
512 KB 1936ms
1935ms Script
application/javascript 2606:4700:3037::6815:bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.2q.capital/build/2q/h5/production/6122ba6/static/js/vendors.8bdcb0bc.js
Requested by: Host: h5.2q.link
URL: https://h5.2q.link/sports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 327ab7049872b45b34b659e83b5b5c27d16a54774be01d039d8378d28e2bc196

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.2q.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:01:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 02:58:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: QZPQ18X4AZ43Z8DA
etag: W/"c14e50020e1c2b2bd1f8575920fb69e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEF1HtjHgUpL1n0uDSfnzpPecZhlZX2NAIBruVemieEeX0LSrL2eh2H%2FBM2AVMlIc3QaSWcuo5FQjKEfbou5VUh8AdF1NQyMfKYyuVZX8E1BpKMDvOnB4LFGOffhB%2B7LYw46u2aVuyfuQzi5oFzX6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 868ef446fe9a4bcd-BUF
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HWwFmxAu8d1pImodIK4CDhX4HQVnJfkQ2tfb/mT+4B1OxKHF7/MI/Vff39tOyITJc0U6MnqRsKI=

GET main.60703921.js
static.2q.capital/build/2q/h5/production/6122ba6/static/js/ Frame 6D9B 0
0

GET
H2 200 vendors.36f87648.css
static.2q.capital/build/2q/h5/production/6122ba6/static/css/ Frame 6D9B 52 KB
12 KB 1107ms
1102ms Stylesheet
text/css 2606:4700:3037::6815:bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.2q.capital/build/2q/h5/production/6122ba6/static/css/vendors.36f87648.css
Requested by: Host: h5.2q.link
URL: https://h5.2q.link/sports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d746647149eacfdf24453eeb1821909de4f71497bea295060a1bbca33aef397

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.2q.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:01:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 02:58:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: QZPPBJ5YW0EZ5JAX
etag: W/"2dce12e2ba31d99ee2bf90913e69dd7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7vMpptFLI0H1k67Og44bloXh0tgEHfDYvWh%2FFdIUQnTpKd%2BNr6oBr0DCtSjtfb2lYYOMTJF6R4lGuRsywQCs2TnJga0dz%2BN9BCOPyG9XQ1J7wTLY5IgdAVvM4Ah8ciXu35nU87RKRZxu7x24eIFqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 868ef446de8f4bcd-BUF
alt-svc: h3=":443"; ma=86400
x-amz-id-2: f2lCgeD6ArP3T62wztInHDurxennreMqi2HZS19QwFTaSR9Nma+KpZ/tpaxSj+JKg3mTNrQiRjE=

GET
H2 200 main.e1badd77.css
static.2q.capital/build/2q/h5/production/6122ba6/static/css/ Frame 6D9B 236 KB
96 KB 1402ms
1397ms Stylesheet
text/css 2606:4700:3037::6815:bc6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.2q.capital/build/2q/h5/production/6122ba6/static/css/main.e1badd77.css
Requested by: Host: h5.2q.link
URL: https://h5.2q.link/sports
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:bc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b8ce1388e558a56e76fe49484b235df71b86666beeb977b80d2065e62ba3a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.2q.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 14:01:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2024 02:58:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: QZPG1BP0Q0PCD3CX
etag: W/"334908ef5cd3268df020a724facafc44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enz9aAMJBofFJxP72Whnys1ZnzzMiE5nyE3%2FIuqYwa8VP%2BPIiv7YXq6F0p5nLWpu%2BwmPbNYFQ2Em2QSeBiXeYixAke75FmI1j%2BbIWYWN9HCzBdiwq%2BhaF0ZweKkqeAiTN0bgk0ZzwxaJEiKyiRrltA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 868ef446de904bcd-BUF
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2Za/Eq2H40EN2hxEXzW9Rzth+b5eMJJE2rLCvE3CI7FbT5HfJ3YyL2E0GICqwkINf3OPoIXKExI=

GET
H/1.1 200
OK gt4.js Show response
game-sport.s3-ap-east-1.amazonaws.com/app/ Frame 6D9B 19 KB
19 KB 760ms
243ms Script
text/javascript 52.95.162.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://game-sport.s3-ap-east-1.amazonaws.com/app/gt4.js
Requested by: Host: h5.2q.link
URL: https://h5.2q.link/sports
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.162.78 , China, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-east-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f108f9d8feb6f4389889f953dd10078a21d61095642c3d93a0ee8727b824a995

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.2q.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 23 Mar 2024 14:01:36 GMT
Last-Modified: Tue, 05 Mar 2024 09:21:29 GMT
Server: AmazonS3
x-amz-request-id: 069WGYE8D3KF4P1A
ETag: "3bab997e8a6d4ba226f262082138f00f"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 18973
x-amz-id-2: GO5fu9pjGRHm/MedzMfCnddl9ZiTH/rmEwdfLXg2RD140AjGkM1iuQ+j9GSvSmYFJPEyMGrQl1s=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.2q.capital
URL: https://static.2q.capital/build/2q/h5/production/6122ba6/static/js/main.60703921.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ru1.short.gy
ad-opc.uapry0d.bid
fonts.googleapis.com
game-sport.s3-ap-east-1.amazonaws.com
h5.2q.link
hail0c.2qwin.top
oiurptz.co
static.2q.capital
static.2q.capital
2606:4700:3031::6815:fed
2606:4700:3032::6815:1ec6
2606:4700:3034::ac43:ce4d
2606:4700:3037::6815:bc6
2606:4700:3037::ac43:91c3
2607:f8b0:4006:80e::200a
52.2.56.64
52.95.162.78
2a8d49cbe6449d6a22426e3c64db8a7abfde21052a76244ecf4507ae7f9b78d4
327ab7049872b45b34b659e83b5b5c27d16a54774be01d039d8378d28e2bc196
5077d23c1e27e15209bd5a90b26b6cb46de84d3e3c70de34d4a744abb7efdb4a
5fff37fe03fcbf329b9003a99c54f335b82921e24847f26f0072af56f9ade13e
7d746647149eacfdf24453eeb1821909de4f71497bea295060a1bbca33aef397
8d786a27e77d9a413357d059c351ff204e910ca700f27b651c3461a659ace3c6
c0a8928cb189090f519db2ace6204d0ed7ef7523daf72b05a58b2fcafa245cfa
e3b8ce1388e558a56e76fe49484b235df71b86666beeb977b80d2065e62ba3a0
e68fc5b28adfa9270dbea806baa3945b9e8f12c30792f893dfe8b275b5ecc1ed
f108f9d8feb6f4389889f953dd10078a21d61095642c3d93a0ee8727b824a995

hail0c.2qwin.top Open in urlscan Pro 2606:4700:3037::ac43:91c3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

75 %IPv6

8 Domains

8 Subdomains

6 IPs

2 Countries

737 kBTransfer

2468 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

hail0c.2qwin.top Open in urlscan Pro
2606:4700:3037::ac43:91c3 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

737 kB
Transfer

2468 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions