| GET file.g-code.co.id/npm/protection@latest/ |  104.21.64.1 | 200 OK | 17 kB |
URL GET file.g-code.co.id/npm/protection@latest/ IP104.21.64.1:443
Requested byhttps://tesshju.web.id/verify.php CertificateIssuerGoogle Trust Services Subjectg-code.co.id FingerprintA5:74:BA:FB:53:27:D4:07:4D:BD:0F:56:23:CB:DA:79:BB:C2:23:CC ValiditySat, 24 May 2025 12:35:02 GMT - Fri, 22 Aug 2025 13:33:24 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17187) Hash723ad397a1f6402ac487a4707e9d4f0e b4333fb209b47d04bbbc990ba7eee8a0cbd8b961 93459f3bbe13b5e7bc0446e5286731ac5443d95fa5fc2ec4c5c26462746ec895
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /npm/protection@latest/ HTTP/1.1
Host: file.g-code.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tesshju.web.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 24 Jun 2025 07:53:27 GMT
content-type: application/javascript
content-length: 6544
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
vary: Accept-Encoding,User-Agent
server: cloudflare
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ToK3vMvsm5Mk2m9AZvICWFhvQIdmJwPum6yRQwd%2Bej5LC36nHaV5CS%2B95iUGUmFuLzgbTtlLUuSI9k0oFovW87i0gMLohSbkg58WcJSQjg%3D%3D"}]}
cf-ray: 954aa6c9aaa856c4-OSL
X-Firefox-Spdy: h2
|
| GET tesshju.web.id/verify.php | 172.67.146.209 | 200 OK | 9.6 kB |
URL User Request GET tesshju.web.id/verify.php IP172.67.146.209:443
CertificateIssuerGoogle Trust Services Subjecttesshju.web.id Fingerprint60:8C:6F:D8:8E:B0:44:16:44:4D:37:55:E1:90:CC:62:39:02:FD:A3 ValidityFri, 09 May 2025 03:18:04 GMT - Thu, 07 Aug 2025 04:16:33 GMT
File typeHTML document, ASCII text, with very long lines (4946) Hashfdd0b48c2806e64835748c9c7c450847 912a100cb5183de8f1f1a6f833c422e5997f79d7 74b0c971765236d32209117970aa43c7dc8bde96f0bee80e99cbb38dc1588985
GET /verify.php HTTP/1.1
Host: tesshju.web.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 24 Jun 2025 07:53:26 GMT
content-type: text/html; charset=UTF-8
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2koOb12rhHWGHW6Ol4WQUTf1IH0sxiUlqGcCCEIepCmZyEleCCR9AGwD%2F0RaxP%2BejxhXmmtRHC2E7MeGfhhWyh1ZOWC3udi1q50R8A%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
server: cloudflare
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954aa6c42e710b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
| GET file.gifan.id/tailwind.js | 104.21.7.246 | 200 OK | 407 kB |
URL GET file.gifan.id/tailwind.js IP104.21.7.246:443
Requested byhttps://tesshju.web.id/verify.php CertificateIssuerGoogle Trust Services Subjectgifan.id Fingerprint00:10:0D:35:FD:2F:62:D1:F0:15:DE:C0:B9:FF:2E:EF:53:D8:6E:B7 ValidityMon, 12 May 2025 23:44:24 GMT - Mon, 11 Aug 2025 00:42:56 GMT
File typeJavaScript source, ASCII text, with very long lines (52853), with CRLF line terminators Size407 kB (407360 bytes) Hash07fc10e56e57b4c39d843de1c5f55d4a 538e8772f047a79288071a864a4b3d4b7bd8aee4 6c3d46e49008030c958ea3498f615c9f35e4545daf18db15c398820655bb2ecc
GET /tailwind.js HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tesshju.web.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 24 Jun 2025 07:53:26 GMT
content-type: text/javascript
content-length: 117825
last-modified: Sat, 16 Nov 2024 15:34:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
etag:
age: 403899
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XMuVp9ilr%2B%2FS9SKU8ZJDjLDw4ednliCVclqmSUHDXOM4Yst72t9ibGtIsnpMhSnSv0w2E%2BmTKKx7EC7L1T3OColvj1zeuxQjuDYk"}]}
cf-ray: 954aa6c61dc9b51e-OSL
X-Firefox-Spdy: h2
|