urlscan.io logo urlscan.io
SecurityTrails logo

pay2win.cc Open in urlscan Pro
172.67.72.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pay2win.cc/
Effective URL: https://pay2win.cc/
Submission: On May 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 172.67.72.91, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay2win.cc.
TLS certificate: Issued by E1 on April 10th 2024. Valid for: 3 months.
This is the only time pay2win.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.72.91 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 172.67.68.209 13335 (CLOUDFLAR...)
9 104.18.3.36 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 7
3    172.67.72.91 (United States)

ASN13335 (CLOUDFLARENET, US)
pay2win.cc
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    172.67.68.209 (United States)

ASN13335 (CLOUDFLARENET, US)
stores-api.billgang.com
t-api.billgang.com
9    104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
9 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 18648
321 KB
8 billgang.com
stores-api.billgang.com
t-api.billgang.com
10 KB
3 pay2win.cc
pay2win.cc
266 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
1 gstatic.com
fonts.gstatic.com
78 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
986 B
24 6
Domain Requested by
9 imagedelivery.net
4 t-api.billgang.com pay2win.cc
4 stores-api.billgang.com pay2win.cc
3 pay2win.cc pay2win.cc
1 www.youtube.com pay2win.cc
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com pay2win.cc
24 7

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
pay2win.cc
E1		 2024-04-10 -
2024-07-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
billgang.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
imagedelivery.net
E1		 2024-04-27 -
2024-07-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pay2win.cc/
Frame ID: C3D0E0F3ADEC155D5123607569A62D43
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/x90_LRoVDEo
Frame ID: C9926EFD2C5550EB98DB9E60032D7F37
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home — pay2win

Page URL History Show full URLs

  1. http://pay2win.cc/ HTTP 307
    https://pay2win.cc/ HTTP 307
    http://pay2win.cc/ HTTP 307
    https://pay2win.cc/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

96 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

676 kB
Transfer

1332 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pay2win.cc/ HTTP 307
    https://pay2win.cc/ HTTP 307
    http://pay2win.cc/ HTTP 307
    https://pay2win.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay2win.cc/
Redirect Chain
  • http://pay2win.cc/
  • https://pay2win.cc/
  • http://pay2win.cc/
  • https://pay2win.cc/
1 KB
912 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pay2win.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1cdd6196f3f1beaba9bf2fac3c4aa7278693c9cef1a1dad8e926b3e816bbe96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88269df2aef39948-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 12 May 2024 01:25:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZaHGn45RrLshAke86mhcOjWrUkPkPimJMPWyxz%2FrthJjTuBMnrQkgp5JrDlk4%2BTdHsfvtmSVmw2VH6fgoEV7a6oGA%2FqpFz7bkkLAGquPuaCSCqVkvr7ma11Ir4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://pay2win.cc/
Non-Authoritative-Reason
DNS
css2
fonts.googleapis.com/ 		2 KB
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 May 2024 01:25:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 May 2024 01:25:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 May 2024 01:25:56 GMT
index-CXDhXQE1.js
pay2win.cc/assets/ 		859 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay2win.cc/assets/index-CXDhXQE1.js
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a41594eb5294f9879799bf8327db5e422049fb4a68b40d618ffea34c52260e92

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Origin
https://pay2win.cc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 01:26:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 12 May 2024 01:26:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3U9oYwKpI5pM0ox4RdsOmMncgRB0hsv6eXGJTJTWRl20PVhZKEUFLqZWntTqv%2BP%2Fta73XtueBBV6KhLPnP8YoLa%2Fnvki%2BPlf8HiN7IqJJY9NttKM%2F0DgBHnvCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88269e20fd4a9948-FRA
alt-svc
h3=":443"; ma=86400
index-CSeDjF6Q.css
pay2win.cc/assets/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay2win.cc/assets/index-CSeDjF6Q.css
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Origin
https://pay2win.cc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 01:26:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 12 May 2024 01:26:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c16m0GUIYjYwEJQBV%2FTYnweLlhgcCsSk%2FhLx5RkjujXO4gl70b41YFBGLN5svOg4xpVHH%2B0CjDPrC60AMTNj0cSDGyFMKMjvdn6uwFiV73XvaL%2BXxDn664kbKKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88269e20fd4b9948-FRA
alt-svc
h3=":443"; ma=86400
general
stores-api.billgang.com/shops/pay2win.cc/ 		431 B
767 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/pay2win.cc/general
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-CXDhXQE1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc04118b6a217ad68cedb18e5a7b55ac24ca7b12b4faf3e027b18fc807647a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 01:26:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
20
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbPBxfPjCE4PTJtFZHiwgFyWIDxs47Zm%2F3GEAzQfOsSOm5s5IdhDDV9zao9EYzK62hkUYuIowSaCpezSpepJ3%2FSD54hTmabpHmkI4%2FpNYWqaoNDIqOVEKrrKLbaTw5M%2BrUrvifxX0pAZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
88269e43eb8cbba7-FRA
alt-svc
h3=":443"; ma=86400
settings
stores-api.billgang.com/shops/pay2win.cc/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/pay2win.cc/settings
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-CXDhXQE1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e34367c812d6d202ef07ab96b5c957dc6f644fbf256d7e97fc374df850e57f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 01:26:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
17
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFxA1SCwYZJH5VuCtRPRUwrpON7LKH3Ua39rDtdMpvVsI37mwEj55Kh7K4UNnfBEQweU6d5HAovVC7pZqA6%2BgH85a%2Bg%2FpZ31lujeecDZgy%2FO6XtwZimYm0WnEVhdgq8sB471nM%2F9TYf%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
88269e43eb8abba7-FRA
alt-svc
h3=":443"; ma=86400
w=100
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/w=100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c60e6a2dc8fe9b03078acae7f9b6a8b25f3fd7e7204d298d9fcaeb4fb379eb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=29+0 c=6+41 v=2024.4.1 l=2341
date
Sun, 12 May 2024 01:26:01 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2341
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfjFXpKtZekASzJuxAMPpCre1mNEWuYOetQxiZZywEDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e440bcb452e-TXL
iconSprite.svg
pay2win.cc/ 		0
0
%2F
stores-api.billgang.com/shops/pay2win.cc/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/pay2win.cc/%2F
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-CXDhXQE1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c28462a44a9beaf1dbb8da3093ed30c62f3471650e73a59b22cdf71b3268b8d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 01:26:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
145
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gYzXTHKDqDjwjkJfkhHyq0W6kuI9O0Dt8YmCWVNTDGI%2BCv3LAF81%2FPeTjbUW0W43w1Tfdzj%2FKLjNRKmSLZ14meQZFwyQpyWu9Pl%2BpisdswrG6WOcKV6c44T6RRfl7%2BKqcimMmLbQdCK"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
88269e447bd3bba7-FRA
alt-svc
h3=":443"; ma=86400
%2F
stores-api.billgang.com/shops/pay2win.cc/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stores-api.billgang.com/shops/pay2win.cc/%2F
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-CXDhXQE1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c28462a44a9beaf1dbb8da3093ed30c62f3471650e73a59b22cdf71b3268b8d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 01:26:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-time-ms
4
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uOTOJuKLprXB9tE0%2BswGxpaaOmj0fze4N9M9%2Bq3y17Kc%2BT8mvnAqReIMTADCAoo19%2BBfnqfPU60mT0OLlT43%2FyuN1xFWDh8DVkCalS%2FCFqe7QodJuEGrdyIRt6UHgbgcppJbzFvYdXq"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
88269e45cc50bba7-FRA
alt-svc
h3=":443"; ma=86400
p
t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/ 		54 B
462 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-CXDhXQE1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f876a018291ef6fc81be25f6f3a75bc448b6487a2876d35f15ec00f0a6fa469

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 01:26:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATBbbUmQAz1eeCw3tQHCjQjshcnhOSQ4D8Ls7PE0WGwEod4ut51qSzXUbgr0D8n9h4QEDUZtZzPzUnv2m6YJ7idzjTCCOeB2ZhVukdu3C9V8zMDCGx7k477ZQzSJg9zGbzJShg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
88269e449bdfbba7-FRA
alt-svc
h3=":443"; ma=86400
3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2
fonts.gstatic.com/s/bricolagegrotesque/v2/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bricolagegrotesque/v2/3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://pay2win.cc
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 00:02:02 GMT
x-content-type-options
nosniff
age
91439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78872
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 21:32:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 00:02:02 GMT
w=1920
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/fee34350-1597-4e0c-3248-c17183374c00/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/fee34350-1597-4e0c-3248-c17183374c00/w=1920
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
523243dee434c910e0f14c392221f59b9e08201c061bd69278eaead3794dffac
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=1199+400 c=0+0 v=2024.4.1 l=36122
date
Sun, 12 May 2024 01:26:01 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
36122
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfetrlGLavR9vUur1ilvad7ssep_fOabiIY6DV23sxDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e448ca5452e-TXL
w=500
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/w=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4a2a5eecd168ef543fbb90e26aefd03a9109cf8fe129a79f3370aef4e8a4c2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=1601+209 c=0+0 v=2024.3.2 l=13613
date
Sun, 12 May 2024 01:26:01 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
13613
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfjFXpKtZekASzJuxAMPpCre1mhi8yaH7pEf2-gNpVDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e448ca7452e-TXL
w=150
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7fec0087-9e74-461f-b523-62f95057ae00/w=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22c0f9d114ce72e4883f1c0cfad21e391518525fa4ac471ba27f75c81fa7174
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=36+0 c=5+73 v=2024.4.0 l=3480
date
Sun, 12 May 2024 01:26:01 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
3480
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfjFXpKtZekASzJuxAMPpCre1mr3a4R_Tyycf9pL2QDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e448ca9452e-TXL
s
t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/80249c62-6073-4e1a-9fe9-a232dfc62c49/ 		54 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/80249c62-6073-4e1a-9fe9-a232dfc62c49/s
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-CXDhXQE1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aca6d7900ace6f6831e30f92b00eb6467902347acc6fdfdc1042b27cb704e3a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 01:26:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9oKgxa2r0parWEsPXEhhCyOGzmbesc%2B4ZloFuC95yv4ciyoKUR4AQA4Wc5NOveipYw%2FUG5LhZ0Kbb%2BKRBzWCBzQ6zocJdpuD2aiahZChsMVQvBDf19Bzq7tzEHDIv8BcX8YdsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
88269e456c2abba7-FRA
alt-svc
h3=":443"; ma=86400
e
t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/80249c62-6073-4e1a-9fe9-a232dfc62c49/s/159b54e7-9019-441c-a509-6423fb54c4b7/ 		54 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/80249c62-6073-4e1a-9fe9-a232dfc62c49/s/159b54e7-9019-441c-a509-6423fb54c4b7/e
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-CXDhXQE1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74101ceb31b48dba75450950349cf9039501d43c003a441f139a0bb3b8670d3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 12 May 2024 01:26:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XDmdXPutTUpdryH7lZUs1fzr4hNTdykpb3hD%2B35e9Tn9tj9PHZyTQ6fJX2GjEVdX2bOI1hSAlHY9EaTOKdgyKwZdw95%2BSeSuCbcTkvGyMjaab2xUlv5WOdI4SyOyvuwHZ3UAwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
88269e463c82bba7-FRA
alt-svc
h3=":443"; ma=86400
e
t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/80249c62-6073-4e1a-9fe9-a232dfc62c49/s/159b54e7-9019-441c-a509-6423fb54c4b7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t-api.billgang.com/ae0ed146-0bc5-496b-a946-a79cf2995e19/t/p/80249c62-6073-4e1a-9fe9-a232dfc62c49/s/159b54e7-9019-441c-a509-6423fb54c4b7/e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pay2win.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88269e45dc53bba7-FRA
date
Sun, 12 May 2024 01:26:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcteChDmrtZSrxkGYxp4Hagy5UOcWXz%2FjsacCXeX58EPWzgRsJj6C0TrNAKMYyVdSniCAwcyh%2Fr1%2Fg8byC56i6FJmJXrFkEXOe7n6e9Hp8qzO%2B0eMJJaLRzMldHwCsRno6JcNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x90_LRoVDEo
www.youtube.com/embed/ Frame C992 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/x90_LRoVDEo
Requested by
Host: pay2win.cc
URL: https://pay2win.cc/assets/index-CXDhXQE1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://pay2win.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 12 May 2024 01:26:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
w=1280
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/d56a3b5b-847f-4329-9fc5-52542c81f600/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/d56a3b5b-847f-4329-9fc5-52542c81f600/w=1280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b20b52bb9b6a7de51e02b0ad9a1dc033a33b7069d959db026c4136d5224f72
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=32+182 c=36+229 v=2024.4.0 l=66579
date
Sun, 12 May 2024 01:26:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
66579
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfuyOeYm7614LYpQK4SzsxmNb0cqc3DLOvoRahjW0mDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e464f91452e-TXL
w=1280
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/900e3389-6918-411d-40d7-dde66a3ad000/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/900e3389-6918-411d-40d7-dde66a3ad000/w=1280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77fbd3c491cee3c339f6438444cfbbbf06f72aa5e61f910b0d85b5fdf52c3c97
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=1305+506 c=0+0 v=2024.4.0 l=54250
date
Sun, 12 May 2024 01:26:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
54250
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfTWICOJUnIZAluTqOoW4ciPiDcqc3DLOvoRahjW0mDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e464f95452e-TXL
w=1280
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/6dd08098-6e16-4539-191f-a9cabaffbe00/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/6dd08098-6e16-4539-191f-a9cabaffbe00/w=1280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d396e8ad90517bbbc5ebe43253d0b813198321b22899cefbbd9da30b82c4069f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=2108+108 c=47+331 v=2024.4.0 l=55332
date
Sun, 12 May 2024 01:26:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
55332
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfEMNsnS4oSgCx2MMpwkZqOReYcqc3DLOvoRahjW0mDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e464f98452e-TXL
w=1280
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/625f850d-df3f-4cd5-0add-77ce849ee900/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/625f850d-df3f-4cd5-0add-77ce849ee900/w=1280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b1cd5303db88e52a443d2317fb7cef37c68229d10869768c4c0daf4a982fc5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=629+210 c=0+0 v=2024.4.1 l=53919
date
Sun, 12 May 2024 01:26:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
53919
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfA6bX8rVnpOhHXeeo6nCn7aBrcqc3DLOvoRahjW0mDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e464f99452e-TXL
w=1280
imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/cdf613f3-909e-4a4e-e7a9-9bc276da2f00/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/cdf613f3-909e-4a4e-e7a9-9bc276da2f00/w=1280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f3d6f08366c5e1cb0901586b1e8ce7fb973cb81d34bbce31f3caca7e1cc0ce
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay2win.cc/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=662+195 c=0+0 v=2024.4.1 l=40270
date
Sun, 12 May 2024 01:26:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
40270
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfb52wi0mjn4iVomCAYnu_3utmcqc3DLOvoRahjW0mDQ"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public,max-age=172800,stale-while-revalidate=7200
accept-ranges
bytes
cf-ray
88269e464f9e452e-TXL

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pay2win.cc
URL
https://pay2win.cc/iconSprite.svg

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: ZNUKL-ZoOrA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ja1CcBiMSRs
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgTg%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
imagedelivery.net
pay2win.cc
stores-api.billgang.com
t-api.billgang.com
www.youtube.com
pay2win.cc
104.18.3.36
172.67.68.209
172.67.72.91
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5
1aca6d7900ace6f6831e30f92b00eb6467902347acc6fdfdc1042b27cb704e3a
1dc04118b6a217ad68cedb18e5a7b55ac24ca7b12b4faf3e027b18fc807647a8
27e34367c812d6d202ef07ab96b5c957dc6f644fbf256d7e97fc374df850e57f
2f876a018291ef6fc81be25f6f3a75bc448b6487a2876d35f15ec00f0a6fa469
50c60e6a2dc8fe9b03078acae7f9b6a8b25f3fd7e7204d298d9fcaeb4fb379eb
523243dee434c910e0f14c392221f59b9e08201c061bd69278eaead3794dffac
57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9
6c28462a44a9beaf1dbb8da3093ed30c62f3471650e73a59b22cdf71b3268b8d
77fbd3c491cee3c339f6438444cfbbbf06f72aa5e61f910b0d85b5fdf52c3c97
87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e
9e4a2a5eecd168ef543fbb90e26aefd03a9109cf8fe129a79f3370aef4e8a4c2
a41594eb5294f9879799bf8327db5e422049fb4a68b40d618ffea34c52260e92
b22c0f9d114ce72e4883f1c0cfad21e391518525fa4ac471ba27f75c81fa7174
b74101ceb31b48dba75450950349cf9039501d43c003a441f139a0bb3b8670d3
d396e8ad90517bbbc5ebe43253d0b813198321b22899cefbbd9da30b82c4069f
d7f3d6f08366c5e1cb0901586b1e8ce7fb973cb81d34bbce31f3caca7e1cc0ce
e1b20b52bb9b6a7de51e02b0ad9a1dc033a33b7069d959db026c4136d5224f72
e1cdd6196f3f1beaba9bf2fac3c4aa7278693c9cef1a1dad8e926b3e816bbe96
f3b1cd5303db88e52a443d2317fb7cef37c68229d10869768c4c0daf4a982fc5