Report - join.krafton-reward.com/

Report Overview

Submitted URL
join.krafton-reward.com/
IP
172.67.148.132
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-02 21:12:15
Access
public
Website Title
PUBG MOBILE
Final URL
join.krafton-reward.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-02	459 B	24 kB	151.101.193.229
join.krafton-reward.com	unknown	unknown	No data	No data	2.3 kB	14 kB	104.21.29.63
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-05-01	966 B	75 kB	172.67.142.245
sdw.suitmaxton.com	unknown	unknown	No data	No data	3.0 kB	39 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	join.krafton-reward.com/	Tencent
2024-04-18	medium	join.krafton-reward.com/	Tencent
2024-04-18	medium	join.krafton-reward.com/	Tencent
2024-04-18	medium	join.krafton-reward.com/	Tencent
2024-04-18	medium	join.krafton-reward.com/	Tencent

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	join.krafton-reward.com/	1.1 kB	2024-05-02	2024-05-02
Pretty URL join.krafton-reward.com/ IP 104.21.29.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 23:12:21 Last Seen2024-05-02 23:12:21 Times Seen1 Hash 064e4743471863783e9aa62be687e6a2 5f5d06792bde89b1a7c4414397184dc1c2b77cd8 1ff1429cf62cb54cc685ebdf75555250d3163688fc1cb1a99534a0d4313fd562 Loading...

	unknown	247 B	2024-05-02	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:12:21 Last Seen2024-05-02 23:12:21 Times Seen1 Hash c83f726a3babc1082dd32b1e5b8d73f0 b16b85cbb2c43dc3499dce3877243d6d43133dd9 f450ff2193805106a79aebbab5d9abff05d1c97c85ac1bd97604f05df51b45b6 Loading...

	join.krafton-reward.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-02	2024-05-02
Pretty URL join.krafton-reward.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.29.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:12:21 Last Seen2024-05-02 23:12:21 Times Seen2 Hash 73bfaba6d4afd50caf8dfdc9053da547 9778a2a2f3ab2b59d98c61179e53ee318a4fed52 47181845af2acbd113c9cb19cf969bb78d4e75e2e64019bc75a18e118dc3edd9 Loading...

	sdw.suitmaxton.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-17
Pretty URL sdw.suitmaxton.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-17 11:10:46 Times Seen57442 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi	1.1 kB	2024-05-02	2024-05-02
Pretty URL sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 23:12:21 Last Seen2024-05-02 23:12:21 Times Seen1 Hash 04be4c7826d6afa8113874044eabaf9b 886865c98f60355f4e71df546c48659e05a14bc3 f979d6ee43cc73b4071f959f763c961b732c6a398955cba40a21249678d6732e Loading...

	unknown	247 B	2024-05-02	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:12:21 Last Seen2024-05-02 23:12:21 Times Seen1 Hash e69f338fcd10c74981abe03dc00ffbf8 43b1c43aeaf27ea77c532ee07675b36699eab56e a024db7e76f40c13d7231553dd5f98cd891eedc2fd8ac7c708bc6be504a5a3d3 Loading...

	sdw.suitmaxton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-02	2024-05-02
Pretty URL sdw.suitmaxton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:12:21 Last Seen2024-05-02 23:46:27 Times Seen4 Hash a4faddd5ef805eac6d0ecd40518654ec 5ef26336ced8b230d6433b7045c89cbe811d433c 89b2f5b28d8fb6d4abb3f9ca0bd47eda44d3a978e49074e1dbafa7a9fd5dca3c Loading...

HTTP Transactions (14)

URL IP Response Size

cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css

151.101.193.229

200 OK

23 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://join.krafton-reward.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (65324)
Size
23 kB (23347 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

HTTP Headers

GET /npm/bootstrap@4.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://join.krafton-reward.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.3
x-jsd-version-type: version
etag: W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
content-encoding: br
accept-ranges: bytes
date: Thu, 02 May 2024 21:11:50 GMT
age: 12091364
x-served-by: cache-fra-eddf8230071-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23347
X-Firefox-Spdy: h2

join.krafton-reward.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.29.63

302 Found

0 B

URL GET HTTP/3
join.krafton-reward.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://join.krafton-reward.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectkrafton-reward.com
Fingerprint21:5A:82:B7:32:24:D0:D5:70:A5:FC:B7:94:69:BD:12:0A:F1:97:11
ValidityThu, 25 Apr 2024 13:30:40 GMT - Wed, 24 Jul 2024 13:30:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: join.krafton-reward.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 02 May 2024 21:11:50 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PeUYUNCz9XJj7cIHSj%2FxoNbQXQu89aJuiob%2F9Nxe%2FYVzzAraGhbW43LgcBLAp9vl1jk7ZLRqKR1TPgx63DeFoitWFOWukhTaWsGM7WFITwpxStZCXb0QBI%2FnafMcaTVMLgjZJo1Rmf%2F0pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87db018f6e577130-OSL
alt-svc: h3=":443"; ma=86400

join.krafton-reward.com/cdn-cgi/challenge-platform/h/g/jsd/r/87db018a4a42b4f7

104.21.29.63

200 OK

0 B

URL POST HTTP/3
join.krafton-reward.com/cdn-cgi/challenge-platform/h/g/jsd/r/87db018a4a42b4f7
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://join.krafton-reward.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectkrafton-reward.com
Fingerprint21:5A:82:B7:32:24:D0:D5:70:A5:FC:B7:94:69:BD:12:0A:F1:97:11
ValidityThu, 25 Apr 2024 13:30:40 GMT - Wed, 24 Jul 2024 13:30:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/87db018a4a42b4f7 HTTP/1.1
Host: join.krafton-reward.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12171
Origin: https://join.krafton-reward.com
DNT: 1
Connection: keep-alive
Referer: https://join.krafton-reward.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 21:11:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=f0CHNOreFzG20myvXgxRFAninYz1Dw221ki0Onoe2mc-1714684311-1.0.1.1-k3dt9NkGwk1wx.JBycFDWIWQtIUe2y_lmSQTks6uuPKbpZ8YVTjXsfRyn5X_p2hX9Hs5qjJzkW7kmYeGKtlyOQ; path=/; expires=Fri, 02-May-25 21:11:51 GMT; domain=.krafton-reward.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4y8FifeLO0dNPPtrcVu6%2ByhIQqfgxCvbyJVsRk9jCCwL%2Fer1XOLjRek5tZFWTxuiIvQr46S1SikWJp117OKMTRYrc0x3afrKLOQfUpHs0sbxCm2gr%2Fp7%2FB3PTxqgCnKSqyWf81mVXMSLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db0190a80b7130-OSL
alt-svc: h3=":443"; ma=86400

use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2

172.67.142.245

200 OK

39 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 38784, version 1.0
Size
39 kB (38784 bytes)
Hash
f9b85c9463af7103b9b24bbbf09a06ed
d28d7222bcbeb8ea701a771e85f7efe006e62fb1
62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56

HTTP Headers

GET /releases/v5.0.6/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sdw.suitmaxton.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 21:11:51 GMT
content-type: application/font-woff2
content-length: 38784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "f9b85c9463af7103b9b24bbbf09a06ed"
last-modified: Fri, 22 Sep 2023 01:44:10 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 37695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQ9BN2tBvoZr5ppUr8LPdFElnsjS9L96MI797aO%2BaNxKju3yVL3V1I1KGI37aFZblqNPSRi5M8wZZoYHtlsRc7tI6snRs0ITk2kLOeZ%2F%2Fd2ZmR8HR%2FFbS8JCKUG6sIu1O3bU18Lx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db0192eb680b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sdw.suitmaxton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

188.114.97.1

302 Found

0 B

URL GET HTTP/3
sdw.suitmaxton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
Certificate
IssuerGoogle Trust Services LLC
Subjectsuitmaxton.com
Fingerprint00:29:D0:38:A5:B7:21:3B:68:E7:5E:2F:8E:0A:AC:67:75:C8:B8:EF
ValidityWed, 10 Apr 2024 19:22:25 GMT - Tue, 09 Jul 2024 19:22:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: sdw.suitmaxton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 02 May 2024 21:11:51 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lQi6BBBmpL6w%2BY4%2BhZKzB992ol%2BUpcNTE0vNwReZP1G9BK3AElI3fDt6XgBKF4a%2FDp83W82WUT3wICjQCKA1hnqZ%2BQyneloVTEHyyk06Jt%2FLVBMqOczUpE6v2maEGSqqIBig58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87db01931df8b509-OSL
alt-svc: h3=":443"; ma=86400

sdw.suitmaxton.com/cdn-cgi/challenge-platform/h/g/jsd/r/87db018ffa4d0b51

188.114.97.1

200 OK

0 B

URL POST HTTP/3
sdw.suitmaxton.com/cdn-cgi/challenge-platform/h/g/jsd/r/87db018ffa4d0b51
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
Certificate
IssuerGoogle Trust Services LLC
Subjectsuitmaxton.com
Fingerprint00:29:D0:38:A5:B7:21:3B:68:E7:5E:2F:8E:0A:AC:67:75:C8:B8:EF
ValidityWed, 10 Apr 2024 19:22:25 GMT - Tue, 09 Jul 2024 19:22:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/87db018ffa4d0b51 HTTP/1.1
Host: sdw.suitmaxton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12191
Origin: https://sdw.suitmaxton.com
DNT: 1
Connection: keep-alive
Referer: https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 21:11:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=d9uNMlRYVxWMwDY1ke9P2BUWWTNpvnTRn2HW1jqfbaw-1714684311-1.0.1.1-b_tt.f9.EWTlE.iNRVXPwjluRXpxgiJA3gZkWI9W17DsujF9ScOvWZOe0tCfYkpDNiFfG6Jy0QkpOAUE2EBOTw; path=/; expires=Fri, 02-May-25 21:11:51 GMT; domain=.suitmaxton.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FiQcZTHJ4fjEQ89tLS%2F0afI98WsBYmzLiJcW%2Fpj11%2F6WR2Y0Erjxhb3NwUPuW79DKDoGJQs5Fmrqtx95xwvRM8FgOxj1b4WfTxhqM6y1HsIiVbPYy3m%2FXknVR7c6cBIP61TV5QA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db0194b835b509-OSL
alt-svc: h3=":443"; ma=86400

sdw.suitmaxton.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

188.114.97.1

200 OK

9.7 kB

URL GET HTTP/3
sdw.suitmaxton.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
Certificate
IssuerGoogle Trust Services LLC
Subjectsuitmaxton.com
Fingerprint00:29:D0:38:A5:B7:21:3B:68:E7:5E:2F:8E:0A:AC:67:75:C8:B8:EF
ValidityWed, 10 Apr 2024 19:22:25 GMT - Tue, 09 Jul 2024 19:22:24 GMT

File type
gzip compressed data, from Unix
Size
9.7 kB (9663 bytes)
Hash
272daa68da04976c5ec051a5fc08a3c8
d6b36a67caecfc62dfdfb9804ba9c4b961c19a14
24adad4b0fee921bb99f4e94e0c5648e2acabfaecc07d97a9c64e8fe95b5f0ef

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: sdw.suitmaxton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 21:11:51 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFL%2B5JtB%2Frqhb2etdxxPScU55e3zGv%2FWv8B2C9LCLrl87xLxE%2FhEfOC1utiloPaV%2BnDlc6jUbp35BWsYiKHdeQ5FRUQiaaQnqVWwkMrSFeuC2z7oBrfR7qQ4eQFlljryrRFN4CE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87db0191fc1cb509-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 04 May 2024 21:11:51 GMT
cache-control: max-age=172800, public
content-encoding: gzip

sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi

188.114.97.1

200 OK

8.9 kB

URL GET HTTP/2
sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://join.krafton-reward.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuitmaxton.com
Fingerprint00:29:D0:38:A5:B7:21:3B:68:E7:5E:2F:8E:0A:AC:67:75:C8:B8:EF
ValidityWed, 10 Apr 2024 19:22:25 GMT - Tue, 09 Jul 2024 19:22:24 GMT

File type
HTML document, ASCII text, with very long lines (9083), with no line terminators
Size
8.9 kB (8907 bytes)
Hash
86f3f503baded001d919957d9ce0af63
19c383daad79ef2c0af56d73e8b22a1f2e636c48
e4524bc7cd23dd5c8183308eecfa8225f913812c356346f13f6ec376dfc4551e

HTTP Headers

GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: sdw.suitmaxton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://join.krafton-reward.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 21:11:51 GMT
content-type: text/html
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UrC7lkymFsQuiLjlVTgTp%2BQdQfgGQDiOG3%2BzD8%2B%2BItizVdvz6dvqcHGd1W5cVoGis4yFtmQIeIhV%2B7BDluWnJyb18yJshNu4LiiwXy05NIhE1sFo0LtVcfpE%2BdnLCoPwN8gS1KQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db018ffa4d0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

join.krafton-reward.com/

104.21.29.63

200 OK

1.8 kB

URL User Request GET HTTP/2
join.krafton-reward.com/
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectkrafton-reward.com
Fingerprint21:5A:82:B7:32:24:D0:D5:70:A5:FC:B7:94:69:BD:12:0A:F1:97:11
ValidityThu, 25 Apr 2024 13:30:40 GMT - Wed, 24 Jul 2024 13:30:39 GMT

File type
JavaScript source, ASCII text, with very long lines (1805), with no line terminators
Size
1.8 kB (1768 bytes)
Hash
cd5cd57c9a12f332737afb9c88e9e5cd
7e45e17ccabd7a741395e54c1b1bad0b8e18ca80
1e59e812293e20ffabcde9fb7cd8e93e9ba094117e5ade1f7d2673fd2673f014

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET / HTTP/1.1
Host: join.krafton-reward.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 21:11:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g90Hr5abQMkOPoglLf%2FRpm4cG28phmJJaDWVo5zQwd1irXTNuPzTe2nciJzY9f3sbeSO0DnjQw2YkkRLWIoy5n2OLnRTyo8VYIU8Tx%2FGWZ2O%2FPAeIS7LIrhzNkUnkRbrhjDmKtrI3WSssw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db018a4a42b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.0.6/css/all.css

172.67.142.245

200 OK

35 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.0.6/css/all.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (34556)
Size
35 kB (34734 bytes)
Hash
42eaa52604673b64d6b356c2fd7f87e3
6b59cb703b2d4a7a2691f13008062b46a6bc7fdb
ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce

HTTP Headers

GET /releases/v5.0.6/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdw.suitmaxton.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 21:11:51 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"42eaa52604673b64d6b356c2fd7f87e3"
last-modified: Fri, 22 Sep 2023 01:44:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 186303
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFotIdsl26VQ1N3tg8P%2FjEOdgMPtFZ%2FhVFban7OMiWZTrnL%2FnE1bv9ACTpVgl%2BlilyLG%2FBJLM5BFf9N3iT%2BuQ5rsWX95j3eHXXQEGPMjJG6hylENk9O00UJHhzlm3gbb3pXtsBdf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db01922d371c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sdw.suitmaxton.com/

188.114.97.1

302 Found

8.9 kB

URL GET HTTP/2
sdw.suitmaxton.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://join.krafton-reward.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuitmaxton.com
Fingerprint00:29:D0:38:A5:B7:21:3B:68:E7:5E:2F:8E:0A:AC:67:75:C8:B8:EF
ValidityWed, 10 Apr 2024 19:22:25 GMT - Tue, 09 Jul 2024 19:22:24 GMT

File type

Size
8.9 kB (8907 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: sdw.suitmaxton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://join.krafton-reward.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 02 May 2024 21:11:51 GMT
content-type: text/html
location: https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BjMmUAzN7jcgXh4KQS2fonhjO9OSgQ1trOj7sEjAeZuQpuI4SsHNc1i6UU19td46n4uNUIvfm2It0AtkwbPU2aZ6MjtP849%2BDrFob9QcU2NctsryugSeMGVM7dFLcR4sT3MHEZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db018e68500b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sdw.suitmaxton.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

188.114.97.1

200 OK

7.8 kB

URL GET HTTP/3
sdw.suitmaxton.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sdw.suitmaxton.com/cgi-sys/suspendedpage.cgi
Certificate
IssuerGoogle Trust Services LLC
Subjectsuitmaxton.com
Fingerprint00:29:D0:38:A5:B7:21:3B:68:E7:5E:2F:8E:0A:AC:67:75:C8:B8:EF
ValidityWed, 10 Apr 2024 19:22:25 GMT - Tue, 09 Jul 2024 19:22:24 GMT

File type
JavaScript source, ASCII text, with very long lines (7810), with no line terminators
Size
7.8 kB (7810 bytes)
Hash
a4faddd5ef805eac6d0ecd40518654ec
5ef26336ced8b230d6433b7045c89cbe811d433c
89b2f5b28d8fb6d4abb3f9ca0bd47eda44d3a978e49074e1dbafa7a9fd5dca3c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: sdw.suitmaxton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 21:11:51 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoDJsmxwYGgwCs%2FZpiE6z9OV24C5jRCjI4I0DKdSNG0mLSBOQzlnEFpeLlQ66X%2Fl%2BsSA72kfbZKhgRrzSQy6O5Bx00kigUTbMIzPJE5mdSSYLmopMX1mTboJaH2p8cgQPPL3RlE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db01936e78b509-OSL
alt-svc: h3=":443"; ma=86400

join.krafton-reward.com/favicon.ico

104.21.29.63

404 Not Found

1.2 kB

URL GET HTTP/3
join.krafton-reward.com/favicon.ico
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://join.krafton-reward.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectkrafton-reward.com
Fingerprint21:5A:82:B7:32:24:D0:D5:70:A5:FC:B7:94:69:BD:12:0A:F1:97:11
ValidityThu, 25 Apr 2024 13:30:40 GMT - Wed, 24 Jul 2024 13:30:39 GMT

File type
HTML document, ASCII text, with very long lines (1276), with no line terminators
Size
1.2 kB (1238 bytes)
Hash
24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: join.krafton-reward.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://join.krafton-reward.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 02 May 2024 21:11:51 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlqCs2x3jfYX8Mxifuz0yMgqd63pgcLlgTMDphhu4l5jm%2F8toZkE9pPZhuu8Eei%2BBPtCKHDkq9gRHksJPfxBYUOZLoc9qbIzlPC%2FiTN5W1l9yv3%2FFHwkQjCfz1U7JUMw6K6zGilb34o59w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87db018f5e3f7130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

join.krafton-reward.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

104.21.29.63

200 OK

7.8 kB

URL GET HTTP/3
join.krafton-reward.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
IP
104.21.29.63:443
ASN
#13335 CLOUDFLARENET

Requested by
https://join.krafton-reward.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectkrafton-reward.com
Fingerprint21:5A:82:B7:32:24:D0:D5:70:A5:FC:B7:94:69:BD:12:0A:F1:97:11
ValidityThu, 25 Apr 2024 13:30:40 GMT - Wed, 24 Jul 2024 13:30:39 GMT

File type
JavaScript source, ASCII text, with very long lines (7778), with no line terminators
Size
7.8 kB (7778 bytes)
Hash
73bfaba6d4afd50caf8dfdc9053da547
9778a2a2f3ab2b59d98c61179e53ee318a4fed52
47181845af2acbd113c9cb19cf969bb78d4e75e2e64019bc75a18e118dc3edd9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: join.krafton-reward.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 21:11:50 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKqDl81sC%2BkGDYoZG8wcwaJfc1IOEw4ME2ZZkpaWK68enY6vF2UgG2WZyNTyZuIPBCe0aCPlkPYBvufdMRsbEDYHggxIMkhnvDilx7QfXivGo8U1MD1m5CCk9SerlZLtPZvtI9%2Be4Rg%2F8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87db018f8e7f7130-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3