papji.barux2022.tk Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

URL: https://papji.barux2022.tk/
Submission: On July 06 via automatic, source openphish — Scanned from NL

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 37 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is papji.barux2022.tk.
TLS certificate: Issued by E1 on June 16th 2022. Valid for: 3 months.
This is the only time papji.barux2022.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

IP Address AS Autonomous System
17 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 113.164.15.82 45899 (VNPT-AS-V...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.219.128.143 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
37 12
Apex Domain
Subdomains
Transfer
17 barux2022.tk
papji.barux2022.tk
526 KB
7 zing.vn
img.zing.vn — Cisco Umbrella Rank: 710056
1 MB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
ajax.googleapis.com — Cisco Umbrella Rank: 307
167 KB
2 wallpapercave.com
wallpapercave.com — Cisco Umbrella Rank: 60933
1 MB
2 gstatic.com
fonts.gstatic.com
31 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 630
32 KB
1 pubgmobile.com
www.pubgmobile.com — Cisco Umbrella Rank: 27925
74 KB
1 amazonaws.com
media-assets-ggwp.s3.ap-southeast-1.amazonaws.com
136 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2211
7 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
7 KB
37 10
Domain Requested by
17 papji.barux2022.tk papji.barux2022.tk
7 img.zing.vn papji.barux2022.tk
img.zing.vn
2 wallpapercave.com papji.barux2022.tk
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com papji.barux2022.tk
2 fonts.googleapis.com papji.barux2022.tk
img.zing.vn
1 code.jquery.com papji.barux2022.tk
1 www.pubgmobile.com papji.barux2022.tk
1 media-assets-ggwp.s3.ap-southeast-1.amazonaws.com papji.barux2022.tk
1 stackpath.bootstrapcdn.com papji.barux2022.tk
1 cdnjs.cloudflare.com papji.barux2022.tk
37 11

This site contains no links.

Subject Issuer Validity Valid
*.barux2022.tk
E1
2022-06-16 -
2022-09-14
3 months crt.sh
*.zing.vn
DigiCert TLS RSA SHA256 2020 CA1
2021-08-03 -
2022-08-30
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon
2021-12-09 -
2022-12-08
a year crt.sh
wetv.acc.qq.com
DigiCert SHA2 Secure Server CA
2022-05-26 -
2023-01-17
8 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
wallpapercave.com
Cloudflare Inc ECC CA-3
2021-10-09 -
2022-10-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://papji.barux2022.tk/
Frame ID: 7F5E29E7D6EBD221471EF8E876B5B4B0
Requests: 39 HTTP requests in this frame

Screenshot

Page Title

PUBG MOBILE - Online Tournament

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

12
IPs

5
Countries

3926 kB
Transfer

4104 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
papji.barux2022.tk/
11 KB
4 KB
Document
General
Full URL
https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
461f397b20f836dd8854083ae3ea2777c62a9df6759c9bd28cc69053fa1577af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7264808cdaa99b88-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 01:17:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifprPkI96wVzZI%2FeGhqOUhWZ3eI43WwFAUET3dBeaLWvbVmeGVtqD5rlQy8NjzD6XwPrBa%2BKo4VSRt%2FUpAsj6vpuR43%2BNdNiMpP7sclBn9d7qalblYcLMr%2BdNUzVkQxGtxB0WtYAzz5QFsTeeNyGef4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
main.css
img.zing.vn/products/pubgm/skin-2020/dist/main/
815 KB
816 KB
Stylesheet
General
Full URL
https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.15.82 Ap Sai Gon, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
f9e873ed49fe5fafdd56758d55af1a1ab8321c44e5e2f50f17a981af4af45e2a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 01:17:44 GMT
Last-Modified
Thu, 04 Jun 2020 10:59:52 GMT
Server
nginx
ETag
"5ed8d428-cbde9"
X-Cache-Status
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
835049
Expires
Mon, 02 Jan 2023 01:15:46 GMT
style.css
papji.barux2022.tk/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://papji.barux2022.tk/css/style.css
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d2f5c4a25d90b64d0d44bab5356dde5fa14817b306ea9e3ddcf4d314baef0d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2763
cf-polished
origSize=4406
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 19 Jul 2020 04:50:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJP4BEQekpoRP1Sdika8lAOLUhNItWsgBYmLOwVMFCqK3N4zww6De9fpQ5WFFEQJnBvBJsP2mepyLV5s8IjF4bvJjUBRha55ibAmeXMH9g5Qk%2BP8fVi9m4y8VxFVH46oXoCOE%2BovkPXFUeP46tsFzAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7264808e3bf89b88-FRA
cf-bgj
minify
facebook.css
papji.barux2022.tk/css/
2 KB
1023 B
Stylesheet
General
Full URL
https://papji.barux2022.tk/css/facebook.css
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e41d271707f860039d104400a1d2996d5c802aba1664a69e416ccde739ae4b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2763
cf-polished
origSize=3136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Mar 2020 04:08:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlbX1guVk8y%2F9FoDfSM%2BDyTIuj4iNvAJRXLgOtzyAzKnZBgNqhKJg%2BY8rEWFW9PVte1uCWNeXIEjEkCNKbks9pjT55R50g85Li8jHx70NaM9BpDwIiLJEOkbnUBWKfiwtji2toLj6Ln5jhHhzytY6Uw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7264808e3bfb9b88-FRA
cf-bgj
minify
twitter.css
papji.barux2022.tk/css/
1 KB
727 B
Stylesheet
General
Full URL
https://papji.barux2022.tk/css/twitter.css
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b43ae2267878a9ea012b5aa04eee88e60818133a4146ae30d357f8d29bf466

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2763
cf-polished
origSize=1835
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Mar 2020 04:08:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMmEsboH0OLKsTaCt9K2RJ3CyZ9eJyDkxffQohH1Qg21tLd2YPvijwjr%2FQohYS81Uob%2FOV6OgksHuG59G5DNoxMZ2zLBxqFpYugISecpjdaR1bfMkyjkKjoSV6%2F6E7UDWPr0Sh%2FQ%2BwJpDd3ziXxa%2B3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7264808e3bfc9b88-FRA
cf-bgj
minify
google.css
papji.barux2022.tk/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://papji.barux2022.tk/css/google.css
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1dec1cf73755317aaf9cad5f697c7a6e62e1630b1d992006af238f523e99638

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2763
cf-polished
origSize=4367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jul 2020 10:39:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chJ%2BtKiAhoCdoIBp%2FVqmDnH%2BIsWj0SP9A6HT1xjJF6WKkg%2BfZbaklhnhu1xNi0THmaLZVbErf%2BvObciWdotO6DolZqpjnqSfBO4hkRTGkxXESDnvMQSUJ3gL3PH9SKVdYIf1BVwR%2BPXARFe55OipELI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7264808e3bfd9b88-FRA
cf-bgj
minify
material-design-iconic-font.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/
83 KB
7 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3486073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6252
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-14d38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j%2FEE7vXQ8pSi07swVudOaPvoTX0j%2B%2B7wb0eK%2FvxVsR16bzPqbASmvL%2FtwIRuXYZKSLorPzJZavDccz2qwiGLy7LWQx4Ljacl6rtGa9lwC43%2FR7cXzYiWKCxq77kIwiwDZfpcqt9L2XlHfaToGXnCrnX"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7264808f18b1695b-FRA
expires
Mon, 26 Jun 2023 01:17:41 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://papji.barux2022.tk/
Origin
https://papji.barux2022.tk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
access-control-allow-origin
*
cdn-cachedat
03/12/2022 14:32:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c7ed8cd947afd8480b24bc9fdba3b263
cf-ray
7264808f1e3391e9-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5c0d8c6f0568e8560693747afafd5fe765d9e25f69ce330c67c148499ac1f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 01:17:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 01:17:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 01:17:41 GMT
Logo-mb-game.png
img.zing.vn/products/pubgm/skin-2020/dist/main/images/icons/
1 KB
2 KB
Image
General
Full URL
https://img.zing.vn/products/pubgm/skin-2020/dist/main/images/icons/Logo-mb-game.png
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.15.82 Ap Sai Gon, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
0f8a4bbb3fb310a4941582a4fb2dda936058389500b1ecee69459e2477b968c3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 01:17:45 GMT
Last-Modified
Wed, 12 Feb 2020 11:15:32 GMT
Server
nginx
ETag
"5e43de54-4c0"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1216
Expires
Mon, 02 Jan 2023 01:15:46 GMT
bc2.jpg
papji.barux2022.tk/img/
187 KB
188 KB
Image
General
Full URL
https://papji.barux2022.tk/img/bc2.jpg
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5004236729efef16e0c09daac7ed3091020f5059d6e9dfa005c5450b36b3b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
cf-cache-status
HIT
last-modified
Sat, 01 Jan 2022 06:15:20 GMT
server
cloudflare
age
2762
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wv1XASLZIGTIDkNReghvr8rUFy1ySR2qG8yg0KkC%2B8ywA%2Bhki1mN0Isn%2BTaYRJY8YDi7Atkeyg4LxWZTPJdM1wOegWwgJWxfEWpeXsvpGG9zx3DDFQZJoorMkzjiVhhUryBvlSFq%2BPHCSWfyB1TtYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7264808e5c139b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
191474
scrim-pubg-adalah-5.jpg
media-assets-ggwp.s3.ap-southeast-1.amazonaws.com/2020/05/
135 KB
136 KB
Image
General
Full URL
https://media-assets-ggwp.s3.ap-southeast-1.amazonaws.com/2020/05/scrim-pubg-adalah-5.jpg
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.128.143 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b87bfa627b552747378a991e4af07bc86d456f420b6cf50516f6bbf01cdde18b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 01:17:43 GMT
Last-Modified
Tue, 13 Oct 2020 09:14:28 GMT
Server
AmazonS3
x-amz-request-id
N2D3WFHY3PVC5Z7T
ETag
"4c2085a85089344bed621b653c58cc8e"
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
138639
x-amz-id-2
tDRRlE3aXehm2Ik0gY2vuZjMJmTAoHr5lkcyiLKWygRc4rFeBzRc1/JqcWdZTTAxm22gfUVsOm8=
facebook_icon.png
papji.barux2022.tk/img/login/
78 KB
78 KB
Image
General
Full URL
https://papji.barux2022.tk/img/login/facebook_icon.png
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
cf-cache-status
HIT
last-modified
Sat, 27 Jun 2020 06:10:50 GMT
server
cloudflare
age
2762
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nay1difUYKyJRGp8sdWbRkz%2BY%2FHrenkn7U8X6m%2Fud4qaO%2FeYiuu6SqshKNAK6MjB1nu03t5s7pli88ekb%2FmkGsfUboZIMMi6TDQQCHdodj7igrfYkljWw8NYoGr3JvO9vw8IPoAD9E%2FjxhrI9NqmcmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7264808e5c149b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79439
twitter_icon.png
papji.barux2022.tk/img/login/
9 KB
9 KB
Image
General
Full URL
https://papji.barux2022.tk/img/login/twitter_icon.png
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb71fa5156501b3ca8ff3c88e4501917c651ac60eaaf58c22c2bed6e933d82c5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
cf-cache-status
HIT
last-modified
Sat, 27 Jun 2020 06:10:50 GMT
server
cloudflare
age
2761
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0%2B5iiEL9GLMR339Y0qvnFhCQ%2FiZGxlz7tDPpoumUbzDoxJnG6zTXVQxExuN88zr7mVCDxI6zmoUHsca2yxR7jrdey7HsC79LOh4CC9pD%2Fx9jb1UHTqNTm5dk0HMrg1IuXTswgGwK1V3VgIiv0zV7cA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7264808e5c159b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8862
facebook_text.png
papji.barux2022.tk/img/login/
28 KB
28 KB
Image
General
Full URL
https://papji.barux2022.tk/img/login/facebook_text.png
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
cf-cache-status
HIT
last-modified
Sat, 27 Jun 2020 06:10:50 GMT
server
cloudflare
age
2761
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxBJS66wwpF8JbAVnhFYb8vC%2BDBPjAf9ZItcq7hk61r3UIxklakU2zMf%2FhbHwH2srVpq9oWlJxFYTcJWUfjRi4EkXpIdFbCojIuy%2B5CBI2a%2FkCMqjJEQHaMLDfP2ONHRMXjJIeHOB0Y7Oo0P36ud0Dg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7264808e5c169b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28789
icon_logo.jpg
www.pubgmobile.com/id/event/royalepass10/images/
73 KB
74 KB
Image
General
Full URL
https://www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
last-modified
Wed, 15 Sep 2021 06:46:59 GMT
server
nginx
etag
"614196e3-1258d"
content-type
image/jpeg
cache-control
max-age=172
accept-ranges
bytes
content-length
75149
expires
Wed, 06 Jul 2022 01:20:33 GMT
twitter_text.png
papji.barux2022.tk/img/login/
4 KB
5 KB
Image
General
Full URL
https://papji.barux2022.tk/img/login/twitter_text.png
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
cf-cache-status
HIT
last-modified
Sat, 27 Jun 2020 06:10:50 GMT
server
cloudflare
age
2760
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGuU6kua6638ub8YBH2xjN29H%2FEEKkSc4hom8rtgdeALPRmrUPw3x%2BWWhPO97JiVIn7ou34q7LxhMbWlBzYQ2Mvh7q1zuoMRDX4j9GIIg3JQUUTIqRONAdLN0ayN94TyUU2i5G8VvntK2TTF%2F8lTWTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7264808e5c199b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4298
google_text.png
papji.barux2022.tk/img/login/
4 KB
4 KB
Image
General
Full URL
https://papji.barux2022.tk/img/login/google_text.png
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Jul 2020 10:39:52 GMT
server
cloudflare
age
2760
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKYkuekUMJENNYsyv0YqH%2Bbi3NbKbLYQMes233L4iMEFvh9Se3hFi8pocN7Fy1EaavHTAhgvoHNMO6MC5nrbud5VIe%2B5sNC9%2FkBZraxyyzVnWA%2Bq%2FTujNOE7GNlWexYugz9NLKLQSHXBv99yUVRupEA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7264808e5c1a9b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3934
jquery-1.10.2.min.js
code.jquery.com/
91 KB
32 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-16bb3"
vary
Accept-Encoding
x-hw
1657070261.dop153.am5.t,1657070261.cds242.am5.hn,1657070261.cds298.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32788
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/
82 KB
83 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:07:46 GMT
x-content-type-options
nosniff
age
7795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 23:07:46 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/
82 KB
82 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:23:53 GMT
x-content-type-options
nosniff
age
6828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84320
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 23:23:53 GMT
main.js
img.zing.vn/products/pubgm/skin-2020/dist/main/
321 KB
321 KB
Script
General
Full URL
https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.15.82 Ap Sai Gon, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
498f589cd376a4801a684b81f38229386b8b2f849ab48ee6f644cc19513eacfd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 01:17:45 GMT
Last-Modified
Thu, 04 Jun 2020 07:38:55 GMT
Server
nginx
ETag
"5ed8a50f-50301"
X-Cache-Status
HIT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
328449
Expires
Mon, 02 Jan 2023 01:15:46 GMT
popup.js
papji.barux2022.tk/js/
617 B
444 B
Script
General
Full URL
https://papji.barux2022.tk/js/popup.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15182111fff7c7f0173f7462ef78b27a457b1b21fdc81d7e382363a84f2467f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2762
cf-polished
origSize=676
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 19 Jul 2020 04:54:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJgj%2Bzr80eIuTOjuZv7UXxUireoTjOBT5qesjEGYVhWhiobuY6tLEGWUwn90dqiW1C4Ygrfdz34haVm%2FG0ZrTtV03oC9NLGCAvqiSAj8AYdyLnsrnyEWcZlhnrvoN5y2QYa9u13WlGUGeu5wBMprlfo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7264808e5c0d9b88-FRA
cf-bgj
minify
content.js
papji.barux2022.tk/js/
1 KB
867 B
Script
General
Full URL
https://papji.barux2022.tk/js/content.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155a34e9877d8031b4b6a6f0230393cabdabb45d14929db596400a9c08fefebf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2762
cf-polished
origSize=1926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jul 2020 10:39:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH6x3p77km0P4BwSMh8HAI3FkaX6uc6NeUYyxZsZCSqHnEm1CvDLOyokiVsxkJNVe%2BaytwsAZfyaCw0pMpk7aQMxShc8gwFV%2Fbs2xew8%2FlFA3wayD4IGBT%2FPqzFA1Zz0%2F6G2Sr5s117tbZmB9P8%2FvGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7264808e5c0f9b88-FRA
cf-bgj
minify
counter.js
papji.barux2022.tk/js/
85 B
368 B
Script
General
Full URL
https://papji.barux2022.tk/js/counter.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
534097b5b6ee19a996f5f22cc027841470536613125f848fc06add6fa915a304

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2762
cf-polished
origSize=177
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jul 2020 10:39:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dmx76hddwrlgvtZHycZctuCT6R1CqwPvCcYe3C%2FwXFaT3J5qMMVsmB2TD%2BrOagSSf8%2FTuTW4wVcirL2pjXA0Zu5R4XYzWnHtHhcZblH5LTa%2BvjG96fxoec0By8zEUz%2Fhx%2FZcBpjJA87qE6aTiwO%2FJW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7264808e5c109b88-FRA
cf-bgj
minify
google.js
papji.barux2022.tk/js/
0
0
Script
General
Full URL
https://papji.barux2022.tk/js/google.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uv00YgnvHKix90SaD40KX0CVPmWhswnX008LLOu%2FtuWHw4b9LnwjPc68vh2FV3Nk26%2FAQQvQpOG%2F3E%2BLOZcwLDhLmq9HEFQT%2BsS5I4oCIID8SU5EC%2BWoHDtROmt1Dwx9JM5bCXk4gXW8TSfYUXZJy8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
7264808e5c119b88-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
buktup.js
papji.barux2022.tk/js/
340 B
449 B
Script
General
Full URL
https://papji.barux2022.tk/js/buktup.js
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fc6bdef15100e02c2d7178f96e3070b8c5176c341cf733852317b771d6e9cb9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2762
cf-polished
origSize=413
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jul 2020 10:39:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2x5Yys3Ji0wjogL3SG1EpeatDBZbpcZkH3rGENJKkc6hTOpHDGPWR4PUQPbqUdv9offhyJHwm5ENHa3zbjn5Gd6FnGQKwxx0gk1qKvgOt%2FLrJU%2BR21et94RYtwWPy1jeZMWSczckEn0cWNCqSQuuss%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7264808e5c129b88-FRA
cf-bgj
minify
css
fonts.googleapis.com/
9 KB
771 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:300,700&display=swap&subset=vietnamese
Requested by
Host: img.zing.vn
URL: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
154e48200da6e994bd1cfd7c5e5e87172dc9d62d04f3507ad3cc25a82dc9af84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://img.zing.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 01:17:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 01:17:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 01:17:46 GMT
bg-nav.png
img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/
3 KB
4 KB
Image
General
Full URL
https://img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/bg-nav.png
Requested by
Host: img.zing.vn
URL: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.15.82 Ap Sai Gon, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
81f8bb9a081a560ab65989a821591ecbfc47987203dce7a87cf3d4aab9908705

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 01:17:46 GMT
Last-Modified
Tue, 04 Feb 2020 09:19:21 GMT
Server
nginx
ETag
"5e393719-d96"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3478
Expires
Mon, 02 Jan 2023 01:15:47 GMT
bg-bottom-banner-home.png
img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/
3 KB
4 KB
Image
General
Full URL
https://img.zing.vn/products/pubgm/skin-2020/dist/main/images/bg/bg-bottom-banner-home.png
Requested by
Host: img.zing.vn
URL: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.15.82 Ap Sai Gon, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
169b6989c2800b5e81484935edf18b73e67f02adf21aec680832884bbce5d653

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 01:17:46 GMT
Last-Modified
Thu, 13 Feb 2020 05:02:49 GMT
Server
nginx
ETag
"5e44d879-dcc"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3532
Expires
Mon, 02 Jan 2023 01:15:47 GMT
_sprites-f1.png
img.zing.vn/products/pubgm/skin-2020/dist/main/images/
7 KB
7 KB
Image
General
Full URL
https://img.zing.vn/products/pubgm/skin-2020/dist/main/images/_sprites-f1.png
Requested by
Host: img.zing.vn
URL: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.15.82 Ap Sai Gon, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
e3398f3317d88171f703ba78cb6164d009ea13bc0fd30f4739cc5ab8885725d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 01:17:46 GMT
Last-Modified
Wed, 12 Feb 2020 11:15:32 GMT
Server
nginx
ETag
"5e43de54-1c10"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7184
Expires
Mon, 02 Jan 2023 01:15:47 GMT
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a55cf88f8ef6533e8058b8f66090401fbabb9e2d00135adcac9635d3dd0f91cb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
493 KB
493 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11063067ff0c3cacc6acfca8dbfee98f3d72d862eff1471aa66ba4965110c47b

Request headers

Referer
Origin
https://papji.barux2022.tk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
font/otf
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,700|Roboto:300,700&display=swap&subset=vietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://papji.barux2022.tk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 22:17:29 GMT
x-content-type-options
nosniff
age
10817
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15528
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 22:17:29 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://papji.barux2022.tk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 22:18:51 GMT
x-content-type-options
nosniff
age
10735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 22:18:51 GMT
_sprites-nav.png
img.zing.vn/products/pubgm/skin-2020/dist/main/images/
10 KB
10 KB
Image
General
Full URL
https://img.zing.vn/products/pubgm/skin-2020/dist/main/images/_sprites-nav.png
Requested by
Host: img.zing.vn
URL: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.15.82 Ap Sai Gon, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
nginx /
Resource Hash
10aaa743106aab5b136c4e6291660dd25368a94ed25a9be4e95cfee8ea28ea3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 01:17:46 GMT
Last-Modified
Wed, 12 Feb 2020 11:15:32 GMT
Server
nginx
ETag
"5e43de54-2603"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9731
Expires
Mon, 02 Jan 2023 01:15:48 GMT
wp4220056.png
wallpapercave.com/wp/
678 KB
679 KB
Image
General
Full URL
https://wallpapercave.com/wp/wp4220056.png
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073b200a9621d73465b2738c71ebd63164727cddd2fea280a45d814aeb858532

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:46 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=782839
content-disposition
inline; filename="wp4220056.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
694624
last-modified
Fri, 28 Feb 2020 08:50:52 GMT
server
cloudflare
etag
"5e58d46c-bf1f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
726480af4a4e9b80-FRA
cf-bgj
imgq:85,h2pri
lii_bc2.png
papji.barux2022.tk/img/
204 KB
205 KB
Image
General
Full URL
https://papji.barux2022.tk/img/lii_bc2.png
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd6d373146059a0f2eba4495e8fe7934d85a0a1a36fdce57c26fe357d9cd729

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:46 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 01 Jan 2022 06:38:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BAs6cKQkXTcjChwf%2F7bFCv%2Bl9mYX3hp%2F5dPtieslc3WZ5GAMjz0vb4NDAUek9S1erXmvBSaOdMgmAz97%2Bi5JqOUqXmJHQ4fV5mDhyMu%2BLLGOI1%2FabuNiMW3QaAz1nbRHm%2Ft21JJ44QhP0tmB6L%2B268%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
726480aeffdc9280-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
209044
wp2249200.jpg
wallpapercave.com/wp/
608 KB
609 KB
Image
General
Full URL
https://wallpapercave.com/wp/wp2249200.jpg
Requested by
Host: papji.barux2022.tk
URL: https://papji.barux2022.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be1da4648ea2a3f0bf89025c7de95c4af53f09332c9cbfa892a7fc43d523fc6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://papji.barux2022.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 01:17:47 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 23 Feb 2020 08:42:20 GMT
server
cloudflare
etag
"5e523aec-a1f36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
origSize=663350, status=webp_bigger
accept-ranges
bytes
cf-ray
726480b00add9b80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
622322
cf-bgj
imgq:85,h2pri

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| kirim function| $ function| jQuery object| lazySizes object| __core-js_shared__ object| core function| account_login function| close_account_login function| facebook_login function| close_facebook_login function| twitter_login function| close_twitter_login function| google_login function| close_google_login function| showloading function| hideloading function| buka function| showpage2 function| post function| result object| bukain object| buktup

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://papji.barux2022.tk/js/google.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
img.zing.vn
media-assets-ggwp.s3.ap-southeast-1.amazonaws.com
papji.barux2022.tk
stackpath.bootstrapcdn.com
wallpapercave.com
www.pubgmobile.com
113.164.15.82
2001:4de0:ac18::1:a:2a
2606:4700:10::6816:3447
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a02:26f0:6c00::210:ba0b
2a06:98c1:3121::3
52.219.128.143
073b200a9621d73465b2738c71ebd63164727cddd2fea280a45d814aeb858532
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
0f8a4bbb3fb310a4941582a4fb2dda936058389500b1ecee69459e2477b968c3
10aaa743106aab5b136c4e6291660dd25368a94ed25a9be4e95cfee8ea28ea3d
11063067ff0c3cacc6acfca8dbfee98f3d72d862eff1471aa66ba4965110c47b
154e48200da6e994bd1cfd7c5e5e87172dc9d62d04f3507ad3cc25a82dc9af84
155a34e9877d8031b4b6a6f0230393cabdabb45d14929db596400a9c08fefebf
169b6989c2800b5e81484935edf18b73e67f02adf21aec680832884bbce5d653
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
29b43ae2267878a9ea012b5aa04eee88e60818133a4146ae30d357f8d29bf466
2bd6d373146059a0f2eba4495e8fe7934d85a0a1a36fdce57c26fe357d9cd729
3fc6bdef15100e02c2d7178f96e3070b8c5176c341cf733852317b771d6e9cb9
461f397b20f836dd8854083ae3ea2777c62a9df6759c9bd28cc69053fa1577af
498f589cd376a4801a684b81f38229386b8b2f849ab48ee6f644cc19513eacfd
4c5004236729efef16e0c09daac7ed3091020f5059d6e9dfa005c5450b36b3b4
4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7
534097b5b6ee19a996f5f22cc027841470536613125f848fc06add6fa915a304
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6be1da4648ea2a3f0bf89025c7de95c4af53f09332c9cbfa892a7fc43d523fc6
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81f8bb9a081a560ab65989a821591ecbfc47987203dce7a87cf3d4aab9908705
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
94d2f5c4a25d90b64d0d44bab5356dde5fa14817b306ea9e3ddcf4d314baef0d
a15182111fff7c7f0173f7462ef78b27a457b1b21fdc81d7e382363a84f2467f
a55cf88f8ef6533e8058b8f66090401fbabb9e2d00135adcac9635d3dd0f91cb
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
b0e41d271707f860039d104400a1d2996d5c802aba1664a69e416ccde739ae4b
b1dec1cf73755317aaf9cad5f697c7a6e62e1630b1d992006af238f523e99638
b87bfa627b552747378a991e4af07bc86d456f420b6cf50516f6bbf01cdde18b
e3398f3317d88171f703ba78cb6164d009ea13bc0fd30f4739cc5ab8885725d2
f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2
f5c0d8c6f0568e8560693747afafd5fe765d9e25f69ce330c67c148499ac1f13
f9e873ed49fe5fafdd56758d55af1a1ab8321c44e5e2f50f17a981af4af45e2a
fb71fa5156501b3ca8ff3c88e4501917c651ac60eaaf58c22c2bed6e933d82c5