get.pubgmax2.com Open in urlscan Pro
2606:4700:3034::6815:dac Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://get.pubgmax2.com/
Submission: On November 08 via api (November 8th 2023, 11:10:00 pm UTC) from US — Scanned from US

Summary HTTP 72 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 11 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3034::6815:dac, located in United States and belongs to CLOUDFLARENET, US. The main domain is get.pubgmax2.com.
TLS certificate: Issued by GTS CA 1P5 on October 19th 2023. Valid for: 3 months.

This is the only time get.pubgmax2.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6815:dac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 25	2606:4700:303... 2606:4700:3031::ac43:ab2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	185.150.190.236 185.150.190.236	23470 (RELIABLESITE) (RELIABLESITE)
7	2600:1400:900... 2600:1400:9000::687e:775b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:823::200a	() ()
1	65.21.235.194 65.21.235.194	() ()
1	2607:f8b0:400... 2607:f8b0:4006:809::2003	() ()
72	11

1 2606:4700:3034::6815:dac (United States)

ASN13335 (CLOUDFLARENET, US)

get.pubgmax2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:3031::ac43:ab2d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tjypaebw.aweeh.works	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.150.190.236 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1400:9000::687e:775b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.235.194 (None, )

ASN- ()

l.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	aweeh.works 2 redirects tjypaebw.aweeh.works	401 KB
12	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18725	325 KB
7	pubgmobile.com www.pubgmobile.com — Cisco Umbrella Rank: 45903	84 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com	60 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	25 KB
1	gstatic.com fonts.gstatic.com	8 KB
1	top4top.io l.top4top.io a.top4top.io Failed	20 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	32 KB
1	pubgmax2.com get.pubgmax2.com	913 B
0	hardenize.com Failed badge.hardenize.com Failed
0	jefanyastore.biz.id Failed jefanyastore.biz.id Failed
72	11

	Domain	Requested by
25	tjypaebw.aweeh.works	2 redirects get.pubgmax2.com tjypaebw.aweeh.works
12	i.postimg.cc	tjypaebw.aweeh.works
7	www.pubgmobile.com	tjypaebw.aweeh.works
2	ajax.googleapis.com	tjypaebw.aweeh.works
2	cdnjs.cloudflare.com	tjypaebw.aweeh.works
1	fonts.gstatic.com	fonts.googleapis.com
1	l.top4top.io	tjypaebw.aweeh.works
1	code.jquery.com	tjypaebw.aweeh.works
1	fonts.googleapis.com	tjypaebw.aweeh.works
1	get.pubgmax2.com
0	badge.hardenize.com Failed	tjypaebw.aweeh.works
0	a.top4top.io Failed	tjypaebw.aweeh.works
0	jefanyastore.biz.id Failed	get.pubgmax2.com tjypaebw.aweeh.works
72	13

This site contains no links.

Subject Issuer	Validity	Valid
pubgmax2.com GTS CA 1P5	`2023-10-19` - `2024-01-17`	3 months	crt.sh
aweeh.works GTS CA 1P5	`2023-09-17` - `2023-12-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
postimg.cc R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
wetv.acc.qq.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-30` - `2024-10-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.top4top.co R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://get.pubgmax2.com/
Frame ID: 7A5EFD731F5203EBF6EC4854FFC9271A
Requests: 4 HTTP requests in this frame

Frame: https://tjypaebw.aweeh.works/uteRPsHa/
Frame ID: CF39B698DFAA1CF5B2408BC91AE84565
Requests: 68 HTTP requests in this frame

Frame: https://tjypaebw.aweeh.works/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 38059971F9D4AEA1212C01B23E56B44D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

www.pubgmobile.com

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

69 %
HTTPS

80 %
IPv6

11
Domains

13
Subdomains

11
IPs

1
Countries

954 kB
Transfer

1441 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://tjypaebw.aweeh.works/uteRPsHa HTTP 301
https://tjypaebw.aweeh.works/uteRPsHa/

Request Chain 71

https://tjypaebw.aweeh.works/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://tjypaebw.aweeh.works/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
get.pubgmax2.com/ 1 KB
913 B 926ms
803ms Document
text/html 2606:4700:3034::6815:dac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.pubgmax2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:dac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994b286c743216ce3d22f56fa8e001287d36bff5313a988ee73e527598fb3294

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82317c7deeeb4bc1-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 23:09:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEczDjoJfz9HJY0WDPEtQplvgzLq5laLYNGAV%2B693sK76RN3fVO2si1jtFTzw%2F5G0%2FzNJcD3Z4uHgn5zQQwoe%2B7VB3oaEojuqxQwQ9QN9uQDGD0dVucfIj7KSUnuwvEl%2BYpsrPpTFOiQazV5EzGl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

GET bootstrap.css
jefanyastore.biz.id/css/ 0
0

GET jquery.js
jefanyastore.biz.id/js/ 0
0

GET bootstrap.js
jefanyastore.biz.id/js/ 0
0

GET
H2

200

/ Show response
tjypaebw.aweeh.works/uteRPsHa/ Frame CF39
Redirect Chain

https://tjypaebw.aweeh.works/uteRPsHa
https://tjypaebw.aweeh.works/uteRPsHa/

17 KB
4 KB

279ms
278ms

Document
text/html

2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/
Requested by: Host: get.pubgmax2.com
URL: https://get.pubgmax2.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f926eeabc3c8f4dcca6e9846558b928f425c8db42fdcb398c38a4fc2ddca415

Request headers

Referer: https://get.pubgmax2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82317c8a4da04bcc-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 23:09:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGxAEi0mGu408EeOKy2%2Bvs1GO14eWP9C6V9mRNmk58ve0kPk5HfKWFr7Al8rNTtOuIDm93MPFO1rI4iIQFdBkvWsDbZuluzu5F%2Fb07OOmIXqsCxWVWonH6ty3O2KokEjPfCwWCvTM1r6gmNOul2JTG43mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82317c858d6b4bcc-BUF
content-type: text/html
date: Wed, 08 Nov 2023 23:09:56 GMT
location: https://tjypaebw.aweeh.works/uteRPsHa/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9CXtziO1sMmaZaxbiLWl2kkOTbfAJA9K59JV9FIY7pamrvVRPTHSRMLmzLxAGM5u4uBexE06ZcqQHuBzqu6Gi%2FUgqMUAdltZC1r2f4rtufddjj1KfNAch5k3GsetmstAFtzYF6a%2FOeHOtRPje0W67jl5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-turbo-charged-by: LiteSpeed

GET
H3 200 Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js Show response
tjypaebw.aweeh.works/cdn-cgi/apps/head/ Frame CF39 7 KB
3 KB 218ms
215ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/cdn-cgi/apps/head/Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888c6a625903f44837cc6bb42bbbb8ebdbf8f668d55e3d8124447202d26a3f98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:56 GMT
x-amz-version-id: .9ASEwq_9SL4hQie_eNzb_QrYor3UKxG
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YJ338HKDE0R3C6GH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YoZa2XGOic3L6Ky8isOcGRvWL/hY9NUc5gC0TU9AcLfbHcYLDagPZ+OcMJqBEkWmCdTPEt2uqIk=
last-modified: Fri, 29 Sep 2023 11:25:42 GMT
server: cloudflare
etag: W/"1a1c7dd75629431f6ef9734a53ab7bf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FT2vr8RnSEx1JbfDwFcR5BKKc8qea7dvVkS%2F%2BQQBU1jugO0TQYR4TIas376zN7Kd1VWdQ4HigP7fDsSY3w4l6ePMmhycVgPERP5%2FD9k%2F9qOCWQxBgTk143jhL7eDaUySRhwUfh1K93rgizzB5YJoWsNzKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82317c8dcfbe4bc6-BUF

GET
H3 200 css
tjypaebw.aweeh.works/uteRPsHa/index_files/ Frame CF39 61 KB
61 KB 1033ms
1029ms Stylesheet
text/plain 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/index_files/css
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 28 Sep 2023 19:09:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BYupnGiS5rxlasEI%2Fg3FVJdZlfrv1bEDl%2Bir69IJbyrZ2fhf6nFriHyHELdMuqNM3UWNnKQaOmWa7MHPoi89iR7LxrIZE3%2BX5uMbINOFIRdmVTqB%2FKXw5xHYreZHeXb1ZHQUx82TGySRKkSNn95iFth4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82317c8dcfbf4bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 62268

GET
H3 200 facebook.css
tjypaebw.aweeh.works/uteRPsHa/css-zone/ Frame CF39 3 KB
1 KB 280ms
277ms Stylesheet
text/css 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/css-zone/facebook.css
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b898452f03fd2c697ba1a2e85ad04feee12c40f88cc8fa7cf5ebfea7739cc3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:08:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dh%2FAfSHny8N9oTF40bhuGZ1%2BcjiJqJSAvES1RpNGT5zxZrieOJb7GxfilPKTV%2FdoBgvzeQkUmHjXszoZdfT5CnUuZDJgcUH1oHJ%2FRxXMzle5%2BDrvAThYdpWPSA%2B%2Bwx5CWtGnuF0SW4Y81rW82DQf6KajVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c8dcfc04bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:56 GMT

GET
H3 200 twitter.css
tjypaebw.aweeh.works/uteRPsHa/css-zone/ Frame CF39 2 KB
1 KB 765ms
762ms Stylesheet
text/css 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/css-zone/twitter.css
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1acfddee2809ab2a0e5eb0eba0168f77109bbd4c2261cf96a94d9f3cea4177

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SgrOE7Ei8AQz4SH9AmwohwgvGc8YsfgKZN3MdELDrBZs1S%2BisipA4gpfxZbZrduPnxn2ETObxKBO9PNYqlJgCdedHjOT04u5WQ68N6GGe61Y%2F6X5goT%2Br7BRJmyD%2FhesiQl9eVF7jx55njdTcXql4E1Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c8dcfc14bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame CF39 1 KB
867 B 119ms
43ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Teko&display=swap

Requested by

Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74645aff170342b2e0542c9bb414d26c3eeffe3f3f0f0e529d17c6d3c3262457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Nov 2023 23:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 23:09:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Nov 2023 23:09:56 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ Frame CF39 100 KB
19 KB 120ms
44ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Requested by

Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1193931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18778
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-495a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo976biAyY1XxNV4t3lazaz1Z%2BjlW6ZN%2BWpJfWc4%2BjzGoIbjdXy4wwaBJhKyHOAZSMypzjjzgpRiKXPvPifczKhFg7Ycvj3qS0OCJjVNGOdTwiJn%2Fn7XDW6P6FveHUMCKY3YiZ22louK6dESofSsoP1d"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82317c8e3dc74bd5-BUF
expires: Mon, 28 Oct 2024 23:09:56 GMT

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ Frame CF39 69 KB
6 KB 121ms
46ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1279616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMHqx5nK7Y5I7CqS8vtuPuDclblsZ76hPEtKNK8TPsF3%2BTdEDcfh54T03MOvqEQ%2FkFgpc4IEAveji4NTaCKLg04I9q8WSUUrD11LGBiUCkp2YcBv0Imda0YgAzOixoQxx%2BFFEb%2FgrRJx6%2BHjZBVq2sfC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82317c8e3dc84bd5-BUF
expires: Mon, 28 Oct 2024 23:09:56 GMT

GET
H3 200 jquery.js Show response
tjypaebw.aweeh.works/uteRPsHa/js-zone/ Frame CF39 2 KB
871 B 761ms
759ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/js-zone/jquery.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb0c196bf3eacc5d9893e0253c3ef6079965edf37b92d63a32c40e001d26d1a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:18:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJx%2B%2FxcHnWffMY7eJA5Atda%2BCVLW0r9l2WZQITRuvZvp9e%2FtHPHWHkCSjT80KlVd9ocqLS%2FfDeIS5qdo0YmyCm3t2QnKznLk4KdRpR43rK%2BfomqoSJMyiwEewK5lfEoipyVx4tYpzbe6rHcSB9ijXzWODA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c8dcfc24bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:57 GMT

GET
H3 200 main-zone.js Show response
tjypaebw.aweeh.works/uteRPsHa/js-zone/ Frame CF39 610 B
842 B 769ms
766ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/js-zone/main-zone.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a66a6f467e40c2ef0c8f0c6c77ff558538b20a4f9f0ce7c9c31331df5bf4b9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:08:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4Favkxm1S0atbmXsOVvBTrkIITEV6d6OgE4GenSHCm%2Fidn%2BXffwgW9FyYKvxZ0ZKMIgQW4V724fzg3gnwmu4F9pUDMWDVXQJM2xW8X3LhY7N3M5WaMkVlYGJ3xh2YuKIz6i9f6vojJplcFRyNueWdeZ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c8dcfc34bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:57 GMT

GET
H3 200 myScript.js Show response
tjypaebw.aweeh.works/uteRPsHa/js-zone/ Frame CF39 3 KB
1 KB 770ms
768ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/js-zone/myScript.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aad8ddda2cd9faac4f322b2eeec68de1a2496f91671b971cf4537d97534a358b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:08:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB41BoGF7qWXMGITYvWRedMgXIiWypNoH0ZxOtIeSvd7aj%2BU1jVrui2FonO6uJRaD1GwYtvYwOeO0k7on9u%2BgXhozG9%2FX7MYyxAzRIFksIcXllOh00rpMX7V81vcfH4u3N1ZLSvXpXqlv1BOZI3ko1oVYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c8dcfc44bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:57 GMT

GET
H2 200 image.png
i.postimg.cc/bJHQMV6D/ Frame CF39 181 KB
182 KB 117ms
42ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/bJHQMV6D/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0dac093e625ead75965511be6237704467b593ac678574b136383f2ef1064232

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:56 GMT
last-modified: Thu, 28 Sep 2023 12:14:48 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 185530
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nav_shop.svg
www.pubgmobile.com/en/images/ Frame CF39 993 B
666 B 448ms
33ms Image
image/svg+xml 2600:1400:9000::687e:775b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_shop.svg
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:775b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
server: nginx
etag: "62387c82-3e1"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 526

GET
H2 200 nav_language.svg
www.pubgmobile.com/en/images/ Frame CF39 1 KB
816 B 260ms
35ms Image
image/svg+xml 2600:1400:9000::687e:775b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_language.svg
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:775b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
server: nginx
etag: "62387c82-45b"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 675

GET
H2 200 nav_menu.svg
www.pubgmobile.com/en/images/ Frame CF39 884 B
567 B 36ms
33ms Image
image/svg+xml 2600:1400:9000::687e:775b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_menu.svg
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:775b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
server: nginx
etag: "62387c82-374"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 426

GET
H2 200 nav_download.svg
www.pubgmobile.com/en/images/ Frame CF39 1007 B
649 B 47ms
45ms Image
image/svg+xml 2600:1400:9000::687e:775b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/nav_download.svg
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:775b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:57 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
server: nginx
x-akamai-ew-subworker: 8096267
etag: "62387c81-3ef"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 485

GET
H3 200 1.jpg
tjypaebw.aweeh.works/uteRPsHa/img/header/ Frame CF39 77 KB
78 KB 557ms
551ms Image
image/jpeg 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/img/header/1.jpg
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c4aa6ee0a06bfc116a512e01e3119e2675b32657d3eaac8f1e934d7b1f26e1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:10:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kdb3SepCkRYx9uHsWoifza0Uy6sfHvgStOeVY1chvanbf0EjpcbYL8vWTRmBm9qMo0vQECBx1z5iEGnUtXcUoahs%2BnO%2BjgPppJscrfelKsHG71UOY9djdZ%2BZ6UFjVv%2BWiJe0hzBlIOz0JbG1pGyKNkE3zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82317c9c58604bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 78913
expires: Wed, 15 Nov 2023 23:09:59 GMT

GET
H3 200 2.jpg
tjypaebw.aweeh.works/uteRPsHa/img/header/ Frame CF39 75 KB
75 KB 540ms
533ms Image
image/jpeg 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/img/header/2.jpg
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e7cad8ba04f3f8de1e5ad62a1660b10e18fb39a58cbc60b9951df8b84e60e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:10:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYUpWPxie%2FqhZ%2BVycUKXfK%2FD4mw%2BJoxD10QVacVarreNDnUp3mWjsTjs5b%2B%2B3KjCxPp8P9MsAReIYSIP4iQ6KaUEpwUYgCke7Nh1MnSYhBFtqyBG8U4fzNqn5MVMFrDs7WIqpgO6gM1Ssb9AORfo%2BRDJvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82317c9c58614bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 76484
expires: Wed, 15 Nov 2023 23:09:59 GMT

GET 3.jpg
tjypaebw.aweeh.works/uteRPsHa/img/header/ Frame CF39 0
0

GET
H3 200 draw.png
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 46 KB
46 KB 767ms
761ms Image
image/png 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/img/draw.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6595f4df7bf22f69608fac32651aed9f58b702a1a54f9d31e0b48518b9a8a526

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:10:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BLwTxj%2FPmWoE0lAIK1zspbL3AQ5kQcz8NTsidiYNgnj4Ub8L79iEclv8VNKqJQ6wxmomse4ernxPRQ94IxEIOV6k4%2FFoH3u%2BVozGJeIqoi%2Fvqyywz4GpoFQhxdPHDosvkjjGkzYvVTlq4%2FvD9qUoebsdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82317c9c58634bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 46780
expires: Wed, 15 Nov 2023 23:09:59 GMT

GET
H3 200 btn_arrow.png
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 535 B
1 KB 799ms
793ms Image
image/png 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/img/btn_arrow.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc817d67088cb1f92b2f69d174afe3b3d331e64603c793926021bea36c5cfd63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNkJQ2c9N6WSM3Vk4%2F8unwsSpTclqhl5RbraaBXBQ5EzHntx9NsfZAUimYuChOeyIsJhXVTsORuCtwJP36fXmin5cLmX7N8v0iTabHhSm7s4%2Ftg0aHJIH0We2%2FBEaiie3LypRWNqZ%2BjJ3kMQHE0mpnzD5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82317c9c58644bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 535
expires: Wed, 15 Nov 2023 23:09:59 GMT

GET loading.gif
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 0
0

GET
H3 200 logo.png
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 2 KB
2 KB 290ms
285ms Image
image/png 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/img/logo.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8609dea9fe0f75612cb164c627545e3cba6f05a9554f0495058b466d8fff3cec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:10:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LhvDLeXlmUrnVWY0m8Yi7mppAhIeLG6C9vN9Zm4gtxNg4VhdsEOMM1g%2FhYMUutmsRGOWkJMMUKZuLxbsooG2SGN78AHw%2F4b5OmrKg5CkvRDgH29nAlrM1ClJ%2Fj78pGOD%2FTFETOmDy6HV0HjIRPxnTSVig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82317c9c58664bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 1995
expires: Wed, 15 Nov 2023 23:09:59 GMT

GET
H2 200 image.png
i.postimg.cc/76m50FsV/ Frame CF39 597 B
839 B 36ms
29ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/76m50FsV/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: aa94fc3c382d367a0b58185d22854dc88ab88b69acd1cb1d769bf662815183a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:15:22 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 597
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image.png
i.postimg.cc/fL4G5yFW/ Frame CF39 923 B
1 KB 36ms
29ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/fL4G5yFW/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 12bb0ea8687a5e8961feacd72da3589b711423ca95b3bdfe4865902362798cce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:15:47 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 923
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image.png
i.postimg.cc/BZmhntg8/ Frame CF39 768 B
1010 B 36ms
29ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/BZmhntg8/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 13015a5fac4b81b188ea1734870d2fa9f51bc23c501a9177fd868430d5ecafbe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:16:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 768
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image.png
i.postimg.cc/63909N4L/ Frame CF39 1 KB
1 KB 36ms
29ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/63909N4L/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: ce65b40153011799684ab726aedcef91650509610170c90dae4f20eb93874ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:16:11 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1075
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image.png
i.postimg.cc/5t9gJVC5/ Frame CF39 854 B
1 KB 36ms
30ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/5t9gJVC5/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2736e8f1475b982dc48da8f9fe803271ce0535f04c5d19e401018afa358f8fba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:16:24 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 854
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image.png
i.postimg.cc/YCDG4KPz/ Frame CF39 4 KB
4 KB 36ms
30ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/YCDG4KPz/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 027a20dbe5724ee97554d3a0b3782c21189ac0a9332b16770423ab5966cb1f0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:16:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 4070
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image.png
i.postimg.cc/d14zF633/ Frame CF39 15 KB
16 KB 40ms
34ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/d14zF633/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 93d1a9a07775c1e50d15c2342ea1bdb3f67bd4380a4e48ab63f19f50a60fcc08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:16:48 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 15713
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
www.pubgmobile.com/act/a20180515iggamepc/ Frame CF39 6 KB
6 KB 44ms
38ms Image
image/avif 2600:1400:9000::687e:775b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/act/a20180515iggamepc/logo.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:775b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: cde9945e91f0e51058869d687cd24c8f58804f25623999f1291c71b3697093b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Mon, 08 May 2023 08:25:46 GMT
server: Akamai Image Manager
etag: "5ff6baa2-3bf2"
content-type: image/avif
cache-control: private, no-transform, max-age=43200
content-length: 6055
expires: Thu, 09 Nov 2023 11:09:59 GMT

GET
H2 200 image.png
i.postimg.cc/3Nj97JnB/ Frame CF39 75 KB
76 KB 40ms
34ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/3Nj97JnB/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 856bdfd603e2cd07895f5f1fd37368e2ddf94a1e034b576cdcb557f5f17c2905

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:17:04 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 77036
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image.png
i.postimg.cc/L6NBVW7n/ Frame CF39 30 KB
30 KB 39ms
33ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/L6NBVW7n/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d64a853f17814baa1bf33385a2a0682b1fd17e6b93e17325374a0e9ed746b01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:17:22 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30433
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_logo.jpg
www.pubgmobile.com/id/event/royalepass10/images/ Frame CF39 73 KB
74 KB 46ms
41ms Image
image/jpeg 2600:1400:9000::687e:775b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:775b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
server: nginx
etag: "614196e3-1258d"
content-type: image/jpeg
cache-control: max-age=259
accept-ranges: bytes
content-length: 75149
expires: Wed, 08 Nov 2023 23:14:18 GMT

GET
H2 200 image.png
i.postimg.cc/TwKYZK2z/ Frame CF39 464 B
706 B 39ms
34ms Image
image/png 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/TwKYZK2z/image.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 989f7e1e61dd297d69a5582edbb8cb477cc04ccf977534eb04d72df49db0bcb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Thu, 28 Sep 2023 12:17:38 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 464
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.min.js.download Show response
tjypaebw.aweeh.works/uteRPsHa/index_files/ Frame CF39 85 KB
85 KB 1010ms
1010ms Script
application/octet-stream 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/index_files/jquery.min.js.download
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:58 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 28 Sep 2023 19:08:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phK8xDXNEFX%2BAcK9%2FEGl5tNpjrvgtx5htN%2BG6NxQszZ7C%2BA2SDy1v7ueVwvhoImfMZUMSreJNVkjECoFnlvUOLtin5KcWD%2FEfiy1eSbKThofJf2QhYDa0ph43R8UYKWqDd36bKz3%2FoFgsqdNJqqV58ezkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82317c90dfef4bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 86927

GET
H3 200 gift-zone.js Show response
tjypaebw.aweeh.works/uteRPsHa/index_files/ Frame CF39 8 KB
2 KB 801ms
798ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/index_files/gift-zone.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dc9cb536fc8c6e635133194e7210e4c484386ad1352f4fb466b18f38230031

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:08:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvHHW3O0GfN0ofEWvYITsc6Ls77J0fvQ3YIxccnyqFsB5i3SuGuAKENX1xkC%2Fy1TDo2FyqsvFF7qQm3ghUORUOJovK%2BPA%2F4uj1zBEdSND3e4pirryKF%2B9G8ynIXOV8bRUn0sFUPzwV69hF7JA0HkW1H5Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c90eff14bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:57 GMT

GET
H3 200 slide-zone.js Show response
tjypaebw.aweeh.works/uteRPsHa/js-zone/ Frame CF39 2 KB
1 KB 286ms
276ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/js-zone/slide-zone.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffdd81144f651146519ccf56481b474a7f8efe644fa2d74f5a006c8448d5d127

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:18:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVArCDm2Ofam1st9bMV0GA5YlKvtyLWB4K5EFnb1ymFWAxE5jbNBYK9YCaUu2n89sHyUuBOZeWr6ZAGhBYnxkudr1d0fZDBWtKwScpAQnEgU7w5irrwcARtcStIDd2bSLUzJzUBOMkUCO2q5tvRm%2BojfwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c9818334bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:58 GMT

GET
H3 200 slide-zone.js.download Show response
tjypaebw.aweeh.works/uteRPsHa/index_files/ Frame CF39 2 KB
2 KB 287ms
284ms Script
application/octet-stream 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/index_files/slide-zone.js.download
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5decabf43c201e0f9e058461dd0d8a8bc744e4174583ef39971abc226bf2ca08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:58 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 28 Sep 2023 19:09:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa9q7qH1nVss9WEjSYefVTiFisgzg4VlxOHziKJm7tsYezo3%2Fg7KguRmBpzpebTFNmWTLQLtqRq3KuFDUEYkyyzNuvBLDlXKx07zklmYdIEyV8xZQO8loTe542O2XfZiQ95Enjg0LSd4khkkGCj6GvLRQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 82317c9918394bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 2054

GET
H2 200 jquery-1.10.2.min.js Show response
code.jquery.com/ Frame CF39 91 KB
32 KB 109ms
34ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:58 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4122736
x-cache: HIT, HIT
content-length: 32788
x-served-by: cache-lga13622-LGA, cache-nyc-kteb1890024-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699484999.777140,VS0,VE0
etag: W/"28feccc0-16bb3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2, 10304

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame CF39 82 KB
29 KB 159ms
63ms Script
text/javascript 2607:f8b0:4006:823::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 14:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 14:14:54 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame CF39 82 KB
30 KB 85ms
26ms Script
text/javascript 2607:f8b0:4006:823::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 14:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 14:14:54 GMT

GET ctrlu.js
jefanyastore.biz.id/js/ Frame CF39 0
0

GET debug.js
jefanyastore.biz.id/js/ Frame CF39 0
0

GET
H3 200 qVyNJpEwZHdQjTtqA-CaNI2CyUQ.js Show response
tjypaebw.aweeh.works/cdn-cgi/apps/body/ Frame CF39 3 KB
2 KB 256ms
253ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/cdn-cgi/apps/body/qVyNJpEwZHdQjTtqA-CaNI2CyUQ.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/cdn-cgi/apps/head/Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68863caca8e386be9898fbef3d797dbf7074d4db1af44f9ca26d7e74d5129505

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
x-amz-version-id: _1POrPfRu6zwt.KMiQVe9k4Hy0CAM1Yt
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: S8D16KB6CED5BCPW
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aTWY49XR00TbhiT1cJJZQ5PVCpbOAJwx9a0Nt1V6O+ijuiCfLvCbXJ6e2uGL2XOHjmfEa4s2s9U=
last-modified: Fri, 29 Sep 2023 11:25:42 GMT
server: cloudflare
etag: W/"bd9402e5cdd386a3cc002ba92a8ec373"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9J5j91zdJ45hP1hFzsRRgujHXep7pkU7UFpDJpMWYiEVjbXZybKteBJ0DddCM57ZcUf64Fpj1kBQVlE5lrrLI641AW%2FbtZIdK0aXx6UzOiy6RMt58NADlOH%2Bc7zMXEgbMVgXq6wOwYTGgUEgBnDVNoWZhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82317c9c58674bc6-BUF

GET
H3 200 alert-zone.js Show response
tjypaebw.aweeh.works/uteRPsHa/js-zone/ Frame CF39 150 KB
20 KB 1001ms
1001ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/js-zone/alert-zone.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fa877438b0ada329d58e9a6b6b0350dd1fa74ad76ffbda8271cc000f9c1d274

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:18:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7HtlQcyiNr1e9lDO5z9cwB0pvNnd8%2FkYb3y3bRXy4bCA%2FGKVIHHhpWvvOO5LyV7pF1AmhYeEEkgpe7rMWtWsIsb8y%2BTH4JeYo90%2FifhXZ2NRT%2F1bAmSk3ERgA4WW0O9Z5E5rv2e%2FDDgxsXbBp0ErHvhZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c95f8254bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:58 GMT

GET
H3 200 zero-zone.js Show response
tjypaebw.aweeh.works/uteRPsHa/js-zone/ Frame CF39 766 B
773 B 782ms
781ms Script
application/javascript 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/js-zone/zero-zone.js
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f4b2583e453f80d54daf0072c6655f79ce795a70867ead657d3c01c8282b02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:18:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fJSJIkv6LAH6zxMFOSchci%2B%2FPoCzGOGgJsbz4rnWEwlXmGp1P546L63F9EAKcA7oBoDPG6opVLMILBxeqzEAWHtsTOz3A7ANaXPgKEJ%2FRNXRXkoAmOjffwkZ2jMlM5dWlZZpZ%2F4vaRyIWLMeGfW%2Bp9VYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c95f8264bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:58 GMT

GET
H2 206 m_1725u5z7i1.mp3
l.top4top.io/ Frame CF39 19 KB
20 KB 547ms
253ms Media
audio/mpeg 65.21.235.194

General

Check archive.org

Show headers Download Go to

Full URL: https://l.top4top.io/m_1725u5z7i1.mp3
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.21.235.194 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Request headers

Referer: https://tjypaebw.aweeh.works/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x34392023x
date: Wed, 08 Nov 2023 23:09:58 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
server: nginx
etag: "5f685351-4d45"
content-type: audio/mpeg
Content-Range: bytes 0-19780/19781
cache-control: max-age=7200
content-disposition: inline; filename="open_reward_tab.mp3"
Content-Length: 19781
expires: Thu, 09 Nov 2023 01:09:58 GMT

GET m_1725zobal2.mp3
a.top4top.io/ Frame CF39 0
0

GET
H3 200 style-zone.css
tjypaebw.aweeh.works/uteRPsHa/css-zone/ Frame CF39 24 KB
5 KB 285ms
283ms Stylesheet
text/css 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/css-zone/style-zone.css
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a7be5dc0d3628a7928ff3c8eb43cb4e1282444980f6455271f048af5d26776

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:19:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoYRPViwE7WL3QnVGVslran9Skd0hzomK719iThlRa2wYC%2Fa2%2BFmFYuwTlA7FlAfbPAbCdR9BW0LyW%2BrhtvdJpxpoofoGNyf0TrBNRVVdepuf%2FwbJRIEypTrnJOPNug0ATTJtKIsoVCeGh3Z3fKi5wgRzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c9c585e4bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:59 GMT

GET
H3 200 zero-zone.css
tjypaebw.aweeh.works/uteRPsHa/css-zone/ Frame CF39 4 KB
1 KB 796ms
789ms Stylesheet
text/css 2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjypaebw.aweeh.works/uteRPsHa/css-zone/zero-zone.css
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f366e2b0558fa054877f64e7a1f07a594300e900d743b71f24ff6b246ee0ed91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/uteRPsHa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 19:19:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jltmfJ9vVZJc5QhPA%2FFILRKM9QCkH1ab9v9ezU6ke54DP8ZyKfvB9rPuPxfyIZZjD9XGPQafvC59JbHEpxKcec6YrD%2FOEN5wGY8Q77mvMA3GY2SxB2k%2FVzjUGFOCYv3NgXq8pO%2Bd9XRA60q%2BUvVvK8qXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82317c9c585f4bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 15 Nov 2023 23:09:59 GMT

GET 1.png
tjypaebw.aweeh.works/uteRPsHa/img/reward/ Frame CF39 0
0

GET 2.png
tjypaebw.aweeh.works/uteRPsHa/img/reward/ Frame CF39 0
0

GET 3.png
tjypaebw.aweeh.works/uteRPsHa/img/reward/ Frame CF39 0
0

GET 4.png
tjypaebw.aweeh.works/uteRPsHa/img/reward/ Frame CF39 0
0

GET 5.png
tjypaebw.aweeh.works/uteRPsHa/img/reward/ Frame CF39 0
0

GET 6.png
tjypaebw.aweeh.works/uteRPsHa/img/reward/ Frame CF39 0
0

GET btn_arrow.png
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 0
0

GET
DATA 200
OK truncated
/ Frame CF39 237 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c89721e745c0efd9000e9b67a56371589568bdca99c6fefc4714f9e1509d28

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET background.jpg
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 0
0

GET container.jpg
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 0
0

GET event-title.png
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 0
0

GET item-off.png
tjypaebw.aweeh.works/uteRPsHa/img/ Frame CF39 0
0

GET
H2 200 LYjYdG7kmE0gV69VVPPdFl06VN8XG4S11zM.woff2
fonts.gstatic.com/s/teko/v20/ Frame CF39 8 KB
8 KB 92ms
27ms Font
font/woff2 2607:f8b0:4006:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/teko/v20/LYjYdG7kmE0gV69VVPPdFl06VN8XG4S11zM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Teko&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tjypaebw.aweeh.works
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 12:26:27 GMT
x-content-type-options: nosniff
age: 384212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7780
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:55:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 12:26:27 GMT

GET
H2 200 footer-bg.jpg
i.postimg.cc/02KwtTc7/ Frame CF39 11 KB
12 KB 31ms
19ms Image
image/jpeg 185.150.190.236
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/02KwtTc7/footer-bg.jpg
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/css-zone/style-zone.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.150.190.236 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 11651
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer_link_bg.png
www.pubgmobile.com/en/images/ Frame CF39 2 KB
2 KB 37ms
25ms Image
image/png 2600:1400:9000::687e:775b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/footer_link_bg.png
Requested by: Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/css-zone/style-zone.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:775b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tjypaebw.aweeh.works/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:59 GMT
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
server: nginx
etag: "62387c81-65e"
content-type: image/png
cache-control: max-age=206
accept-ranges: bytes
content-length: 1630
expires: Wed, 08 Nov 2023 23:13:25 GMT

GET spin.mp3
tjypaebw.aweeh.works/uteRPsHa/media/ Frame CF39 0
0

GET hardenize-badge-tjypaebw.aweeh.works.png
badge.hardenize.com/v2/images/ Frame CF39 0
0

GET
H3

200

main.js
tjypaebw.aweeh.works/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 3805
Redirect Chain

https://tjypaebw.aweeh.works/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://tjypaebw.aweeh.works/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

33ms
33ms

Script
application/javascript

2606:4700:3031::ac43:ab2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tjypaebw.aweeh.works/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/

Protocol

Server

2606:4700:3031::ac43:ab2d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:10:00 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn6N233P52oxuPerkpEHawA5bFS0SQlpyjcZ7F8Rl%2FrwvuapgIVRVHod8WTAbGdUCb3jWTTxeJ9s51silBiNuU7xD6M9jcjEA8hJK2Wc0o6%2Bqm%2Faca0faqoPrHZnMd0AHwB4Xu0eqrBSpSr4l7xx8AtFmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82317ca248aa4bc6-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 08 Nov 2023 23:10:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koCZdPtMVFNOuv%2FpLfdN3b3wZL68%2BsbdmpoZF9vreXyGxclB3ooWFs591qH%2FEWR1wo%2FHN4XpgHSE09lyIToaRJA%2FPVVrsTsIIrSe5LZYLb8SVjjq4LhFTWrFmJvDqGHgrDUEhdL%2B%2BuYJfnWM508sVverZg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 82317ca208a94bc6-BUF
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jefanyastore.biz.id
URL: https://jefanyastore.biz.id/css/bootstrap.css

Domain: jefanyastore.biz.id
URL: https://jefanyastore.biz.id/js/jquery.js

Domain: jefanyastore.biz.id
URL: https://jefanyastore.biz.id/js/bootstrap.js

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/header/3.jpg

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/loading.gif

Domain: jefanyastore.biz.id
URL: https://jefanyastore.biz.id/js/ctrlu.js

Domain: jefanyastore.biz.id
URL: https://jefanyastore.biz.id/js/debug.js

Domain: a.top4top.io
URL: https://a.top4top.io/m_1725zobal2.mp3

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/reward/1.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/reward/2.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/reward/3.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/reward/4.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/reward/5.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/reward/6.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/btn_arrow.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/background.jpg

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/container.jpg

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/event-title.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/img/item-off.png

Domain: tjypaebw.aweeh.works
URL: https://tjypaebw.aweeh.works/uteRPsHa/media/spin.mp3

Domain: badge.hardenize.com
URL: https://badge.hardenize.com/v2/images/hardenize-badge-tjypaebw.aweeh.works.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jefanyastore.biz.id/css/bootstrap.css Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://jefanyastore.biz.id/js/jquery.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://jefanyastore.biz.id/js/bootstrap.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://a.top4top.io/m_1725zobal2.mp3 Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://jefanyastore.biz.id/js/ctrlu.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://jefanyastore.biz.id/js/debug.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.top4top.io
ajax.googleapis.com
badge.hardenize.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
get.pubgmax2.com
i.postimg.cc
jefanyastore.biz.id
l.top4top.io
tjypaebw.aweeh.works
www.pubgmobile.com
a.top4top.io
badge.hardenize.com
jefanyastore.biz.id
tjypaebw.aweeh.works
185.150.190.236
2600:1400:9000::687e:775b
2606:4700:3031::ac43:ab2d
2606:4700:3034::6815:dac
2606:4700::6811:180e
2607:f8b0:4006:809::2003
2607:f8b0:4006:80e::200a
2607:f8b0:4006:823::200a
2a04:4e42::649
65.21.235.194
027a20dbe5724ee97554d3a0b3782c21189ac0a9332b16770423ab5966cb1f0f
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c4aa6ee0a06bfc116a512e01e3119e2675b32657d3eaac8f1e934d7b1f26e1b
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
0dac093e625ead75965511be6237704467b593ac678574b136383f2ef1064232
12bb0ea8687a5e8961feacd72da3589b711423ca95b3bdfe4865902362798cce
13015a5fac4b81b188ea1734870d2fa9f51bc23c501a9177fd868430d5ecafbe
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f926eeabc3c8f4dcca6e9846558b928f425c8db42fdcb398c38a4fc2ddca415
2736e8f1475b982dc48da8f9fe803271ce0535f04c5d19e401018afa358f8fba
2fa877438b0ada329d58e9a6b6b0350dd1fa74ad76ffbda8271cc000f9c1d274
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
5decabf43c201e0f9e058461dd0d8a8bc744e4174583ef39971abc226bf2ca08
6595f4df7bf22f69608fac32651aed9f58b702a1a54f9d31e0b48518b9a8a526
68863caca8e386be9898fbef3d797dbf7074d4db1af44f9ca26d7e74d5129505
6a66a6f467e40c2ef0c8f0c6c77ff558538b20a4f9f0ce7c9c31331df5bf4b9e
74645aff170342b2e0542c9bb414d26c3eeffe3f3f0f0e529d17c6d3c3262457
7d64a853f17814baa1bf33385a2a0682b1fd17e6b93e17325374a0e9ed746b01
856bdfd603e2cd07895f5f1fd37368e2ddf94a1e034b576cdcb557f5f17c2905
8609dea9fe0f75612cb164c627545e3cba6f05a9554f0495058b466d8fff3cec
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
888c6a625903f44837cc6bb42bbbb8ebdbf8f668d55e3d8124447202d26a3f98
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
93d1a9a07775c1e50d15c2342ea1bdb3f67bd4380a4e48ab63f19f50a60fcc08
989f7e1e61dd297d69a5582edbb8cb477cc04ccf977534eb04d72df49db0bcb9
994b286c743216ce3d22f56fa8e001287d36bff5313a988ee73e527598fb3294
a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
a4a7be5dc0d3628a7928ff3c8eb43cb4e1282444980f6455271f048af5d26776
a9b898452f03fd2c697ba1a2e85ad04feee12c40f88cc8fa7cf5ebfea7739cc3
aa94fc3c382d367a0b58185d22854dc88ab88b69acd1cb1d769bf662815183a8
aad8ddda2cd9faac4f322b2eeec68de1a2496f91671b971cf4537d97534a358b
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a
b8e7cad8ba04f3f8de1e5ad62a1660b10e18fb39a58cbc60b9951df8b84e60e5
bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f
be1acfddee2809ab2a0e5eb0eba0168f77109bbd4c2261cf96a94d9f3cea4177
c5dc9cb536fc8c6e635133194e7210e4c484386ad1352f4fb466b18f38230031
cde9945e91f0e51058869d687cd24c8f58804f25623999f1291c71b3697093b6
ce65b40153011799684ab726aedcef91650509610170c90dae4f20eb93874ffc
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
d2c89721e745c0efd9000e9b67a56371589568bdca99c6fefc4714f9e1509d28
dc817d67088cb1f92b2f69d174afe3b3d331e64603c793926021bea36c5cfd63
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e9f4b2583e453f80d54daf0072c6655f79ce795a70867ead657d3c01c8282b02
f1bd509f6032d31635a91d57de9428b83929221b854768c38c8f1643877a9417
f366e2b0558fa054877f64e7a1f07a594300e900d743b71f24ff6b246ee0ed91
fb0c196bf3eacc5d9893e0253c3ef6079965edf37b92d63a32c40e001d26d1a3
ffdd81144f651146519ccf56481b474a7f8efe644fa2d74f5a006c8448d5d127

get.pubgmax2.com Open in urlscan Pro 2606:4700:3034::6815:dac Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

69 %HTTPS

80 %IPv6

11 Domains

13 Subdomains

11 IPs

1 Countries

954 kBTransfer

1441 kBSize

0 Cookies

0 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.pubgmax2.com Open in urlscan Pro
2606:4700:3034::6815:dac Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

69 %
HTTPS

80 %
IPv6

11
Domains

13
Subdomains

11
IPs

1
Countries

954 kB
Transfer

1441 kB
Size

0
Cookies

72 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!