URL: http://minecraft.zalforge.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On October 17 via api from DE — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 68.142.131.28, located in Minneapolis, United States and belongs to ASN-VINS, US. The main domain is minecraft.zalforge.com.
This is the only time minecraft.zalforge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 68.142.131.28 13649 (ASN-VINS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 3
Apex Domain
Subdomains
Transfer
6 zalforge.com
minecraft.zalforge.com
672 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
1 gstatic.com
fonts.gstatic.com
20 KB
9 3
Domain Requested by
6 minecraft.zalforge.com minecraft.zalforge.com
2 fonts.googleapis.com minecraft.zalforge.com
1 fonts.gstatic.com fonts.googleapis.com
9 3

This site contains links to these domains. Also see Links.

Domain
pterodactyl.io
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://minecraft.zalforge.com/
Frame ID: 14F1EF809A4FDE10151446821422FA49
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Zalforge

Page Statistics

9
Requests

0 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

694 kB
Transfer

699 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
minecraft.zalforge.com/
2 KB
2 KB
Document
General
Full URL
http://minecraft.zalforge.com/
Protocol
HTTP/1.1
Server
68.142.131.28 Minneapolis, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
lightning.webb.bz
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
504fb400dcbad7a45e2d56d3b295528a061dab945e5b31a0b5873e5c6759d028

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 17 Oct 2023 15:41:41 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Rubik:300,400,500&display=swap
Requested by
Host: minecraft.zalforge.com
URL: http://minecraft.zalforge.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc212bab6894a81fe1f0b173441fb26c748529b58c17ef8fa1114429dd7b5bdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://minecraft.zalforge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 15:41:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 17 Oct 2023 15:41:42 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 17 Oct 2023 15:41:42 GMT
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=IBM+Plex+Mono|IBM+Plex+Sans:500&display=swap
Requested by
Host: minecraft.zalforge.com
URL: http://minecraft.zalforge.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a647e0b5b694f96d1171ab2f39b3b06027e619bd0fb42276a0e5957bf682ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://minecraft.zalforge.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 15:41:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 17 Oct 2023 15:41:42 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 17 Oct 2023 15:41:42 GMT
bundle.752be0f1.js
minecraft.zalforge.com/assets/
536 KB
536 KB
Script
General
Full URL
http://minecraft.zalforge.com/assets/bundle.752be0f1.js
Requested by
Host: minecraft.zalforge.com
URL: http://minecraft.zalforge.com/
Protocol
HTTP/1.1
Server
68.142.131.28 Minneapolis, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
lightning.webb.bz
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5c4953072f0d6b6bea738c92cde9cbeaf6d28307f21963dfda40d9df117fbbbd

Request headers

Referer
http://minecraft.zalforge.com/
Origin
http://minecraft.zalforge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 15:41:42 GMT
Last-Modified
Sun, 16 Oct 2022 18:24:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"634c4c7a-8606d"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
548973
vendors~auth~dashboard~server.8b5eda5e.js
minecraft.zalforge.com/assets/
90 KB
90 KB
Script
General
Full URL
http://minecraft.zalforge.com/assets/vendors~auth~dashboard~server.8b5eda5e.js
Requested by
Host: minecraft.zalforge.com
URL: http://minecraft.zalforge.com/assets/bundle.752be0f1.js
Protocol
HTTP/1.1
Server
68.142.131.28 Minneapolis, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
lightning.webb.bz
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
075ab1e0c4461ef425585a8c02a2e7990e59d9f70c3dddd83d0f1cdde281bb4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://minecraft.zalforge.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 15:41:48 GMT
Last-Modified
Sun, 16 Oct 2022 18:24:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"634c4c7a-1682d"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92205
auth.32bd45c4.js
minecraft.zalforge.com/assets/
29 KB
29 KB
Script
General
Full URL
http://minecraft.zalforge.com/assets/auth.32bd45c4.js
Requested by
Host: minecraft.zalforge.com
URL: http://minecraft.zalforge.com/assets/bundle.752be0f1.js
Protocol
HTTP/1.1
Server
68.142.131.28 Minneapolis, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
lightning.webb.bz
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a5c640022a30248e1871c0367d21291799412e339b91cfc422d298fa0aeb7bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://minecraft.zalforge.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 15:41:49 GMT
Last-Modified
Sun, 16 Oct 2022 18:24:58 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"634c4c7a-7336"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29494
locale.json
minecraft.zalforge.com/locales/
25 B
1 KB
Fetch
General
Full URL
http://minecraft.zalforge.com/locales/locale.json?locale=en&namespace=translation&hash=183e209c4a8
Requested by
Host: minecraft.zalforge.com
URL: http://minecraft.zalforge.com/assets/bundle.752be0f1.js
Protocol
HTTP/1.1
Server
68.142.131.28 Minneapolis, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
lightning.webb.bz
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9a0e87a8142517a0c69e726fdf2a63bc8f224bc7f330624b94578044eb810b7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://minecraft.zalforge.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 15:41:48 GMT
Cache-Control
max-age=3600, public, stale-while-revalidate=86400
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
ETag
648aa5ae7e486cbe43e535d16699d787
Transfer-Encoding
chunked
Content-Type
application/json
pterodactyl.svg
minecraft.zalforge.com/assets/svgs/
13 KB
13 KB
Image
General
Full URL
http://minecraft.zalforge.com/assets/svgs/pterodactyl.svg
Requested by
Host: minecraft.zalforge.com
URL: http://minecraft.zalforge.com/auth/login
Protocol
HTTP/1.1
Server
68.142.131.28 Minneapolis, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
lightning.webb.bz
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
424ab1aa0f0dfafc5a84febc9c9b8d56e4b8af7fd0f5efc02d5411b97d48f9cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://minecraft.zalforge.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 15:41:49 GMT
Last-Modified
Sun, 16 Oct 2022 18:23:06 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"634c4c0a-3205"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12805
zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/
20 KB
20 KB
Font
General
Full URL
http://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=IBM+Plex+Mono|IBM+Plex+Sans:500&display=swap
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://minecraft.zalforge.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 22:39:03 GMT
X-Content-Type-Options
nosniff
Age
61366
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
20064
X-XSS-Protection
0
Last-Modified
Tue, 02 May 2023 15:58:54 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 15 Oct 2024 22:39:03 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| SiteConfiguration object| webpackJsonp function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___

2 Cookies

Domain/Path Name / Value
minecraft.zalforge.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlBrRDZpaXg0RU16bmJTbG5QSVI0Vmc9PSIsInZhbHVlIjoiYnBrWlVyd2lkcGp6aEF6YUNlS3lmU3hvSU5iMXQ1M3NWNnhMTldDZzRnUm9GM29HWUxieUZITzJFYzBHQmliRFIzazJoam4rbE54MVRPWVZVQ2JlVkFhMEhqMjI4eDB2eEc3UXRPMElDQWp4WVgrTHg1ZXhwZzlHOGlCUFBmY24iLCJtYWMiOiIwN2EzY2NkZDk3ZDU5YzFjOTA0YWEwYmYwNGIyNmUwNzE3MGM1N2U3OTFkZGI0ZTkzNDZlMDM0YTIxMjk5ZjdmIiwidGFnIjoiIn0%3D
minecraft.zalforge.com/ Name: pterodactyl_session
Value: eyJpdiI6ImVnTElKQm9MeGl5NVFXRlFLRjZ1Y0E9PSIsInZhbHVlIjoiV01pT2s3RVdZbEFSZHJYRDc0NW0xQWZLbGVheTlrRzJrY2l6bWxlcjhIcWE2S3FLdjBvSDdYbERKcjc2Ulp4Wmo5clJRdEF6OXlyZVhQUllBK2ZTVDQ3QkJ0K2FjREoveHZUZ1lTc3FaWmpWQ0tSQlNha1VsQldvd2ZTclZmYjgiLCJtYWMiOiI2M2RhZmIxMzIxZTU2YTg5MTI3OWU4NWIwNTZkNzAxNmMzMzJjMmUzMWY3MDYwNzM4Mjg5NWUwOGRmY2E3Nzc2IiwidGFnIjoiIn0%3D