Report - zgibj.gody4r.biz.id/

Report Overview

Submitted URL
zgibj.gody4r.biz.id/
IP
172.67.168.159
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-29 04:38:36
Access
public
Website Title
Free Fire
Final URL
zgibj.gody4r.biz.id/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.pubgmobile.com	21653	unknown	2018-04-27	2024-03-27	442 B	1.2 kB	23.36.76.250
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-03-29	868 B	61 kB	142.250.74.74
rawcdn.githack.com	72170	2013-10-12	2016-07-04	2024-03-28	1.1 kB	1.7 kB	104.21.234.230
unpkg.com	11693	2016-01-06	2016-01-08	2024-03-28	427 B	12 kB	104.16.124.175
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-29	463 B	77 kB	142.250.74.138
code.jquery.com	634	2005-12-10	2012-05-21	2024-03-28	414 B	33 kB	151.101.194.137
dl.dir.freefiremobile.com	27937	unknown	2020-07-27	2024-03-26	980 B	21 kB	152.195.133.221
i.ibb.co	13485	2010-07-20	2018-11-25	2024-03-28	866 B	140 kB	162.19.58.158
play-lh.googleusercontent.com	407	unknown	2019-09-30	2024-03-27	497 B	74 kB	216.58.211.22
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-03-28	464 B	32 kB	104.18.11.207
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-03-28	1.1 kB	46 kB	104.17.24.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-03-28	466 B	30 kB	151.101.193.229
zgibj.gody4r.biz.id	unknown	unknown	No data	No data	9.6 kB	1.4 MB	104.21.94.192
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-03-29	1.0 kB	32 kB	142.250.74.131
i.postimg.cc	23840	2016-06-11	2018-04-11	2024-03-28	431 B	38 kB	162.19.61.80
raw.githubusercontent.com	35802	2014-02-06	2014-03-01	2024-03-28	1.2 kB	1.6 kB	185.199.110.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena
2024-03-28	medium	zgibj.gody4r.biz.id/	Garena

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	zgibj.gody4r.biz.id/js/ryucodex.js	4.3 kB	2023-03-07	2024-04-26
Pretty URL zgibj.gody4r.biz.id/js/ryucodex.js IP 104.21.94.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-26 06:09:49 Times Seen233 Hash 3c6b357da9a9c2229aa9db0d95f09fa6 7b15d8f866df1f83d3cebc72f8b29df8335b5bb4 d65b12be8cd3346554199d0d81fed9e1bf66ee7aa0da40a7f1b715e046f065e3 Loading...

	zgibj.gody4r.biz.id/	4.9 kB	2023-04-21	2024-04-26
Pretty URL zgibj.gody4r.biz.id/ IP 104.21.94.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-21 09:28:35 Last Seen2024-04-26 06:09:49 Times Seen43 Hash 75bc8c49822c79ae6e0676a112be6d63 87dfc9e605f40a1145c8a2ab20a09a2d368a83f5 f14eee04653661d6d311e25340e04d76229dac7cca8c51c9d61e89b7469add20 Loading...

	code.jquery.com/jquery-1.10.2.min.js	93 kB	2023-03-07	2024-04-27
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 11:59:32 Times Seen10193 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	84 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 09:45:37 Times Seen13772 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 12:28:28 Times Seen14111 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

HTTP Transactions (43)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.24.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:38:01 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 550430
expires: Wed, 19 Mar 2025 04:38:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmPMn%2F4wPfI6ghVSB305iPc7NR%2B8Qlcl%2FJ%2FuSF5tUTqsgdXdXH7dtrCGkxWiX7o1ovdPjfrMk7SkIrRQgubbwG9MV%2F%2Fn4s7AOH7WePAxUi%2BesRpmZn1xn1rR7TnPELA240WJkOiT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86bd2b04fdbab515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png

151.101.193.229

200 OK

29 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /gh/gowebid/assets@main/go_login/facebook_white.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7075-ic4uy2YKkLjm7RszVEPXdnxZ8oo"
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:38:01 GMT
age: 14721
x-served-by: cache-fra-etou8220127-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28789
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

151.101.194.137

200 OK

33 kB

URL GET HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32072)
Size
33 kB (32788 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:38:01 GMT
age: 16886476
x-served-by: cache-lga13622-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 1, 108047
x-timer: S1711687082.821790,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2

dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/garena_logo.b28b2b6.png

152.195.133.221

200 OK

11 kB

URL GET HTTP/2
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/garena_logo.b28b2b6.png
IP
152.195.133.221:443
ASN
#15133 EDGECAST

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerDigiCert Inc
Subjectgarenanow.com
Fingerprint65:54:F1:4C:20:75:FB:11:D3:A9:95:B8:F9:AE:05:C7:77:EF:78:58
ValidityFri, 23 Feb 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT

File type
PNG image data, 459 x 138, 8-bit/color RGBA, non-interlaced
Size
11 kB (11185 bytes)
Hash
f77fe97fc8f4d06fd93eaf7552c4a3e9
c73f03f3e5a9f460eb83e10ae7312738a36ce720
b695d33c5ece1af9739e89855c4cc718fd6e9550528009ee5ff644cac193cb41

HTTP Headers

GET /common/web_event/official2/dist/client/img/garena_logo.b28b2b6.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 792
cache-control: public, max-age=3600
content-md5: 93/pf8j00G/ZPq91UsSj6Q==
content-type: image/png
date: Fri, 29 Mar 2024 04:38:01 GMT
ec-version: v6.05
etag: "f77fe97fc8f4d06fd93eaf7552c4a3e9"
expires: Fri, 29 Mar 2024 05:38:01 GMT
last-modified: Tue, 19 Mar 2024 08:15:04 GMT
server: ECAcc (ska/F6CE)
via: 1.1 22696b6e831fc717b53b9273ad3341c2.cloudfront.net (CloudFront)
x-amz-cf-id: 1IBiIfkBaS1VX7zobhplejQuhrN44IWo3xe31Sq5bQZ4-I5pEXTqdA==
x-amz-cf-pop: ARN1-C1
x-cache: HIT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSX+IbKU4cxRCvEdlDTESM1971hXlVuD
x-obs-replication-status: REPLICA
x-obs-request-id: 0000018E8874074A914B7036BDF9EE68
content-length: 11185
X-Firefox-Spdy: h2

dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png

152.195.133.221

200 OK

8.3 kB

URL GET HTTP/2
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png
IP
152.195.133.221:443
ASN
#15133 EDGECAST

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerDigiCert Inc
Subjectgarenanow.com
Fingerprint65:54:F1:4C:20:75:FB:11:D3:A9:95:B8:F9:AE:05:C7:77:EF:78:58
ValidityFri, 23 Feb 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT

File type
PNG image data, 616 x 90, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8314 bytes)
Hash
c632e6bfd0076695e56477bdb3f7232c
5b4212f029814b5dfda946ac5e5a6ba97857feb9
86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c

HTTP Headers

GET /common/web_event/official2/dist/client/img/full_logo.969f536.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 2358
cache-control: public, max-age=3600
content-md5: xjLmv9AHZpXlZHe9s/cjLA==
content-type: image/png
date: Fri, 29 Mar 2024 04:38:01 GMT
ec-version: v6.05
etag: "c632e6bfd0076695e56477bdb3f7232c"
expires: Fri, 29 Mar 2024 05:38:01 GMT
last-modified: Tue, 19 Mar 2024 08:15:04 GMT
server: ECAcc (ska/F692)
via: 1.1 41ce182e8f343263845579fafd1af6b8.cloudfront.net (CloudFront)
x-amz-cf-id: jXpRLE06oz1MsymbhKvLby20x4zvO7V7EyEUODoahw1VlMcZHWtRiw==
x-amz-cf-pop: ARN56-P2
x-cache: HIT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSlbdhTRIrBH5VM0JfjoyF9RjVtEBNmy
x-obs-replication-status: REPLICA
x-obs-request-id: 0000018E885C231D914F64696662CC40
content-length: 8314
X-Firefox-Spdy: h2

i.ibb.co/ccxBcPG/ap-resize.png

162.19.58.158

200 OK

64 kB

URL GET HTTP/2
i.ibb.co/ccxBcPG/ap-resize.png
IP
162.19.58.158:443
ASN
#16276 OVH SAS

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62
ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
64 kB (63618 bytes)
Hash
577860cea8b0ad65ee35abb12a486d9e
524bd6d47354c516316a6197d25dadb6b0302420
dd20f80c86b2dd26de9c4eb68ad4df3216319f546822c003132b2a52b8e24be2

HTTP Headers

GET /ccxBcPG/ap-resize.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:38:01 GMT
content-type: image/png
content-length: 63618
last-modified: Wed, 13 Mar 2024 16:49:15 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
JavaScript source, ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:32:07 GMT
expires: Fri, 28 Mar 2025 17:32:07 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 39954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:37:51 GMT
expires: Fri, 28 Mar 2025 17:37:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 39610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.138

200 OK

76 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
gzip compressed data, max compression
Size
76 kB (76040 bytes)
Hash
eeb9041f2a760f5638e1295948c72fb0
23d13cef2977f80acd1f0f14b012501708b944f8
93519acca5cccb68582bb4b45741e2324c0aa98faac25431f52421aa171a37e3

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 04:38:02 GMT
date: Fri, 29 Mar 2024 04:38:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

104.17.24.14

200 OK

38 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 38384, version 1.0
Size
38 kB (38384 bytes)
Hash
a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zgibj.gody4r.biz.id
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 714877
expires: Wed, 19 Mar 2025 04:38:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l51KmwgAu5mr1nUClXMGT06ptslA%2BQ3xzOAnn5e%2B4fjCACpqsJqtO%2FuZC8KBRgVM7LAUc9DgyRlsu5vwnADEiEiQ%2BA8qymqrCGThTYkc03pi7IIoXMrqbaK2rQxTF%2BWN%2BAi4KokO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86bd2b07991656aa-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/img/wheel.png

104.21.94.192

200 OK

55 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/img/wheel.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 859 x 871, 8-bit/color RGBA, non-interlaced
Size
55 kB (55386 bytes)
Hash
16ef0d10bc717ef3f5f503bfb8fcd5cd
5ad4d846bd3343ae0eb69c0160d57e15f50a5831
d48485a468b2b5d0ee7dd63efc60de6d4690573cf3b17968b223ec8f2476f84f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/wheel.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 55386
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Tue, 07 Mar 2023 18:28:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4lwPKMWpKFWK190QOPEqV4IQBmB18bZrR9UIS5DuRZ%2BLXIay4ZeebINqb8DAOlkPjOdYbwlPJ595qjKtlP6IZ39FFwdDmy1G7h0B2pkHWXu99UcmbofHD6jXGSzSkuiTkrZDcqp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04db765697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/img/reward/2.png

104.21.94.192

200 OK

90 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/2.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 284 x 367, 8-bit/color RGB, non-interlaced
Size
90 kB (89530 bytes)
Hash
9e2c5f54ed2813612815c71dc27a56c3
da86f7a340cee9ff11da48666698285c4b202743
8f85bb40508b7048b6aa28f5e72b59a828568e074e56bacda991a45c06b0c123

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/2.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 89530
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:14:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cxkdn2YmLgGJaUasrDPOLy9C6uFcbd8EgfYWeYBIsGuDhjYrLkFTFNWerYheL1Z2bXm1RLj7P1snZ9OW64yTjTheJva%2B7nGvfX7ZCmlZmfdzhj27f%2FepxA205PPJVgNWidT%2FoQxL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04eb7d5697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/img/reward/4.png

104.21.94.192

200 OK

92 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/4.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 283 x 359, 8-bit/color RGB, non-interlaced
Size
92 kB (91503 bytes)
Hash
8564d70663058bb3502a1888f51fcd72
85e22240e15bbcbb4d368987a61a1c697e403edf
87875b47144648bcbf091f0554200be688cb750781e98ca037a63841fb0c8005

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/4.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 91503
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:17:49 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTQo998FB5LIJ63qe%2B8Et5zKqo%2FVBv7IBjrsT%2BsJUILR1HQjqcz6TxdWc5a5oPCVUKxw%2F2ix%2BFeqPUwQwzLchDOSdbDCVJWDjeV9GZ2wF%2BC%2FiSBCZ9Y%2BuKc%2BxmAnZAmWDz%2BYFDcQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04eb7f5697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/img/reward/6.png

104.21.94.192

200 OK

86 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/6.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 280 x 368, 8-bit/color RGB, non-interlaced
Size
86 kB (86293 bytes)
Hash
a2fa517c4924ef7d3358cf41f9d809a9
10aa0714f0c5a7594850317d9752ed9682d191a3
bf95403ac749d17c3997e8783b83f878075c7f987c9f1103074026d566549445

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/6.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 86293
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:14:45 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZ1q6E509p7vukY3tVcS1MDAeDfIdvR%2Fe8%2Fxg%2F3OWsp0hhI1ftood5pzAjdasgTK%2B7bNDv9oQlY2GQkAYj55fyvEF5qRLVqUeNhaKCxBphSTPTY6%2FA9dk7iI6hYY3T90Jfc%2BtJmL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04eb825697-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15044, version 1.0
Size
15 kB (15044 bytes)
Hash
4806226b885b3b3d0ae52142f6bfb3af
2ea5cc6d5e4adb874989a2b74bda062296fb1ad3
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zgibj.gody4r.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:37:09 GMT
expires: Fri, 28 Mar 2025 17:37:09 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
age: 39653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zgibj.gody4r.biz.id/static/img/reward/1.png

104.21.94.192

200 OK

100 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/1.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 280 x 368, 8-bit/color RGB, non-interlaced
Size
100 kB (99552 bytes)
Hash
b5cf485d30d6adc5f0e6280a358c9a3d
b4c50eefb47bed38e51b09b8c272eb879bed2185
5e8d6499246a5c5e3aabc844313a0a154fbd1c8837cc59c9cea14fb5b86cc1f4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/1.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 99552
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:17:38 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FM9jqyCrBDT6DBWeasFxSWizaDIhvPd3bjUF2QNaZWcu135H1fy5NMwMB4QBunxKZuBy5XCiYQPD92d%2BgSqZ0SzOw28dNppre7MgiKNzWkqXy4%2BOwbGEQc66PlzjEK%2Fwosq1%2FEY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04eb7c5697-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15044, version 1.0
Size
15 kB (15044 bytes)
Hash
4806226b885b3b3d0ae52142f6bfb3af
2ea5cc6d5e4adb874989a2b74bda062296fb1ad3
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zgibj.gody4r.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:37:09 GMT
expires: Fri, 28 Mar 2025 17:37:09 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
age: 39653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zgibj.gody4r.biz.id/static/img/reward/3.png

104.21.94.192

200 OK

95 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/3.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 288 x 375, 8-bit/color RGB, non-interlaced
Size
95 kB (94921 bytes)
Hash
61b63bc126a15906fbec1d71f25620cb
fa6f9aed9123e35f2881093348439c7e8d168a63
b09f710d05214acd76849a89ac25e9b41e37ab4fabcaadd5f123184281346b29

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/3.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 94921
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:15:49 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NV6nlXFnFRQIkN5b1Jt22cb4yP6hdoEMmiO%2Frs45F0y5F0XRy7EFVaScAExz26CDrlz7c622TGoafpaqI06J9OkGZ%2BHYrH7P%2B5nppBiz5GQhmb6i3uVkxAdYikkSGZlHTr9JS22g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04eb7e5697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/img/reward/8.png

104.21.94.192

200 OK

102 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/8.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 288 x 372, 8-bit/color RGB, non-interlaced
Size
102 kB (101830 bytes)
Hash
ea837f048ada68024773ccec95019232
7ecd7c57ef61f72d960ad11af2d6563e47593e54
6bf4912c37ae07cf9cfc242dde86ce1279c383ff823130e2b7e56459952d7b80

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/8.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 101830
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:11:30 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vis5u8kUaHvyHI7dhwd6Ybmd7jjgymUSQhjjS4zhANnYZmZQvRzJ1yMl7Tdmyv%2FKQQNuBGjlammWxl3uYhgXPYEYF0GmKYwDgdQBopOF88ba3tTlbaLxJUeYoVn0Hds4spJ48nVl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04eb845697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/img/reward/5.png

104.21.94.192

200 OK

108 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/5.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 291 x 372, 8-bit/color RGB, non-interlaced
Size
108 kB (107481 bytes)
Hash
bbe4e0314326e8ac5a818ecb60bdb7d7
fd5458fbe85165f5891a2fad85f21ce9d82eb7f4
7acdcbdf7f22b04d468847756c508d84575d348b52fbec152d333e50f3581c89

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/5.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 107481
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:18:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mJ2H%2BRAMbElrMuSqGCwQnn7%2FSxesMYdBk4nbfP%2B5A%2FyV62czfWGgG8xl%2F43B99bMLRLgTTtv%2FbdTajLgfz%2FP63in7RSLwmoTvdLvGBGhdnRl5q2WbyyGdvzksFEaDcnhgA4y88Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04eb805697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/img/reward/0.png

104.21.94.192

200 OK

102 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/0.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 288 x 372, 8-bit/color RGB, non-interlaced
Size
102 kB (101830 bytes)
Hash
ea837f048ada68024773ccec95019232
7ecd7c57ef61f72d960ad11af2d6563e47593e54
6bf4912c37ae07cf9cfc242dde86ce1279c383ff823130e2b7e56459952d7b80

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/0.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 101830
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Thu, 14 Mar 2024 11:45:02 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5lZ72bxYba7OdXoB%2Bt521%2FBJNHyKu5xju%2FzfhOhSBYnpU9Nhpp1NgkshT86ctDmuOKoNTZcGGfz3m6IAwGOlU7aSCotedIl5zqxDSD%2FQfrq7IPUCzXz7yZQ4VQmuRVQpbrxVFJc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04fb875697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/css/style.css

104.21.94.192

200 OK

4.5 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/css/style.css
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
assembler source, ASCII text
Size
4.5 kB (4508 bytes)
Hash
7305e168336600617a117cae101e6695
03738a97c782a6a3918f69aa63ecdedee1c84330
443d150a1d878908b45e11aa31211009f724d894efc40d24495a9222c0a226a3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/style.css HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:01 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:23:53 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wog6FOlyEZsa0NIH7zcBKzz8QoCkUF9%2Fcn%2F0TPa0BK%2FawwTTWaBiQkQcKZP25%2FE79wy8z17c2bKoC4xLw%2Bj7Zird1IOsMl8CT5pagJuYdlIw9XVkQFWNF3LHObN6j4hEJHOVoSaD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd2b04cb6d5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/img/btn-off.png

104.21.94.192

200 OK

737 B

URL GET HTTP/3
zgibj.gody4r.biz.id/img/btn-off.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 195 x 58, 8-bit colormap, non-interlaced
Size
737 B (737 bytes)
Hash
0ec1c29e13291ba7838177581aaf9578
f9fe0f9a9e9d5333c6c21ee099766e67ed076778
5c53b5b7d34dc07cb451499f37ff279a87d87033e9f3b6589c887a667fedfc4d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/btn-off.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 737
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:02 GMT
last-modified: Tue, 29 Nov 2022 14:13:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0U6ZB9i2PgUB8zlQm3GluF3AOIuyiuJgbt8UW%2BCOO34%2BPOdjyX9tzZpQZi%2BxYkK7lyKV14vG%2B96h%2FzqOVR3rjfng%2F4LBVJFtM%2BQYbDA%2BUmbyuH3zj77nekC4VyyRxxW7Xjs5V1nf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b075c6c5697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/img/ghg.png

104.21.94.192

200 OK

109 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/img/ghg.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x900, components 3
Size
109 kB (109359 bytes)
Hash
c1dfd3273f7fadb0b01a0d05b85e3018
2135b42ba250e283eb7122645aa41fff2cbbe7f8
f358b3c5a22a9f41f30f20c4be14a07acbd225c1891b0a858405f2ffb1df60f5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/ghg.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 109359
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 16:46:43 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3HJjwZTJvS633UTbGFmBbi9%2ByyXH%2F8jK0zIw6wCKjreF4MQ3gMKGdRdLapOHKxtpUr%2BiGyowa9pcODzd9GBEAODDnWKRIVcUKlNA5nztOaO45FC0QE1x5w36jFBoPEQGLpTmt1O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04db755697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/img/reward/7.png

104.21.94.192

200 OK

114 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/reward/7.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 283 x 375, 8-bit/color RGB, non-interlaced
Size
114 kB (113552 bytes)
Hash
605b6c7b2dd8bae6e7bd23a5340f0a1c
f76afc84509e0dba81b2b7779dca0d2add397ccd
d4dda75dccadd401b95c228ac709862607cbef2073b67de22783898e42c5c783

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/reward/7.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 113552
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 17:14:09 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrLjDpESdD53MVjaIzWFf0bGJ21BQDCI5TCsm1HG14UISEpbO3noZeQ3jEbRBkiBvNrqtSDNc4bx9b2wJNMTwnq4dgZq9MN7ZsMJMCHjgiIzZdE6EoWSJJH8WygU8j3s8JSXQDtm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04eb835697-OSL
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/img/free.png

104.21.94.192

200 OK

241 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/img/free.png
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
241 kB (240826 bytes)
Hash
0b368ba0d6ba79cdac00266cc788423c
abfe41488bb222f5b68a60e8f8574f78d15a5fd3
8d6767ef7c3e6f41f5ba1beca5da879c48d9247922d421196157c2a4192debf0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/img/free.png HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/png
content-length: 240826
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 13 Mar 2024 16:20:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxdzD9h61z%2FQfQi8hdd9MecQJXP4QSTS2VEkgAPtrM0jBDbMFHeQUpGw2eZJrD%2BhJQzhCmHQt6eKJUtHPIIVIFbgEfrjy63djc64ZOPwExlMdBWcBLv7K8Hui1IytzE4ti42JVGr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b04db775697-OSL
alt-svc: h3=":443"; ma=86400

rawcdn.githack.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3

104.21.234.230

301 Moved Permanently

205 B

URL GET HTTP/2
rawcdn.githack.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3
IP
104.21.234.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgithack.com
FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54
ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
205 B (205 bytes)
Hash
a131a561ff1fcd4bd22ae4d8a44096a7
0fe2f1188600da413aa9656c095a8f0d0230c231
33dd33c7e4fd25ef18436701457abcb00574695b1d109f7ab25f145b6cc09218

HTTP Headers

GET /AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3 HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: text/html
location: https://raw.githubusercontent.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3
cache-control: max-age=86400, public
access-control-allow-origin: *
cf-cache-status: HIT
age: 79035
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQfCl4tnBLiRYaDNCU8BYveqWHj8NLIoiKzU%2BU7T8qDSsPSeqb4JsIg8OtyAYdjru6iQz9e%2Btc5QlZ%2FLNFRE9DuSaSGjcHWmJfOZP1B%2BOZbZEDdVEq94XEXV4vHB2Pc%2BfpD%2F2Co%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b0a5a29955f-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zgibj.gody4r.biz.id/js/ryucodex.js

104.21.94.192

200 OK

1.0 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/js/ryucodex.js
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
JavaScript source, ASCII text, with very long lines (4284), with no line terminators
Size
1.0 kB (1037 bytes)
Hash
3c6b357da9a9c2229aa9db0d95f09fa6
7b15d8f866df1f83d3cebc72f8b29df8335b5bb4
d65b12be8cd3346554199d0d81fed9e1bf66ee7aa0da40a7f1b715e046f065e3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/ryucodex.js HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: text/javascript
last-modified: Wed, 26 Oct 2022 09:44:40 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJO0lWmrDi566BzfT%2BnYGJbJDgBFIZJPxx6SooB49yCRyGsti1XnZ0ZANVdLAYft53wxvD9gF0CPjXyFbkHls8kv3fkLljK%2FvuvOJbVMilcvcrATNWTHg9f68u886eedsMAbXLBE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd2b051ba75697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/css/login/facebook.css

104.21.94.192

200 OK

1.3 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/css/login/facebook.css
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
ASCII text
Size
1.3 kB (1262 bytes)
Hash
7963984a8f422cb6cdabcb6597f3f252
8932b3a35c501044ccf88aab675703b972868182
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/login/facebook.css HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:01 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Mon, 20 Jun 2022 07:07:26 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t31RRBATkuwWPDJLg%2BIgwij3OTS7LH4j0AyOXGPs5BSLE7jLO5SB9ZKFbFKfzVL0nRY2t6SSfL40JoiGQ0hFraAjevBGYfggDGddjU3%2FFebS7yNq9b8nYsPgwU%2BFcbwMta000XgO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd2b04cb6f5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/css/animate.css

104.21.94.192

200 OK

5.5 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/css/animate.css
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
ASCII text
Size
5.5 kB (5517 bytes)
Hash
8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Mon, 20 Jun 2022 07:07:26 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKsRfr0A5Bz%2Byw7ebRKvK4aMZCBhgIaUZkHzEeYA1X3LhZBBpKpShC2%2FtKBnd0OY4f39MiEQpArQ3IqRmm44V59Sr%2BPaimbJFXG1UBzXsaqI%2FsjrPGmw4Ouik8xC%2FyC14UdgIOO4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd2b04cb6e5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zgibj.gody4r.biz.id/static/wheelStop.mp3

104.21.94.192

206 Partial Content

21 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/wheelStop.mp3
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, JntStereo
Size
21 kB (20994 bytes)
Hash
da5c02d0af9c7f9db0fb0e213858ccfa
9f7c649258009c2c853b74349c060d9de12109b1
2998755f4b37c49010974e07f9aa0643b0a9c5be592d42988c733d0e3acc9ae3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/wheelStop.mp3 HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: audio/mpeg
content-length: 20994
last-modified: Mon, 03 Oct 2022 21:34:34 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-20993/20994
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ff%2BtJVwSYl6hJHcGKjOYDt0tR6PdPbM4%2B2OUlEqgK3rRVf6qz9owuwsc5b91rfphv0bEjn74WItopmdCQpSkM%2F9bKMo5Ifbv6Z96k2%2BPPEts2S%2BEZG%2Fqd7DYNTt6%2FgN%2BLNpqJ9R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b0a0d235697-OSL
alt-svc: h3=":443"; ma=86400

unpkg.com/package-ion@2.4.3-icons/ionicons.map.js

104.16.124.175

404 Not Found

11 kB

URL GET HTTP/2
unpkg.com/package-ion@2.4.3-icons/ionicons.map.js
IP
104.16.124.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
11 kB (11063 bytes)
Hash
1b7d58e6be5296ca1bc48c0969ad49c1
7d8b871d5a51877c5eb5c459a45e2db2ccd2dffd
efd408ae21cb31df9cc0bdd16c7cd5328e8736dc5606987077c9bd319392116f

HTTP Headers

GET /package-ion@2.4.3-icons/ionicons.map.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
content-encoding: br
etag: W/"2b-fYuHHVpRh3xetcRZpF4tsszS3/0"
via: 1.1 fly.io
fly-request-id: 01HT4807TJ0HYNM7VGVWAPSAV0-arn
cf-cache-status: EXPIRED
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86bd2b053ca8b51b-OSL
X-Firefox-Spdy: h2

play-lh.googleusercontent.com/jWN9pjF7atbqHYXAAfwvIjtzpGwTIVwX9etT0-9HiWjRjE1hInoEgJiWjwsiemu2rEb8

216.58.211.22

200 OK

73 kB

URL GET HTTP/2
play-lh.googleusercontent.com/jWN9pjF7atbqHYXAAfwvIjtzpGwTIVwX9etT0-9HiWjRjE1hInoEgJiWjwsiemu2rEb8
IP
216.58.211.22:443
ASN
#15169 GOOGLE

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintD7:FC:10:C9:A8:81:6B:99:B6:4E:4D:B7:02:8F:80:C7:C2:F7:D8:7A
ValidityMon, 26 Feb 2024 08:03:26 GMT - Mon, 20 May 2024 08:03:25 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
73 kB (73303 bytes)
Hash
2bafc2fba248405e93058e3c26dfa614
8361bf3eec4ea108953492ad3a332d48d6f7671f
828588fb737f1eb815949ff596fe72a7ba7a1fdb9ad6816d95aa97e88f150506

HTTP Headers

GET /jWN9pjF7atbqHYXAAfwvIjtzpGwTIVwX9etT0-9HiWjRjE1hInoEgJiWjwsiemu2rEb8 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 73303
x-xss-protection: 0
date: Fri, 29 Mar 2024 04:38:03 GMT
expires: Sat, 30 Mar 2024 04:38:03 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.postimg.cc/nVkV8M0W/FfMaxx.jpg

162.19.61.80

200 OK

37 kB

URL GET HTTP/2
i.postimg.cc/nVkV8M0W/FfMaxx.jpg
IP
162.19.61.80:443
ASN
#16276 OVH SAS

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3
Size
37 kB (37166 bytes)
Hash
61aa45bf291755caa8f0664e4e8b91e9
33f6c6304486ce8004d9d459f08aa6b95982f0ba
323b5ffc0bc7f906cf266b1622e4de3f8dfddcb3f38c460e58b468906d51ebf3

HTTP Headers

GET /nVkV8M0W/FfMaxx.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:38:03 GMT
content-type: image/jpeg
content-length: 37166
last-modified: Sat, 04 Mar 2023 14:21:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

zgibj.gody4r.biz.id/

104.21.94.192

200 OK

5.3 kB

URL User Request GET HTTP/2
zgibj.gody4r.biz.id/
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
5.3 kB (5338 bytes)
Hash
277cb936035d5e0557c6132d01f98539
5ea7870ea69ec1ef01be2e256dd0d49dedc9758a
b2890dfe84144df23cc8cf69201217060ef28a74b724af19a2acb505e2b92dc9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET / HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:38:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOx4R0EI5%2B%2BM8eP8mkIpNk1u7fkq%2FFxnWG2YqL%2F15MSmSS6pDwzMan5NdqCWK%2BKPBXElit2vTTauxpBcvhoAksLaznd7ldOQBGAhwp6%2Bm0giqkO2f62UrWXKNJ7bfutGPtqxXaw5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd2b020a9f56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

raw.githubusercontent.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3

185.199.110.133

404 Not Found

0 B

URL GET HTTP/2
raw.githubusercontent.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3
IP
185.199.110.133:443
ASN
#54113 FASTLY

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3 HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-
Referer: https://zgibj.gody4r.biz.id/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8
x-github-request-id: 7692:0E61:29C548E:2B904C8:660645A8
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:38:02 GMT
via: 1.1 varnish
x-served-by: cache-hel1410032-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1711687083.691488,VS0,VE124
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 1678ec5a6221f88b1d495efad195db1e479399eb
expires: Fri, 29 Mar 2024 04:43:02 GMT
source-age: 0
content-length: 14
X-Firefox-Spdy: h2

raw.githubusercontent.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3

185.199.110.133

404 Not Found

0 B

URL GET HTTP/2
raw.githubusercontent.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3
IP
185.199.110.133:443
ASN
#54113 FASTLY

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerDigiCert Inc
Subject*.github.io
Fingerprint97:D8:C5:70:0F:12:24:6C:88:BC:FA:06:7E:8C:A7:4D:A8:62:67:28
ValidityFri, 15 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3 HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-
Referer: https://zgibj.gody4r.biz.id/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8
x-github-request-id: C51A:3874DE:215445D:22B79DA:660645AA
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:38:02 GMT
via: 1.1 varnish
x-served-by: cache-hel1410032-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1711687083.705699,VS0,VE154
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 0d69e35c443da0c2cc2286d476385ce643287a26
expires: Fri, 29 Mar 2024 04:43:02 GMT
source-age: 0
content-length: 14
X-Firefox-Spdy: h2

rawcdn.githack.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3

104.21.234.230

301 Moved Permanently

0 B

URL GET HTTP/2
rawcdn.githack.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3
IP
104.21.234.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgithack.com
FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54
ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3 HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: text/html
location: https://raw.githubusercontent.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3
cache-control: max-age=86400, public
access-control-allow-origin: *
cf-cache-status: HIT
age: 79035
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOpN2R%2FGytoezeS3ICJa5XeAm5PWPWqg31j%2BjGiML7Uk1Z746ngS%2BXNOyZercGNBENBXcR%2BBy4OIrvjMmZuWsTG88OJDawk69KlSdIfleMRFyhysrVt5KsQuOwqirZzRumAyTmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b0a7a37955f-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:38:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 11061256
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86bd2b04e904568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.250

200 OK

884 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
884 B (884 bytes)
Hash
7c2d3b689c5bb0645ebf62ea661c9fae
1a37f036eb3eb8f4a3dcf15bf7cb74e2d823bdad
ff6e4ad8be14847a4490e22a1533e3100ad0bed35be9efc1fa0fc662185c74ba

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 29 Mar 2024 04:38:03 GMT
content-length: 426
X-Firefox-Spdy: h2

zgibj.gody4r.biz.id/css/login/twitter.css

104.21.94.192

200 OK

2.2 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/css/login/twitter.css
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
ASCII text, with very long lines (2432), with no line terminators
Size
2.2 kB (2177 bytes)
Hash
7d5267c9b34aa43887197a665912df33
3a527c4c1711d636a2b59c2efa4335c1f63b04b4
348779db86aad5d0930000f53c1763b20a7613db3aaebaccd12b5d0789bbb3a3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/login/twitter.css HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:38:01 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 05 Apr 2024 04:38:01 GMT
last-modified: Wed, 22 Jun 2022 07:02:08 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XC%2FVcEMhfl2bchrzQbjbvrq1ctNI63%2FSZ1ejYHTrHYZ3lh3wNOZjl9PKcg5QxJ1Q14BW1LUkUZLC1e4Tpw8n3Cabbigc1QJ%2Fjp5Wtjp%2B7sujbN0pH1bxwyyDR3ZVLt6aK6%2Bs%2BJll"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd2b04cb705697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.ibb.co/ynHzRkW/20240313-233643.jpg

162.19.58.158

200 OK

75 kB

URL GET HTTP/2
i.ibb.co/ynHzRkW/20240313-233643.jpg
IP
162.19.58.158:443
ASN
#16276 OVH SAS

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62
ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 640x991, components 3
Size
75 kB (75143 bytes)
Hash
e16616f9424042f3690a33ec90f2ee02
3647c1af05a7160fd2fb167532cfc00f20424ee5
cfdf7df9a3766045d69645d0c0e8fbcb6226c6a82dd2caa9674f9645c26a2659

HTTP Headers

GET /ynHzRkW/20240313-233643.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:38:02 GMT
content-type: image/jpeg
content-length: 75143
last-modified: Wed, 13 Mar 2024 16:37:45 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

zgibj.gody4r.biz.id/static/wheelsong.mp3

104.21.94.192

206 Partial Content

96 kB

URL GET HTTP/3
zgibj.gody4r.biz.id/static/wheelsong.mp3
IP
104.21.94.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zgibj.gody4r.biz.id/
Certificate
IssuerLet's Encrypt
Subjectgody4r.biz.id
Fingerprint0B:C2:D3:56:5D:DA:8E:4A:19:58:F7:1A:54:8F:D3:A5:B5:9F:89:91
ValidityTue, 30 Jan 2024 15:48:04 GMT - Mon, 29 Apr 2024 15:48:03 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 256 kbps, 44.1 kHz, JntStereo
Size
96 kB (96388 bytes)
Hash
016485d9955c9cf794b22dddb9e95a08
98d11221dfe093ed1b3200e3a18aa5d8ce6771fe
77d41a6a6f2cfeebb998621dbd1134bfcfbaae50b2826f44a1a1dd108e1738af

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /static/wheelsong.mp3 HTTP/1.1
Host: zgibj.gody4r.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://zgibj.gody4r.biz.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Fri, 29 Mar 2024 04:38:03 GMT
content-type: audio/mpeg
content-length: 315326
last-modified: Mon, 03 Oct 2022 21:34:34 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-315325/315326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RkXiGeGYGE8yj%2FYifiepyDfu1ZHoVoTNy99F6ymEwTHMHDXtXYkj6ll%2BF2AxGSC6Gy062Kj3NAHtNvFwk8Uoqadhkbic7U1QeJ9c7Cw07gLkmhbCTDt42fP4dO8dXlbTmQC5uER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd2b0a0d225697-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (43)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers