Report - tencentbuggati-globalevents.garstfa.my.id/

Report Overview

Visited public
2023-12-05 12:58:02
Tags
URL
tencentbuggati-globalevents.garstfa.my.id/
Finishing URL
tencentbuggati-globalevents.garstfa.my.id/
IP / ASN
104.21.66.122
#13335 CLOUDFLARENET
Title
PUBG MOBILE: ROYALE PASS EVENT

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-05 05:09:58	530 B	6.8 kB	104.17.24.14
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-05 08:15:49	936 B	61 kB	142.250.74.138
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2023-12-04 08:20:20	933 B	34 kB	162.19.58.158
i.postimg.cc	23840	2016-06-11	2018-04-11 12:01:12	2023-12-04 19:55:49	1.4 kB	258 kB	162.19.88.69
l.top4top.io	926491	2019-11-19	2020-01-15 00:19:40	2023-12-03 22:11:57	537 B	20 kB	65.21.235.194
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-05 05:36:28	498 B	32 kB	104.18.11.207
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-05 05:09:20	448 B	33 kB	151.101.66.137
www.pubgmobile.com	21653	2017-10-18	2018-04-27 13:06:13	2023-12-05 10:10:52	2.9 kB	1.1 MB	23.36.76.250
tencentbuggati-globalevents.garstfa.my.id	unknown	2023-08-07	2023-11-11 02:49:42	2023-11-11 16:41:46	14 kB	2.1 MB	104.21.66.122
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	560 B	16 kB	142.250.74.3
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-05 07:37:50	977 B	14 kB	142.250.74.106
a.top4top.io	588496	2019-11-19	2019-12-05 19:36:40	2023-12-03 22:11:57	537 B	18 kB	51.159.59.190

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 12:57:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-05 12:57:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-05 12:57:53	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-12-05 12:57:56	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent
2023-12-05	medium	tencentbuggati-globalevents.garstfa.my.id/	Tencent

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-1.10.2.min.js	ScriptElement	93 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 06:17 Times Seen6561 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 10:45 Times Seen8053 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	tencentbuggati-globalevents.garstfa.my.id/js/slidernotif.js	ScriptElement	405 B	2023-03-08	2024-12-02
Pretty URL tencentbuggati-globalevents.garstfa.my.id/js/slidernotif.js IP 104.21.66.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26 Last Seen2024-12-02 11:57 Times Seen317 Hash 03f6029516392f1ce262df03393de901 d88548c8d6c92e84646efe7e605f73cac7ca136c 7f0e1993cf5d96d6068606888b26fa168840e8028395c818db1ab4c584eb8775 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 21:29 Times Seen7269 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	tencentbuggati-globalevents.garstfa.my.id/js/kadalxswip.js	ScriptElement	2.0 kB	2023-03-08	2024-09-19
Pretty URL tencentbuggati-globalevents.garstfa.my.id/js/kadalxswip.js IP 104.21.66.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26 Last Seen2024-09-19 19:55 Times Seen43 Hash 1cf442c55cb341b98dc9c2c647abfe46 eb3e2cde99a352c6c76576d20d5569f80531ecc2 c067bdd5aae410b53bcfbdc0740bcc5b86dcf9c7a3b433c0acaddd86c2610a41 Loading...

	tencentbuggati-globalevents.garstfa.my.id/js/showHide.js	ScriptElement	1.1 kB	2023-03-07	2025-05-04
Pretty URL tencentbuggati-globalevents.garstfa.my.id/js/showHide.js IP 104.21.66.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 18:02 Times Seen466 Hash d3e46c4a7d95270da519489746521b1a 5f5a383b6a1a635695e2c72aace79363708f82be 8023fc37af7de956061342860b38dd1646ce1f1fa7ecc2ce703e2b544b2bd283 Loading...

	tencentbuggati-globalevents.garstfa.my.id/js/sliders.js	ScriptElement	520 B	2023-03-08	2025-03-31
Pretty URL tencentbuggati-globalevents.garstfa.my.id/js/sliders.js IP 104.21.66.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26 Last Seen2025-03-31 13:44 Times Seen281 Hash 6ed1a9c922d3f5e466c2137c34ab1bb1 dcd4c5a92671db9114baf3c0f25281ddfc6fd2c2 a490dc446aa73f827e330a2edc3392f0ada309507d38c0c2e6633bbfba039e72 Loading...

	tencentbuggati-globalevents.garstfa.my.id/	ScriptElement	8.9 kB	2023-03-29	2024-09-19
Pretty URL tencentbuggati-globalevents.garstfa.my.id/ IP 104.21.66.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:29 Last Seen2024-09-19 19:55 Times Seen49 Hash 626efa038a8cdf45be64aec7ab9ec7a4 89931decad41daaebf2321286524eff337636f1b 43fd75f2fdcc797d51bd62dd66b3867a1f7e1ef65e6742417c7c7e92860f5216 Loading...

HTTP Transactions (50)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.24.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:57:47 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 974516
expires: Sun, 24 Nov 2024 12:57:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcrEgN0b5I0fvFSsazxqA9Tus33tLQDF9TUN1s5bGOm0mANSuOIjrQtHShV1HtrXMHI5Or6qFYypt0d7Klb%2BIPSpIFQ9AwpjFCrmn3I8zU%2FR1blJghYmDOBp6zlohj%2FWq035DuHB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 830c74f61f24712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 20:34:28 GMT
expires: Tue, 03 Dec 2024 20:34:28 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 58999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 09:35:05 GMT
expires: Fri, 29 Nov 2024 09:35:05 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 444162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

151.101.66.137

200 OK

33 kB

URL GET HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32072)
Size
33 kB (32788 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 05 Dec 2023 12:57:47 GMT
age: 6978866
x-served-by: cache-lga13622-LGA, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 47, 59711
x-timer: S1701781067.313740,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2

i.ibb.co/Wg8qQxh/facebook-text.png

162.19.58.158

200 OK

29 kB

URL GET HTTP/2
i.ibb.co/Wg8qQxh/facebook-text.png
IP
162.19.58.158:443
ASN
#16276 OVH SAS

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintCC:72:96:95:90:7F:15:8E:AC:C5:40:3A:D2:6F:83:A3:DF:5E:72:56
ValidityMon, 09 Oct 2023 14:39:49 GMT - Sun, 07 Jan 2024 14:39:48 GMT

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:57:47 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/66bK3tfJ/Amod.png

162.19.88.69

200 OK

86 kB

URL GET HTTP/2
i.postimg.cc/66bK3tfJ/Amod.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
86 kB (86253 bytes)
Hash
c984d71cd905f49da568e4065129d87e
659edc07148f7197cdf025bd0ed9ac1d296f9131
c428adc61eebb6d5fb1fab43436b08fc12d7c63419f435395e436babd0adf789

HTTP Headers

GET /66bK3tfJ/Amod.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:57:47 GMT
content-type: image/png
content-length: 86253
last-modified: Wed, 17 Aug 2022 14:47:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/V9rgBqw/twitter-text.png

162.19.58.158

200 OK

4.3 kB

URL GET HTTP/2
i.ibb.co/V9rgBqw/twitter-text.png
IP
162.19.58.158:443
ASN
#16276 OVH SAS

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintCC:72:96:95:90:7F:15:8E:AC:C5:40:3A:D2:6F:83:A3:DF:5E:72:56
ValidityMon, 09 Oct 2023 14:39:49 GMT - Sun, 07 Jan 2024 14:39:48 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:57:47 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/SxQ04Qn4/navbar-logo.png

162.19.88.69

200 OK

159 kB

URL GET HTTP/2
i.postimg.cc/SxQ04Qn4/navbar-logo.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
159 kB (158577 bytes)
Hash
386d5af4a1126e03333b3a043f9efa73
3a71b66fbd920ea27595e9c958336da8b3d05606
8b877d99b1124d17bb2e21c71cc8838f80c9c0945e1c140714588e73d50c3473

HTTP Headers

GET /SxQ04Qn4/navbar-logo.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:57:47 GMT
content-type: image/png
content-length: 158577
last-modified: Tue, 22 Mar 2022 04:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.250

200 OK

426 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
a1f09c4f5c87271dbccf8cb05885ad42
18bbacc9c372dcb6bc77c2475595e058c1ad1594
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 426
date: Tue, 05 Dec 2023 12:57:47 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_language.svg

23.36.76.250

200 OK

675 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size
675 B (675 bytes)
Hash
d8ba211bb1be1a15bf5b0143ca1b009a
215203609a551dcaccf6e434508623f302635f86
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:57:47 GMT
content-length: 675
X-Firefox-Spdy: h2

www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg

23.36.76.250

200 OK

75 kB

URL GET HTTP/2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size
75 kB (75149 bytes)
Hash
92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

HTTP Headers

GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=19
expires: Tue, 05 Dec 2023 12:58:06 GMT
date: Tue, 05 Dec 2023 12:57:47 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_download.svg

23.36.76.250

200 OK

485 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_download.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Size
485 B (485 bytes)
Hash
41c1c00e6070b60d70177ae11625bb86
7f01626c76ce129247860802fd2355f2878fe8dd
0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf

HTTP Headers

GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:57:47 GMT
content-length: 485
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_shop.svg

23.36.76.250

200 OK

526 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_shop.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Size
526 B (526 bytes)
Hash
061f8e3121c0e545cb6277cbdba661e0
680a6ef2b0b5b9ae376ad927055e93e1efca2389
bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f

HTTP Headers

GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:57:48 GMT
content-length: 526
X-Firefox-Spdy: h2

tencentbuggati-globalevents.garstfa.my.id/img/lucky.png

104.21.66.122

200 OK

20 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/img/lucky.png
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
PNG image data, 640 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19528 bytes)
Hash
6ef89449c49dd8de7acbf207d0562313
62cb8d8818aa635096ac90c4d78c3c65e8ccd381
e7806f8b36629489a05adc6576164c3441a2e1b8416ba4e75b7d2d00d256e726

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/lucky.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:49 GMT
content-type: image/png
content-length: 19528
last-modified: Tue, 28 Mar 2023 14:18:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irRVjGO90P2skCgFtBd8lb4z6Fo6lRT7RRfdPy92WunUVw1kd25yCUV1g%2FvLChS8wzODDRk4bqC%2B0yYJAT8MBqzb4GsFwyMXmZ9qbBSCsLQ%2BXw1l5wxDhMGzNpOU8HbHpudEoPwgP%2Fe0I1CQFK0fUIVznPx6dlK2eCWqUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5d958b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/reward/6.png

104.21.66.122

200 OK

40 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/img/reward/6.png
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size
40 kB (39884 bytes)
Hash
5c8a233210d003c433c12ead6d0f6980
637049ef7301c809bc21e8f4e71c68adff448973
ba7dee0298ac1066281fdb3bc543217ff6340e3941492636832f905585493a16

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/reward/6.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:50 GMT
content-type: image/png
content-length: 39884
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c21OJ0jieA3IeSg2FEuBCxyspTyz78YUPj4U1yaRhCeqqdY4kdOKi8z0AG5v4TOdWQmOb5XA3BQbuc8GGcOALOXu%2FSEpyOGaf5GYeu1h8le%2FNSJ0tpRiklf8vHMrnWxzMkCtwj2KeKt8KjXsqP0QHA6xAQdNbBb%2FEzywpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5f9a6b529-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/02KwtTc7/footer-bg.jpg

162.19.88.69

200 OK

12 kB

URL GET HTTP/2
i.postimg.cc/02KwtTc7/footer-bg.jpg
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Size
12 kB (11651 bytes)
Hash
27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f

HTTP Headers

GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 12:57:50 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2

142.250.74.3

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14964, version 1.0\012- data
Size
15 kB (14964 bytes)
Hash
d6d554615ae9902f2173476e77d079fa
b5064acc8ba1c63153bfab733b915092e2b62cb6
4a0ce7a531a41b6fb56b8027541951ffe1ad67ab9e49a12ee4816247178d5bca

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tencentbuggati-globalevents.garstfa.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 02:44:45 GMT
expires: Wed, 04 Dec 2024 02:44:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:07 GMT
content-type: font/woff2
age: 36785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tencentbuggati-globalevents.garstfa.my.id/js/sliders.js

104.21.66.122

200 OK

20 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/js/sliders.js
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
ASCII text, with CRLF line terminators
Size
20 kB (20012 bytes)
Hash
6ed1a9c922d3f5e466c2137c34ab1bb1
dcd4c5a92671db9114baf3c0f25281ddfc6fd2c2
a490dc446aa73f827e330a2edc3392f0ada309507d38c0c2e6633bbfba039e72

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /js/sliders.js HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:51 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg%2FjVXE5ROF9HqmonhfTYwieLqTtCnWpHaE5TVW2uhDfGmAIS%2Fszm8T7G6wp1J07e5NaeyjhT48i1OTYxmxTbMjgV9EW%2BTBiqkL4uXw%2B57HmatzGn7n8J7h1W%2BIuoNOO3Hi16cZo8zH13GQ6Bf5pyI9MyFDYsKXVZNKuvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f65a1eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/js/kadalxswip.js

104.21.66.122

200 OK

18 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/js/kadalxswip.js
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
ASCII text
Size
18 kB (18344 bytes)
Hash
1cf442c55cb341b98dc9c2c647abfe46
eb3e2cde99a352c6c76576d20d5569f80531ecc2
c067bdd5aae410b53bcfbdc0740bcc5b86dcf9c7a3b433c0acaddd86c2610a41

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /js/kadalxswip.js HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:50 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPFFCJbApmTWtJ9WQZcleNQx6FBSODffh9yUMncKNnJLIoHnNASWZSnZZCHYkPtwSQHHEpsVpY9meGAktN3%2BuqEh%2Fy%2FH7M5GND0jHgTdLsoqicQ0Pf1RK5ecKKDTH9je%2BR0xdP0CwoCO2NaK6tY4lOL599m4O1NwQJbClQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f639e7b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/footer.png

104.21.66.122

200 OK

13 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/img/footer.png
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
PNG image data, 1280 x 189, 8-bit colormap, non-interlaced\012- data
Size
13 kB (12574 bytes)
Hash
3593f5c920bebddd62ff279b2dabae08
182a776fa67117553e6dd3abeedc344e78d1db6c
a744712efb7dfb06a6d35b9173627c587c25ae7f2b1a40555b8936fd846ba7f4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/footer.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:52 GMT
content-type: image/png
content-length: 12574
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DroUwYT3tq77NHD9sbsX5us7dE%2FT1ElcRgcxscxVpjsUX0Q07%2F5%2FK3gBdDPitv9x2UHQHHrxbIkDNLBN8Y%2B48l3CsP7rJwUgjLEiixurIDqO0mPc85o%2Bmt6alJp93NYnid1Q98K4CQDRzFA0JrB0m93QjvevOrrfIDCBGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5f9aab529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/reward/8.png

104.21.66.122

200 OK

24 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/img/reward/8.png
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Size
24 kB (24001 bytes)
Hash
21b21b7bd9f3050a0a8cfdb97e898d21
42e722041470b2afb503008978592a072fafbf6f
13c9bb11994a27a8a01dacc468d2212d7ae75bd41774c4af84e60d8c08e9269b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/reward/8.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:52 GMT
content-type: image/png
content-length: 24001
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqzqamexwYBHdKJPdxjHC8ZXOfyaMZymWoBAf5CgSslkSKP97iNFubegh9gGHY0RtZ0pMNMZ7fDvqrLwSYvROrVGRfB%2B3RFkobtxFLc42SV2w5LxyGjkITZSkHqjLXzduOXxH%2FeInzodiJpS7p16ySfbUzvEUWb223DFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5f991b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/reward/7.png

104.21.66.122

200 OK

31 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/img/reward/7.png
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x630, components 3\012- data
Size
31 kB (31217 bytes)
Hash
e4d17647f6ad04e82f35f4e3317b9b5c
1e2d7f65cd975211e5a84614f6e98aba2ca3aee4
dd6bbd8d43d958afd0332d188daf561cbd68840b82c67193e414f72c33a61f39

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/reward/7.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:53 GMT
content-type: image/png
content-length: 31217
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rqQ0tL9%2Bi6JQrqnMZH%2FpjLP60T5OO%2FPkKosizWyhfgjn%2BV9szH4QAY1Nnub%2F1FxY8qDmEC34qziFaIJtbaQQpJy6zP81qVnwi5wFVSAgBf52vxJpIqB6OMtda8rUctUhxU%2FXKpyrY4V2DWhc42r7qlQbWLpR4edMPQqsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5f9a5b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/js/showHide.js

104.21.66.122

200 OK

983 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/js/showHide.js
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
ASCII text, with CRLF line terminators
Size
983 kB (982671 bytes)
Hash
d3e46c4a7d95270da519489746521b1a
5f5a383b6a1a635695e2c72aace79363708f82be
8023fc37af7de956061342860b38dd1646ce1f1fa7ecc2ce703e2b544b2bd283

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /js/showHide.js HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:51 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05UrhXRaoBEdZUcgVtnHTPXTCbL6FrcfsGqvR81L7qj%2FbyIirPqovDa7B7dJBOgGdrKe2SgPCYlKvzDV5aCJj73kwzelpSBIUw%2FKnQwKgRUFH0PwS2vq%2F4IC82LQdM7WrDiPHKF5iTSF6pwS%2BmmEvZXnbyJRPZV9q3bOGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f639f2b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/alert.png

104.21.66.122

200 OK

14 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/img/alert.png
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
PNG image data, 540 x 116, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14461 bytes)
Hash
6d83ac9012be493874b4de88fe0a3a99
c3f60335181b80de649d59488db6402be4af2f13
8e0c466705fcc83ca6af8c75fc4cdc6cb430ed4550c73900eafb616a9fab745b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/alert.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:55 GMT
content-type: image/png
content-length: 14461
last-modified: Tue, 28 Mar 2023 14:21:00 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UdykuX10Zg8NmuaUX%2BIHOittvjbghBe4QoPmBkKVdKW%2BWwaCD%2FwyFvA%2BCE318J%2BIRwn2XE08U3skS%2FmLfXBNvcKmjSdQ%2FWy0C%2F46R026X5MQCXpumZgkqqUUKndyTOrOUuKFwWSEIuhZaqiltHeJSRv%2FODGZ%2FFlQq4%2BdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c750c9afcb529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/fonts/selow.woff2

104.21.66.122

200 OK

22 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/fonts/selow.woff2
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22220, version 1.0\012- data
Size
22 kB (22220 bytes)
Hash
345579e8566a3dd6dc9feb5362fbe7e1
df075dd0c26e72fd7df19948f07904c1eaa72ded
1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /fonts/selow.woff2 HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:55 GMT
content-type: font/woff2
content-length: 22220
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0vyjPMSsGI9D7fjAp0XmKuyh5%2FMAhQKnMqBb9wVCJ08THnse9nyGjP0ye9Q6S675YTAcnMgss%2BqAyYMk%2F32Q476wA%2FAzS9kKZR3Wd26lrL3Hpb5J%2F33H0%2F8AdiWt1bSl9z%2BPNxRFbd40BUg5H9NT33Znt6%2BrO2pQWVqmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c750cbb17b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/reward/1.png

104.21.66.122

200 OK

499 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/img/reward/1.png
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
499 kB (499041 bytes)
Hash
50fab310866e057187e5c0b3f3905e92
82c8f81faf752b60d22f94ca88336bc4b08b9425
c76396392355097db5945bf4d6f2b403a949af113de1c3d3bbc7952f4667ce9f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/reward/1.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:47 GMT
content-type: image/png
content-length: 499041
last-modified: Fri, 17 Mar 2023 16:50:18 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZVtAH9ps%2FFjz9s64nxG7tbDDQbL7%2BUwSGkf65Y8ENzP5Olu5JBq1CdSpmCa84AugdWqcS2HVW7HN8xaw%2F8YFCMzGQ2tgiA0chuy7EaEKzpUDieosrska04rsXcoHiLxfUPd2XxA1CW86gsJsVgN63mgxsIp8gve6c4awQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5d959b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/reward/3.png

104.21.66.122

200 OK

40 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/img/reward/3.png
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x630, components 3\012- data
Size
40 kB (39549 bytes)
Hash
dde353502b0beda06e5fa3509c936ff0
8ce14aa8f2dbb1545249384171862e2cf63ba966
7135452b3a3cc2777c5af2c8261390d7c2610183b2b9cb77cc1293dfb91de4b8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/reward/3.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:56 GMT
content-type: image/png
content-length: 39549
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouqVNgNf8y%2BKWdVhA%2BXTQpMvD%2B4Wri3Q7JgRqWmGz2HG6hrtJg9%2BXHc8EqrJfkzTu3kHboQ9FNzhfFymhyha%2FP6EKI4tl0z0uzHSHETnQ1EodEaQFKKsyyFgXqcWdhQzqIktoFFzXy%2BjWWFaQ9sgn%2BgglRkq1rhRZciqqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5f990b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/reward/5.png

104.21.66.122

36 kB

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/reward/5.png
IP
104.21.66.122:0
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size
36 kB (36213 bytes)
Hash
5f4e1074aa7d34ecbcbfa63cc0e4f83c
f25974d532d3c4344723cb2ea6a6c133639a8414
9f0511abd65dc722738e3c5449dd1572c2054484fa7ddee30706c8b34814013e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/reward/5.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:58 GMT
content-type: image/png
content-length: 36213
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5NWv9KbGlVBw0KsLOHDTQuV3klEbz9TSRiWLQ8jesJF4CDLFHhcK%2F7kMuKkTy6NOPlu3hRrJE%2BPBfCdGCX73uAdWUZFNlCC48btv0buNfZCA65xfPw%2F%2BDD9RSv0KIPjlMoEGy92AGqfBhwj0ApgbBnzqijMq%2BnLUjPN9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5f9a8b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/box.png

104.21.66.122

62 kB

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/box.png
IP
104.21.66.122:0
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
PNG image data, 986 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size
62 kB (61973 bytes)
Hash
b554f65dfcf15ef08952fdfa8e838306
1501e83b6d24066faa038fbc70b544ed371dc97d
3fe4640b74844164c32f1487cab760d8a78e5fd8bed8b64de4fab438bb94c98f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/box.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:58 GMT
content-type: image/png
content-length: 61973
last-modified: Tue, 28 Mar 2023 14:19:04 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYN2DfjN64ozS%2FVzA%2FMuz0kqzPfRgWJLr8KXOYKyOiZZ%2BAjX7pV%2BCajxnSCv84pbn6mVm5r0R8EZzDqDrEb1yXEglLxTHLXmc8jkOtYh43mcUlCpMZYCCv0MgmK7Qdq4uhVIx20NHS5QTu4iZLiMFr6RxuOKgNPb2Np5Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c750c9af7b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/draw.png

104.21.66.122

122 kB

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/draw.png
IP
104.21.66.122:0
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
PNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced\012- data
Size
122 kB (121834 bytes)
Hash
c0a450d1370e6a365c3cb75cdd2736e5
8bc66a023dd30416d1890c5928fedf4c75f8c681
b50f0ce943e572f018ea396e04d5c31c0b70942cdfda52546891319511687159

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/draw.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:55 GMT
content-type: image/png
content-length: 121834
last-modified: Tue, 28 Mar 2023 15:18:40 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttUDKUYSXbfBbG99ZMCf6cHR7pSYsh%2FwPmhJJSqsPzcmjWSTRjPF4S7NGPvSu6ds2S7rt3qkPdN1iwkFETXTxFfcFVxTeUu%2BzhKo8wVfTuCq8g%2BrxFFCryfD1EbgrZ0%2BGBaFrcvfjz0yJxC1CYgszOP%2Bg5wDIIxgsFfYSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5f994b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/

104.21.66.122

200 OK

28 kB

URL User Request GET HTTP/2
tencentbuggati-globalevents.garstfa.my.id/
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type

Size
28 kB (28465 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET / HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:57:46 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2F0lTQTtnlejq88OXnVXy90sBcbhCLueGQVvwljS%2F2f8ObWMG6GBOXpgtkBXCJXnlbMv3jQ%2BbHtFHeoalJ4kxl45nuziJBQ9IiAnjima%2B%2BoU31tXF8KDBWW4VZ1OJ8KS3uWNO54cy0qPujPTa6%2FoC4wUAw%2F9kV5ndNX3Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c74f0285c56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tencentbuggati-globalevents.garstfa.my.id/img/reward/4.png

0.0.0.0

0 B

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/reward/4.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/reward/4.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:54 GMT
content-type: image/png
content-length: 459320
last-modified: Fri, 17 Mar 2023 18:44:18 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0luQH%2FW%2FPjYrG7StYoVxsQuYsUMY76%2FpDNIibp2TxL%2F6iiq56PaMiS2jMojP8xAMwoCK%2FrocrEkxcGKUHmR75vm3CymmHRAQhAzo7E7BUVk6%2FGSKV%2BJlavLByQ6VAw8S%2F0t7MrkkTqtwnQTiRi5OarcmybZWl8oVkagVlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5f9a3b529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/reward/2.png

0.0.0.0

0 B

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/reward/2.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/reward/2.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:52 GMT
content-type: image/png
content-length: 514774
last-modified: Fri, 17 Mar 2023 16:47:10 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ubc7kTxtP9MCspaaxcDQeHW2alWULVjR8zaCL0mKbkdaKgVRy5VINqt0kdzxZDntEGjtERCSVSfBMwW%2Bc1eTVCn4Jz1zjUK%2F2jT5RcL1FbfKQuJ9eH0orrQ%2B%2FQyrlCzUJvOg64vmH16RfEvA3HE1e4qUsFSOEOC8TJ%2BkSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5d95ab529-OSL
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/css/facebook.css

104.21.66.122

200 OK

3.8 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/css/facebook.css
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
ASCII text, with very long lines (4025), with no line terminators
Size
3.8 kB (3767 bytes)
Hash
35c570f9e9ef1c9d866c605b6e010f7a
5d979d4c01231a14d15d05bd84f385a743fd3fa2
a81a324a4240801803cbf5a2e3955b84d83632905d1ca5474918d7aa494ae68c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/facebook.css HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:49 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XulP%2B5JKXXSnhT8936hIUVBnG%2FKW66w%2B%2FQcaSFVj4wBp7hU5JTuIBkKDKdD48Vxeql8DeVZmhFVcZu7LcYEhj61ooV6Hn23q%2BkhD3iEX8X1%2FPPdUpdXkkUdrNFX72mbbt7cfQliS8SnjJruKN7IXQiZEmWwxng5fc5HDYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5b93cb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/css/animate.css

104.21.66.122

200 OK

78 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/css/animate.css
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
ASCII text
Size
78 kB (77906 bytes)
Hash
8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:49 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygF7K38R2e%2B5wUzx9AgoRpaFvbivtoMLRPofWldKwDBHA9dUBDJFHEAuR4KO1aaJT9lu%2BYFd8QzTCSHudPod8INkrt2bQGqWtiRd5Vjgwk2rE7sSkmUMi9giaH%2BY3DFR2c6Q9dsL3rtYEvstCRqEz32DDB9ftNDYjklDYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5b935b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/header.jpg

0.0.0.0

0 B

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/header.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/header.jpg HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

tencentbuggati-globalevents.garstfa.my.id/img/bg.png

0.0.0.0

0 B

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/bg.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/bg.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

tencentbuggati-globalevents.garstfa.my.id/css/twitter.css

104.21.66.122

200 OK

2.6 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/css/twitter.css
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
ASCII text, with very long lines (2772), with no line terminators
Size
2.6 kB (2583 bytes)
Hash
3e5fb1d0e5e94aff7e5fd97b968fc517
d0ed502a7dd7f8d26058f09672cd2f449828ae18
2de96c1ac637c779759d0d4238efa183bff562e09f7f14cba0090d76025abc18

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/twitter.css HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:48 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APnhqqDM3OvEGq2wZtk9EnQeLGudz4TOPDSAguaWIYkXtr12UcXwgePyWeJsTKNkBJzxKRN%2Fsa24MM1DBwAnR%2FgsrzEtNS3X90oiA9g1oukFR55kLHRNhLg5LSdpIWwwFKCOFFFUyADcgIQMBE2uR%2FVg40gIV3W7G2C1qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5b93bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

l.top4top.io/m_1725u5z7i1.mp3

65.21.235.194

206 Partial Content

20 kB

URL GET HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
65.21.235.194:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint98:C6:A8:2C:16:D5:04:38:85:B0:AF:12:09:89:3E:5D:88:01:7D:F5
ValidityWed, 01 Nov 2023 00:07:36 GMT - Tue, 30 Jan 2024 00:07:35 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Tue, 05 Dec 2023 12:57:51 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 06 Dec 2023 12:34:31 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Tue, 05 Dec 2023 14:57:51 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

tencentbuggati-globalevents.garstfa.my.id/css/style.css

104.21.66.122

200 OK

19 kB

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/css/style.css
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
assembler source, ASCII text
Size
19 kB (18971 bytes)
Hash
d531245e081f3a2b5e12995b2397377a
62c3be06f3e3be0d002dcf66897bbd947b37af8e
1761d3bc0e631bbb412d2bda8c7bf346ffa03e5c9fdb7e6ef44eaa8548f873cc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/style.css HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:50 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THKtnMTs%2FeqyrgWAwcCibqhdazB68%2Fki6HD2H9tTEDgMb%2FzQGttKPf%2F4AfXS8cnHezXtuUNb3KJwUcmcNk79%2FONCBUYjkeR%2BbK8q7xSpCl8AQJTFMmPEkjFMDnSOvk%2FDPvRwpJv9NrhFmbciTH6%2BdKkPIb4ykYMsFztkrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f5b933b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tencentbuggati-globalevents.garstfa.my.id/img/container.jpg

0.0.0.0

0 B

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/container.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/container.jpg HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

tencentbuggati-globalevents.garstfa.my.id/img/subtitle.png

0.0.0.0

0 B

URL GET
tencentbuggati-globalevents.garstfa.my.id/img/subtitle.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/subtitle.png HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:57 GMT
content-type: image/png
content-length: 281419
last-modified: Sat, 18 Mar 2023 05:57:08 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hG1gXJ3XYUIuqSm7L%2FYgMqY0Jj2ibT5wQ7DKo9H05aIXkss5v%2B6o3F80XTkqrU0qPaJsDS6pniebhKs%2FtyAiZ0xRTJEyykDEzsZ1OyTnme%2FhpPESKY%2FzVQrSB3ysU4L%2FfBRI8icneGXpOJ8yMHGmWnGyc34atABGFmc6Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c750c8aedb529-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Teko&display=swap

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Teko&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1159), with no line terminators
Size
1.1 kB (1132 bytes)
Hash
0b52e2c4b5132ebd94353dab35b70fdc
33909660c8b09cf12a48365b48805525825ea862
ef661f53630207bdf0a86068cf51be16e47c34e95673ee6712332fd29fa6fbb2

HTTP Headers

GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 12:57:47 GMT
date: Tue, 05 Dec 2023 12:57:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tencentbuggati-globalevents.garstfa.my.id/index_files/jquery.min.js.download

104.21.66.122

404 Not Found

315 B

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/index_files/jquery.min.js.download
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /index_files/jquery.min.js.download HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 05 Dec 2023 12:57:50 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4mmmXo2cGUeHMdQ63mJtbw8HBD7Dio64wuNHv4FM9C7pBzRvwzOlU0vHC%2FplUlJJwYVosy9%2FCrAqCQbDnfgAWwUn2cD0j5gI%2BcOLOq13EImqY5nNQvW1nALcMSHmsBm2CNI6S%2FHaKgTwJ4PiH9M5gkpxjoRmjJRuUJibw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830c74f629d9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 12:57:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 1155242
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 830c74f60c7ab50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tencentbuggati-globalevents.garstfa.my.id/media/putaran.mp3

0.0.0.0

0 B

URL GET
tencentbuggati-globalevents.garstfa.my.id/media/putaran.mp3
IP
0.0.0.0:0
ASN
#0

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /media/putaran.mp3 HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 12:57:56 GMT
content-type: audio/mpeg
content-length: 93347
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-93346/93347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjB6apc4%2F4eNTD9aP8nkHH1Cjca%2BTRoCLQH6LyTs1vIcuqKGj9TozpGRfyJC%2FW4nUkfq4b6rolN%2B%2FExGF0bq7hPCwVAeWPL6Zva778I4z0HpFYmikVG2CcvkusEFZre0q9%2FV8Ol47QcjOtXfSG43E5NwOZVyPsp1cXdH%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c750e5ce3b529-OSL
alt-svc: h3=":443"; ma=86400

www.pubgmobile.com/common/images/icon_logo.jpg

23.36.76.250

200 OK

982 kB

URL GET HTTP/2
www.pubgmobile.com/common/images/icon_logo.jpg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size
982 kB (982437 bytes)
Hash
b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d

HTTP Headers

GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
cache-control: max-age=299
expires: Tue, 05 Dec 2023 13:02:53 GMT
date: Tue, 05 Dec 2023 12:57:54 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
12 kB (11603 bytes)
Hash
28abeed290ed65409b9fdac0b8ada4dc
e1b078d816c00c38edcda8f6da63773e43b6bb9b
a54cbba9c5d519add8cafd17df2d5a97757f7f7327667718bb19e1340c5c5b25

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 05 Dec 2023 12:57:47 GMT
date: Tue, 05 Dec 2023 12:57:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tencentbuggati-globalevents.garstfa.my.id/js/slidernotif.js

104.21.66.122

200 OK

405 B

URL GET HTTP/3
tencentbuggati-globalevents.garstfa.my.id/js/slidernotif.js
IP
104.21.66.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarstfa.my.id
Fingerprint4B:6D:D9:9F:59:36:EE:9E:AD:FB:A7:21:2E:6F:F7:4E:80:98:51:C9
ValidityWed, 18 Oct 2023 00:24:34 GMT - Tue, 16 Jan 2024 00:24:33 GMT

File type
ASCII text, with very long lines (424), with no line terminators
Size
405 B (405 bytes)
Hash
d04e2bb8735775658ecc02f82de70932
57fa114a33033889cd385cab4da967d093fc7eb6
1e0b76759a4ed491e1ca4ae888c32d19a9f1523856e5e4080c395e8f91fa6612

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /js/slidernotif.js HTTP/1.1
Host: tencentbuggati-globalevents.garstfa.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 12:57:50 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 11:41:46 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqD5YsA7aNn%2BzznMnbNwrjN9NbW8qmekK9%2F7U2p3uClVPtZN5molVceXjQ2oQRx9VI7OuBBvJlON0%2F5eA3xjl7sCy42vtpCLFuGlNn9%2BgG%2F0bmeDR46vYa2qa9EaCBlzrSM9NQKWlYCb%2FtytUCJbyek0olW%2BI9KV5%2FvAAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830c74f639f1b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.top4top.io/m_1725zobal2.mp3

51.159.59.190

206 Partial Content

18 kB

URL GET HTTP/2
a.top4top.io/m_1725zobal2.mp3
IP
51.159.59.190:443
ASN
#12876 Online S.a.s.

Requested by
https://tencentbuggati-globalevents.garstfa.my.id/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint98:C6:A8:2C:16:D5:04:38:85:B0:AF:12:09:89:3E:5D:88:01:7D:F5
ValidityWed, 01 Nov 2023 00:07:36 GMT - Tue, 30 Jan 2024 00:07:35 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
18 kB (17691 bytes)
Hash
70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tencentbuggati-globalevents.garstfa.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Tue, 05 Dec 2023 12:57:52 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 06 Dec 2023 12:34:32 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Tue, 05 Dec 2023 14:57:52 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (50)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2