vui.2qwin.top - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3031::6815:397b, located in United States and belongs to CLOUDFLARENET, US. The main domain is vui.2qwin.top.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.

This is the only time vui.2qwin.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3031::6815:397b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.150.61 172.67.150.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.208.160 172.67.208.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3

2 2606:4700:3031::6815:397b (United States)

ASN13335 (CLOUDFLARENET, US)

vui.2qwin.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.150.61 (United States)

ASN13335 (CLOUDFLARENET, US)

static.2q.capital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.208.160 (United States)

ASN13335 (CLOUDFLARENET, US)

h5.2q.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	2q.capital static.2q.capital	47 KB
2	2qwin.top vui.2qwin.top	4 KB
1	2q.link h5.2q.link
5	3

	Domain	Requested by
2	static.2q.capital	vui.2qwin.top
2	vui.2qwin.top
1	h5.2q.link	static.2q.capital
5	3

This site contains no links.

Subject Issuer	Validity	Valid
2qwin.top GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
2q.capital E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
2q.link GTS CA 1P5	`2024-02-12` - `2024-05-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://vui.2qwin.top/
Frame ID: D5E4B86611E8E6D638EB156086C834EE
Requests: 4 HTTP requests in this frame

Frame: https://h5.2q.link/sports
Frame ID: A3D73C56F0CDA383FA2446B582EBE837
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2q - QUALITY WITH SPORTSMANSHIP - Chất lượng đi đôi tinh thần thể thao

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

50 kB
Transfer

145 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response vui.2qwin.top/	1 KB 981 B	607ms 514ms	Document text/html	2606:4700:3031::6815:397b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vui.2qwin.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:397b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8d786a27e77d9a413357d059c351ff204e910ca700f27b651c3461a659ace3c6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86e9fd782e43da6f-MIA content-encoding br content-type text/html date Wed, 03 Apr 2024 15:11:15 GMT last-modified Tue, 09 Jan 2024 11:54:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lusye5V9yZ00yL9zBVWveZsLytN3lyPsIcEST8DOGvImsZ9xYyU0Q60UZ8QL18fO34%2BBfX4YZyxPrqGsd4q701KgQFSjhvqr2DXj%2Fbo%2B7DhiceutmwDLXROcWIfT6%2BuHwqBOZCIboFh5jiRM"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	main.2035cb5b.js Show response static.2q.capital/build/2q/web/production/49d881f/static/js/	139 KB 46 KB	3059ms 2986ms	Script application/javascript	172.67.150.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.2q.capital/build/2q/web/production/49d881f/static/js/main.2035cb5b.js Requested by Host: vui.2qwin.top URL: https://vui.2qwin.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5fff37fe03fcbf329b9003a99c54f335b82921e24847f26f0072af56f9ade13e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vui.2qwin.top/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 15:11:18 GMT content-encoding br cf-cache-status MISS last-modified Wed, 10 Jan 2024 03:09:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-request-id 3PSE5R35THF4FK6N etag W/"c652da097e0e497a3ba43290ae1fd352" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbvklD5ANblkXZ5RnSkxfKYAhhf2bS8%2FK%2FaZU3Jf%2Bc0nqgz%2F2DdlLObFInYC17hAAQ437hrLkBaCmPZqqNHa9NiLTlj6bBjAUlQquUzzRHF4Sn7efdLv50kbAepyhrPNsDzpAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86e9fd7bd9b68da2-MIA alt-svc h3=":443"; ma=86400 x-amz-id-2 NdiUWXruiUOGqeZiBLhw8gA0yyHEMY4hBpHuBZ5nDgDVE2iWWYbixNyvcTqKdCQwwXKZSvXeoIo=
GET H3	200	main.74b4fcaf.css static.2q.capital/build/2q/web/production/49d881f/static/css/	343 B 795 B	591ms 519ms	Stylesheet text/css	172.67.150.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.2q.capital/build/2q/web/production/49d881f/static/css/main.74b4fcaf.css Requested by Host: vui.2qwin.top URL: https://vui.2qwin.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2a8d49cbe6449d6a22426e3c64db8a7abfde21052a76244ecf4507ae7f9b78d4` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vui.2qwin.top/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 15:11:16 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 10 Jan 2024 03:09:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-amz-request-id Y44D2KK9NQ5D31DW etag W/"510ccdef8ef0fac07b9d7466027e0c3a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ILZSW%2Bk5DhTirBONcB1sGw5BbTl7aWu6bCLOGMi05BJOINQ9o1WZh0kaJfapz%2BIGDHjyUMONTWf9AHjFro9Zegdt8P9Zqd4A%2FipmK9wia7LAFkKACAMZ3eeosowxGiq2O9hPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 86e9fd7bd9b48da2-MIA alt-svc h3=":443"; ma=86400 x-amz-id-2 01opwJQtSuk9gXDbTYAfL1sJIchsKG/uPmYeH/UqqDgdrcQkL6V/rA6Pip9Hz34hqEcT8/Cm0uM=
GET H3	200	sports h5.2q.link/ Frame A3D7	0 0	657ms 524ms	Document text/html	172.67.208.160 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://h5.2q.link/sports Requested by Host: static.2q.capital URL: https://static.2q.capital/build/2q/web/production/49d881f/static/js/main.2035cb5b.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.160 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://vui.2qwin.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86e9fd8fdae8da77-MIA content-encoding br content-type text/html date Wed, 03 Apr 2024 15:11:19 GMT last-modified Wed, 03 Apr 2024 03:08:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejRyUsVHsEqhYoBH7Yn9mQZajFH8a36yuUch42BnATCb4sZ1fCONHTIx9NPCKsBnMqL8LlDiVfwPhGFSvlSJrukEiq2GcOLU31KEDq7iiHyGfeRf99cXvKgRFc%2Fx"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	favicon.ico vui.2qwin.top/	4 KB 3 KB	517ms 517ms	Other image/x-icon	2606:4700:3031::6815:397b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vui.2qwin.top/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:397b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `17afec7575e931bd5f7fd9fa62fd104552e267182eceed44fa48cdc9e6a3ef68` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vui.2qwin.top/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 15:11:19 GMT content-encoding br cf-cache-status MISS last-modified Tue, 09 Jan 2024 11:54:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"659d33e3-10be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BtqOgTKPSgkfTz%2FPXGGDlQN9n50YRhOe5DuOcG3CztogXIgxyAQzQt7Xr3hz6Ch1Ws0H4nAy5JcXPgYWWia4m8%2FsvrpNMSGX%2F3i4nKqyuGXFGh9hKG83Esdhuj9k8anVQsdSEVDxL2lu3KK"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 86e9fd8f0902da6f-MIA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

h5.2q.link
static.2q.capital
vui.2qwin.top
172.67.150.61
172.67.208.160
2606:4700:3031::6815:397b
17afec7575e931bd5f7fd9fa62fd104552e267182eceed44fa48cdc9e6a3ef68
2a8d49cbe6449d6a22426e3c64db8a7abfde21052a76244ecf4507ae7f9b78d4
5fff37fe03fcbf329b9003a99c54f335b82921e24847f26f0072af56f9ade13e
8d786a27e77d9a413357d059c351ff204e910ca700f27b651c3461a659ace3c6

vui.2qwin.top Open in urlscan Pro 2606:4700:3031::6815:397b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

50 kBTransfer

145 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

vui.2qwin.top Open in urlscan Pro
2606:4700:3031::6815:397b Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

50 kB
Transfer

145 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions