Report - 12ahkw.krafton-news.com/

Report Overview

Submitted URL
12ahkw.krafton-news.com/
IP
104.21.82.93
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 18:02:42
Access
public
Website Title
BATTLEGROUNDS MOBILE INDIA
Final URL
12ahkw.krafton-news.com/81/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
78

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	1.0 kB	32 kB	142.250.74.99
www.battlegroundsmobileindia.com	unknown	2021-03-18	2021-07-19	2024-03-23	458 B	1.7 kB	23.197.207.19
l.top4top.io	926491	2019-11-19	2020-01-15	2024-04-17	505 B	20 kB	135.181.63.70
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	469 B	12 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	1.1 kB	46 kB	104.17.25.14
12ahkw.krafton-news.com	unknown	2023-04-03	2024-02-12	2024-02-13	18 kB	2.9 MB	172.67.167.249
i.postimg.cc	23840	2016-06-11	2018-04-11	2024-04-25	884 B	34 kB	162.19.88.69
i.ibb.co	13485	2010-07-20	2018-11-25	2024-04-24	918 B	57 kB	162.19.58.156
a.top4top.io	588496	2019-11-19	2019-12-05	2024-04-17	505 B	18 kB	65.21.235.194
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-04-25	468 B	32 kB	104.18.10.207
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10	2024-04-18	453 B	499 kB	104.18.40.68
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	1.1 kB	146 kB	151.101.193.229
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-25	876 B	61 kB	142.250.74.138
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-25	418 B	94 kB	151.101.194.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent
2024-04-25	medium	12ahkw.krafton-news.com/	Tencent

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	12ahkw.krafton-news.com/81/	1.1 kB	2023-11-02	2024-04-25
Pretty URL 12ahkw.krafton-news.com/81/ IP 172.67.167.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-02 08:42:07 Last Seen2024-04-25 20:02:43 Times Seen12 Hash 12103df8d25908d632ff2ae3f4f9fb06 31b1de1db92e7a8ee2c8065ffc8cba152e1b756b 833248a8efce647e4b0d6b5e69ee4bade440a70bd4d5ed37e285a9dcb41db2ba Loading...

	unknown	247 B	2024-04-25	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 20:02:43 Last Seen2024-04-25 20:02:43 Times Seen1 Hash 2a198ce0f16171336967f1161f59f466 03262e2af1ece66181c72fa5b03bb090c985b1f8 c7ba4b886b987214feb3e23ffe658926f9e0c4a3d9e4990ffec0d25bcf912826 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-05-05
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-05 19:24:48 Times Seen14404 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-04-25	2024-04-25
Pretty URL 12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.167.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 20:02:43 Last Seen2024-04-25 20:02:43 Times Seen1 Hash 876a292371fbc9d6effac3d1d36de1ca 673876b6c60350c68b9fed6a25e7cd9f733105bc 3bb209e2b160733140812ee7578a14c4e1dba0b6e0121e35c4f14444e16a269c Loading...

	12ahkw.krafton-news.com/81/js/script.js	6.1 kB	2023-11-02	2024-04-25
Pretty URL 12ahkw.krafton-news.com/81/js/script.js IP 172.67.167.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 08:42:07 Last Seen2024-04-25 20:02:43 Times Seen15 Hash 30aa75655d8ce394aa1c2fb2f24e7416 24477313e7161629927282eb12bc8233781f3297 28eccfffa353ec5807b9e256410320f1e44e4fb58840940be4bfe6ec13e65fd2 Loading...

	12ahkw.krafton-news.com/81/js/snow.js	17 kB	2024-04-25	2024-04-25
Pretty URL 12ahkw.krafton-news.com/81/js/snow.js IP 172.67.167.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 20:02:43 Last Seen2024-04-25 20:02:43 Times Seen2 Hash 969949df87064be675d69c16303371ca 45cf771e88aa55c3929ee4e69f8a57afa8ea3029 f668b4db7d6dcdbcdec0506ac77b3f5af5a8e2dcfb247fcb8b8a846efb11a369 Loading...

	12ahkw.krafton-news.com/81/	1.1 kB	2024-04-25	2024-04-25
Pretty URL 12ahkw.krafton-news.com/81/ IP 172.67.167.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 20:02:43 Last Seen2024-04-25 20:02:43 Times Seen1 Hash e1bc98339c54004dabec0bf921aeaf4f 241968f72708c56398c461cf95b119b360e881ba abe69ce6b7a574fb8a45f90f430310b26a42cd89688624c971290bfe9fb56c9d Loading...

	12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-04-25	2024-04-25
Pretty URL 12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.167.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 20:02:43 Last Seen2024-04-25 20:02:43 Times Seen2 Hash 909dc46da282aca9e946c3276f8a25b3 f520dd39a217918662aa1a913248f1f77d87a5d8 b532960bbf014f0b772bc61983b56f917827b0860fd00a28b34b0cdcbfe86785 Loading...

	code.jquery.com/jquery-1.10.2.min.js	93 kB	2023-03-07	2024-05-05
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-05 19:24:48 Times Seen10439 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	84 kB	2023-03-07	2024-05-05
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-05 19:24:48 Times Seen14034 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	12ahkw.krafton-news.com/81/	1.1 kB	2024-04-25	2024-04-25
Pretty URL 12ahkw.krafton-news.com/81/ IP 172.67.167.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 20:02:43 Last Seen2024-04-25 20:02:43 Times Seen1 Hash 56ab6acc2bf69f7a8123d164e11150bb 7dff41697d3f2a9382b4fb428840e27067fe97ad e8094f8cdb423a6927ecfe341f184a74208c2d0a791e156beb640e3e339323aa Loading...

	unknown	247 B	2023-11-02	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 08:42:07 Last Seen2024-04-25 20:02:43 Times Seen12 Hash 3c70e13b13c336d5e841e7c3a7ee4ebb 741edbf4b7f0ef3894678324635aeed7f43bc014 dad1c3d0688ed0e9ccc9e60ca36731a93c92b14b41fbdee377ef484c59b3fddd Loading...

	unknown	247 B	2024-04-25	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 20:02:43 Last Seen2024-04-25 20:02:43 Times Seen1 Hash 587640556fe39e223b80559f15bcfeef 82f8623a5728066fa16f0ca9a811dd168eb6a9bd 09881baf0054106904ae8320680a5e836520844987a2cbb6d3c2fb3f846c14f2 Loading...

	12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-04-25	2024-04-25
Pretty URL 12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.167.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 20:02:43 Last Seen2024-04-25 20:02:43 Times Seen1 Hash 280ffe1ad581252e3085fd47558679ef b914e7d24285f915752439e5db3d66332ff045ac 171e3490e86608b8f57fcf3906731936c29334a56133e118db45683d6765c270 Loading...

HTTP Transactions (58)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1249287
expires: Tue, 15 Apr 2025 18:02:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zs1iy7yt7k3A5RyyQYMsC4gb16SrrDgMNRSWpzHMyoTDrBU5stpGFXwui0n%2FHde0nFcSLTolTgx2%2BtMaTugbVAy4eqIARdO3BnbO6SM0kQnkewnQ6WevehLRgcEPKPm2C2Tp4pL7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03e304c920afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css

151.101.193.229

200 OK

13 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (65354)
Size
13 kB (13301 bytes)
Hash
da9ff512cdd9f6c89e8a4e0eff2011aa
c1664dcdbe11da68b9c3b6363b3c23ac4344d4da
483e1bf6ead25d54b37456cf0e51ea0220d9de03ef6ba2a2d8c3f34a4bc34c17

HTTP Headers

GET /npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.11.2
x-jsd-version-type: version
etag: W/"14f73-wWZNzb4R2mi5w7Y2OzwjrENE1No"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:02:14 GMT
age: 13470640
x-served-by: cache-fra-eddf8230114-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13301
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:21:57 GMT
expires: Fri, 25 Apr 2025 17:21:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 2417
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:38:24 GMT
expires: Fri, 25 Apr 2025 17:38:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 1430
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

151.101.194.137

200 OK

93 kB

URL GET HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32072)
Size
93 kB (93107 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:02:14 GMT
age: 715941
x-served-by: cache-lga13622-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 1606, 4234
x-timer: S1714068135.576458,VS0,VE0
vary: Accept-Encoding
content-length: 93107
X-Firefox-Spdy: h2

12ahkw.krafton-news.com/81/img/navFb.png

172.67.167.249

200 OK

2.4 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/navFb.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2369 bytes)
Hash
57b33ef147508d9a59ce3b90d6cc10c3
c402619796c175d8d1f77f39082c51583e365df3
347be294958042503fc06f16c339c6eb9e9341fc8b4ee7ccb535abb8cd9f372b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/navFb.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 2369
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twAIClFX6SfBFuRj2G%2B1EYEFUnAxML1oS8wEfrt4m4VqyyRFIjaLP%2FI%2FtJtN605BQlpI9Wxn%2FRZofkIj4gSANYJemW%2Bu%2Fphfs4FyZhuf7fUHmQxWcZlviNba%2BaFL5AIofwqUfRDtPfamqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e300e5456c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/menu.png

172.67.167.249

200 OK

2.3 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/menu.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 35 x 24, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2293 bytes)
Hash
d5a2ebc27f552863a6d97950a47670f5
ebfe5290a052cebe610c3eaa1e6a0d34db10e39b
ac6bd07a81c6f0a4bd2f23a40478d0c2e08f419c5d8b411d2364eec2f3d17da7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/menu.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 2293
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMdWpjNqXYwjMJnFASmMrXQQYEWbFlPqN72Mq4hFXlyB6LJGoIQTA6BMFMx3SRBaovF2dy9MQDVz4SZaE6mXsSNaoW7lKFQds2D%2FTNldt5UdMpvf%2F9adbR7FGzMljuyk9vrGgj7a%2FzzU1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e300e6056c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/navYt.png

172.67.167.249

200 OK

2.4 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/navYt.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2369 bytes)
Hash
888954c471597ea2fdcca77103f505b1
c16d8786c8232f657583507a1257b5d2be978c58
f8fd1f87d08b5e87f6b12577883a00bc6340d84cbd3b8b837b4f6472d2dc27cc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/navYt.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 2369
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BWrf5IKN%2BCCHHyBuX7NQiRhQjqb871WaI%2BARNZJSL3Qf2Q8zCYQH0ATPc4lSjQ4E3Ycm2To9jmNiY1Pwt1pudolRgxbtnN3HuJriszjEYSUJlqmCJ9vygR9vHOFUwMv6fNg5FUBsN3FAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e300e5f56c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/logo.png

172.67.167.249

200 OK

3.9 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/logo.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 132 x 54, 8-bit/color RGBA, non-interlaced
Size
3.9 kB (3945 bytes)
Hash
f88d0e27c031d9af88a7d5edf771f2bf
3ad0d9da957738707ec959d52c070c62fc6a8bfd
6314644539af517f687e019e0470e60b84d770c9d80aa046818d2d025f27eaa7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/logo.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 3945
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YG%2Bswab7w%2FNP3WQVXs4bqPqZA0W96kz1yL3G%2Bqx4vbfZCUVyDYDxd2RMA%2BouNZKLMRjhl3Cmy4tjjB297fdm1iwecomTkG8rtvY9vDPtaL4lUNwRWPXvoA19AkY5R1UyyIW9IG7y86BmHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e2ffe5156c3-OSL
alt-svc: h3=":443"; ma=86400

i.ibb.co/PYpHF6b/Twitter-Show-Password.png

162.19.58.156

200 OK

28 kB

URL GET HTTP/2
i.ibb.co/PYpHF6b/Twitter-Show-Password.png
IP
162.19.58.156:443
ASN
#16276 OVH SAS

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D
ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT

File type
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
Size
28 kB (28355 bytes)
Hash
2fd203703821d5ce5d18bee2a51b779a
a78d7b1369ce8bc34de57909af142043cae446f0
6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8

HTTP Headers

GET /PYpHF6b/Twitter-Show-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 28355
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/pZDr8sd/Twitter-Hide-Password.png

162.19.58.156

200 OK

28 kB

URL GET HTTP/2
i.ibb.co/pZDr8sd/Twitter-Hide-Password.png
IP
162.19.58.156:443
ASN
#16276 OVH SAS

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D
ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT

File type
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
Size
28 kB (28029 bytes)
Hash
8d1f08b46884df302bf7300fc234832c
5735d57b6fa211c400d439095d5ff2f5bb57e691
e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7

HTTP Headers

GET /pZDr8sd/Twitter-Hide-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 28029
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

12ahkw.krafton-news.com/81/img/footer.png

172.67.167.249

200 OK

7.0 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/footer.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 276 x 35, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7004 bytes)
Hash
731bcfc15f2a21cd7b9744a1c8f61714
b8c612461c8eb46b4605b0c41fd2dfd8efb6b7f5
8fce2cab2eb55065e9cca8bbf72667662b27de4d938178c8658808550fe30a43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/footer.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 7004
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbLBA2pVke%2FxULjJ4UUH0EF3lfl96zuw%2FgIDeeXn4KduhSZyWLMEjDSJSFm0DUAAZnn%2BnbERQTStWGNsbt63V0kjUZJ92uC%2F4kh5RShRKSFv5S0pdwvtjlrsoOtoYNBtXwRblGJsf6BuOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9056c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/navIg.png

172.67.167.249

200 OK

2.6 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/navIg.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2638 bytes)
Hash
d4e9b873d6494773a9f585a1cfafc26f
0d3b37b5345415a2e9c8572041fb7906a67c2f8a
7167f2fd7e13d728e91d8ba6ed8e7b1fcd714087c59910463e11e2b08cfdfa54

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/navIg.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 2638
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzRlKB4QRkSivk7%2FadVUm1dfSMBhqkxpGZz9nLO06cBtY1BWD58haF2sOIVpesOtkQ32XLoJ3KiKA%2BeqfY8A70Hq4s%2B9hl5kiKSuWFtU0XgK1Z%2BXLfneFmW1hGOiRP6tu86v9paaUSfSFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e300e5d56c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/popup-close2.png

172.67.167.249

200 OK

867 B

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/popup-close2.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced
Size
867 B (867 bytes)
Hash
75b8fc9fb0f1dce9c0e53d119e637af8
c429caf6e1ed51a43421419c2a08d8ab8a654ae9
be08cce2cf15dba627fec531ea422ca0bdc76de1c2b61d6de21e2920687d4678

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/popup-close2.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 867
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slJtudjNM8%2FcIvORQ8bvOfUS7%2BApxPOkwrT%2B9yYVEFW%2BDHobyQ%2FQP8OCBTElMkK%2FFmDkKcmL9XL0XwRpCpLCX1frjN4XRDiK%2BvXTrEmsAd4NckCje%2BOlXd7An2NxIZ1WWiForpm3J2WcUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9756c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/1.png

172.67.167.249

200 OK

14 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/1.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x480, components 3
Size
14 kB (13669 bytes)
Hash
33831843d54ddac16ebc39ee646f3770
7642cd99aa740bdee5ee76c78b3f3670e632846d
48e958cb8800b0e8214979fdc04f1fcf434cc1161a9adbd28ad5a06ef81b6413

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/1.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 13669
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxmsnkUDawQgwkgVWVwG4eZqplVxx%2BMFqVKA5myyCvn8GyA3pPKYmu4J34%2Brzy%2FB09K4eH%2BRr6WbHgbYogVvjH57BfqPlRYmfxAuaKGRL0xgEn7q%2FfLOD6sKXyJNfS4iQq8Q%2Fy%2BS5TjUeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6656c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/parachute.png

172.67.167.249

200 OK

85 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/parachute.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 600 x 649, 8-bit colormap, non-interlaced
Size
85 kB (84616 bytes)
Hash
5edeb15fc008e850a62344c8cc678eda
48599b23fd0da1c8ae3707a9cdfd29569353cdeb
0948067659fe1621f1cd8460a70633d1c3ed2605bb7d74955c0f38ba107c0ea5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/parachute.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 84616
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0u%2FxMzE8sjm2CVl7V%2BHgTeWyD5pH5IT461TxZyJxFTWOjMaO2Qna23WCiZWR%2BQeGplUhig9DBPqo0AWhdQbaQUBAP7dfaZtkM0hZ3rFbfHqzd3ETytswk1jC5rK6v22JIvZi8WJ8OBJj7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6456c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/icon.png

172.67.167.249

200 OK

30 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/icon.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced
Size
30 kB (30182 bytes)
Hash
6ae43b6c707f6c559b4b19ba64ba6f4e
8a67a6bbe6d443180fb3a0d88355cef490ec85b1
e85ade5d6786ebf81122a53e42d731a33edf5368d8b18e8dc397c0fbf06b9268

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/icon.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 30182
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vL%2FYYpVRyrqWqYQEVMDpa%2BQPAbKwtbI49dn84HWjS4G2LW%2FOFgwkhCNFaMVsVv3KJoYSd3zYnWwIdTrQpfXqCl3UKn7kRx3Kfb7bHikYV%2FV5d9%2Be8R9GXvBf7Iu6sElWAe3jEgjL7Tej1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9c56c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/gamecon.png

172.67.167.249

200 OK

43 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/gamecon.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 768 x 244, 8-bit colormap, non-interlaced
Size
43 kB (42582 bytes)
Hash
60f0aed7d9febef0bd3b391cb64760d6
22ee08574792dcd54a9c0f84cbb895f52c5907bb
d0f846f4af6083f0d1045ed11ec4c8b34b5f0d220a45b485d1261caee7b6c3ec

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/gamecon.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 42582
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtZdfATPfEmYhGiOX4XdDdz0xWIuYZOAQ6a%2FbA8uvXAvOK4IFuDvhKi34njE63RMyUvg8hYf0WBay6cUo%2F%2BCkJpTzsrGxtsTwL4592Oyof6LhWds1RMJDUUlz5Tjh%2BDcvxg2Pi3xYrEXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9956c3-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/dtyfWFF2/login-Method2.png

162.19.88.69

200 OK

4.3 kB

URL GET HTTP/2
i.postimg.cc/dtyfWFF2/login-Method2.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
Fingerprint53:90:A2:AC:6E:D0:9C:56:06:D5:4F:6E:EE:C9:67:58:10:CF:9A:D6
ValidityMon, 22 Apr 2024 06:32:22 GMT - Sun, 21 Jul 2024 06:32:21 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /dtyfWFF2/login-Method2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

12ahkw.krafton-news.com/81/img/kinnon.png

172.67.167.249

200 OK

88 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/kinnon.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced
Size
88 kB (88464 bytes)
Hash
6774f33254c7f07a7763bd503b7c918c
9e212fcefaece30889f0aad36e0ead3a41ceb4fe
e072b60dd0fb713c703bf0496b6bc130c8c9653a44746cffb2cf854c090334b4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/kinnon.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 88464
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVxeIt4OSaQ68yCxqhv6i8mUFarKijRK8g3i3fSVR1fk656iZCqy9ql5m34iKwS46triuj4OAH7eVv%2FpG0WG19waXA%2Fla8nUP5dYt5TYrJK%2BzamhdKAdrLJIXdq55m%2BiM1mzxe87hLAg%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9b56c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/4.png

172.67.167.249

200 OK

193 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/4.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 1041x986, components 3
Size
193 kB (192995 bytes)
Hash
746b9af1f26d8ca85fd73e0a27aecea1
e2162efcb803c44ab4f4bb67aaf13614b2571e8d
a7d80f18e9142dfe09b5c36ff55280907f2e5f429bef362ab5c2a24b4fad7b78

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/4.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 192995
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHeaux257fiVIk5eSb2UAldkQXdvN%2B16SrKQ7RD%2FqJ4IIArKKLM2NsLMvPgW61Q2waInnE%2Fwvlbxaif1gOprincVTQdG1XMIx4KHt7%2F1LFzdxAiUmCZ3r1nVyJVK9BWdb0%2BrEisp9qHZAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6c56c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/2.png

172.67.167.249

200 OK

57 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/2.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced
Size
57 kB (57249 bytes)
Hash
d1928b6cca6ca2be84f857b554961db6
7babad5563e4c2ab701bc5b13c2a9b2ed3f5b641
3e0540d4ccd3216754e4c921a3ab6dd1699d0950a7ae2d96fa296cba2c5a5100

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/2.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 57249
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CoZwr%2BNlNCtQq%2FSrVqx0lYOuKkcqAZi1N1Uug7HTDgafoVXc%2FLcnBeMlyozpcjWDGSSQRBA93rHAFxmMthspR8zDWa3N%2BPRvC2bQDZBvRFPRWmxscb1%2FOKRM911zNIyvW2XWkNgoGTJ90w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6756c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/5.png

172.67.167.249

200 OK

138 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/5.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 1267 x 1266, 8-bit colormap, non-interlaced
Size
138 kB (137709 bytes)
Hash
dd4bb26c4394b67034ff6c3b221f8c0a
ed2c5143c29f57f8272ffcbe73756d890227f475
bba932efd998f500df06545d8a9b5a69a6a6fa07453ca3700517935a78e90c55

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/5.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 137709
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fojy1kHMoRUld9bsoa2jtELEsBcaFcLO4MRQg8Nai3EaihFeTqcAl1vvqH5Eus01abs2kI0rA2D9dhUxHC1qcqi8DJgHQ7UXAaS0yH4bVny%2FyCLzobsGjbyfMv2IvYMZWE0fgdzdNeEhNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e7256c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/8.png

172.67.167.249

200 OK

138 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/8.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
138 kB (137812 bytes)
Hash
80bf6637cc27dc76eee7d2dcf6fbab8e
45d1a24608a2bdc963189a0e2866141ebb525856
cba7c2c6e6f4c4fe8c572bf1e62fcb9e79724fc4850fa09d47d9ae648504257c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/8.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 137812
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8lK%2Bf9GPfIzf6aK13nTzwwAnfD4Zo0GGKMIm6dA8z3hf8kE1dga204sp8okBcFP2Ae10gKU2GxkQ0lxWC9iKRjpbT5wv3WntgRuJ5HarEE8zmflmWUR%2FDe9ioJ7oydVb2ix%2BBh2fFYYVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e8656c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/7.png

172.67.167.249

200 OK

132 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/7.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
132 kB (131696 bytes)
Hash
8eee84efe5a68b32a01775f29cacc318
7b76ce3715f3131b3a07d669daefcb4c38ca4baa
58105c86b9b8ea948e2e6ea9c3a8d012178828e4cb13f916e82f087d7df1ff0a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/7.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 131696
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BZhPNrgfMGCv1oyERL136AAeGWr1j2qZ296XpZfGYmTP0EnUH6VAVRHkfA8sYNzK%2B4%2B4bCs9HsBdvfROEUCwAG7ZQ1dpmtpO8ygxmoIPAChQBzGsq06Vi3EnW5iqzSVVlXp7mWPg7WylQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e8356c3-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/3wBVgZTz/login-Method1.png

162.19.88.69

200 OK

29 kB

URL GET HTTP/2
i.postimg.cc/3wBVgZTz/login-Method1.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
Fingerprint53:90:A2:AC:6E:D0:9C:56:06:D5:4F:6E:EE:C9:67:58:10:CF:9A:D6
ValidityMon, 22 Apr 2024 06:32:22 GMT - Sun, 21 Jul 2024 06:32:21 GMT

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /3wBVgZTz/login-Method1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/png
content-length: 28789
last-modified: Sun, 26 Dec 2021 01:51:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

104.17.25.14

200 OK

38 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 38384, version 1.0
Size
38 kB (38384 bytes)
Hash
a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 77452
expires: Tue, 15 Apr 2025 18:02:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d7i0vZbnrspB4RxsHjU4lEfJNkoDu367LML44gLbhB5et5COSOfwFwYnGUIw9T8B02ysWnoJZ8hCfi%2FUFZw33yw%2B8yxugywMMqSzJsRgT90gy%2B%2BCQIyTNevwDUOm35Tzbq3SBHaX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03e347f5e569b-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/3.png

172.67.167.249

200 OK

298 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/3.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 1080 x 1080, 8-bit/color RGB, non-interlaced
Size
298 kB (297867 bytes)
Hash
325ec107866cd632897820bfaaa9aaa5
fb9c0b4e7e6c7fd5b3d7b5d192272fa0d08145f3
095d4d3418477aaec0a4c738be3b87e9674caf2fd325d05792e35a1401ca55c9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/3.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 297867
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNCAuNZa7RtWZ1vyTKCWfaDJPFGTgIc8WlMMIgY2SdhCye6Ze7qF6H88sJIIo%2BK2mJGhoQ0IJaDyTqh4rQKkg5gwa3tSQKJiWq97XDElbpG1xCeYEiZ1BkDizsCPjJ6E1jwUvV%2BBhihjYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6b56c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/6.png

172.67.167.249

200 OK

562 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/6.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 1040 x 979, 8-bit/color RGB, non-interlaced
Size
562 kB (561980 bytes)
Hash
0e4545d3f3381ecd8a49257ee5e308cb
e3eb77814f43e023011be4fe56f5d23d61f09e40
11efe523f13128c3596499379d7298e201a4d4ec7459fdfbf6f892e568c13068

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/6.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 561980
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XssyvRpRZARgErV4zJlNm3lRgK9jVM4XgwTQ854MFRqHXYM8k90ddRi%2BBtti0lbHT%2Fy%2FNJ3dwIdVguBiDQnRgaNW5qGCQ5mkXXrx2RpPguo7r0p46F2imI6XMZKdl1W0cdS4lKuGgRW0RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e8056c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.167.249

302 Found

0 B

URL GET HTTP/3
12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 25 Apr 2024 18:02:15 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UfJhpKlbwCuHr6cQ1vwFuj5Micq7j06Pvq2I1zeV0iw0WE%2FaGoC9FxQsgJzGXK1zfqhFTUgO0BjeaeCZ%2BWubJrzT0TsYG%2BLwH7Cy%2FSSOSuu7AXp%2FVkfNnT62yBZCALYfGerHc9s5xewpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e356b8a56c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.167.249

302 Found

0 B

URL GET HTTP/3
12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 25 Apr 2024 18:02:15 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naL1x94f67EfhEGOUZ97Mgs%2Bm0kkfBUkr0QlP7Ne8mIaaydHIaGDwr2s5hmVrTmnyJcS%2FN2cnJKSvKpwBJL1BzEghN7C7hNqapFEqJJB4e0fv1yRkqy5BszZ7ithFNxfjkM2geycsWM%2FmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e356b8c56c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.167.249

302 Found

0 B

URL GET HTTP/3
12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 25 Apr 2024 18:02:15 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69bWyNpBoaLYnr5j28tgeYp2Q38mQw9arqaN7uRF%2FtzjBZAqonlE8sfdo%2By6O9e0pPJrQo82kB4BQazLv%2FFGUhTZuLBwKmD7n4s%2B1tdqqBM4BeXHqb9OZamLa%2F2ezRKv18ZSJrVMA5ZbDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e356b8956c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/rewards/9.png

172.67.167.249

200 OK

424 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/rewards/9.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced
Size
424 kB (424478 bytes)
Hash
30d7c153dd78ca53a0d67ffd4d4b4f68
611a14deb2586ff4f19575812ad7c4deb67b0757
a54bd4c349e13dee3f153da4172d87e399c2419c7db5583e4b7ebade9f992545

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/rewards/9.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 424478
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8sbQRZrn7WAB73IWUDgoz84r2hTHUDB8KHLjzWJ6KHgigGgfC3W3uz%2Fn9LLEdcnJBH8rts327h%2F1njzcWbBQ40zZgZeTlNCf5x8GQ0w1XoTQro95n88MmlPvkAES%2BLoyDGq1Z9fzDGuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e8756c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/header.jpg

172.67.167.249

200 OK

76 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/header.jpg
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x748, components 3
Size
76 kB (75570 bytes)
Hash
760bb966614ff1a7812b7787da5e49bf
ab27a3b46da5d3295671b9f6aa4717c2f97c2bd7
34f77134b7fa1ec85e73402801107f9ff6ae1c673c3bf16e4bebaff4f9626b39

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/header.jpg HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/jpeg
content-length: 75570
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOIvREl58CiuUBWUZ1a1nQCRLTMEE76iXU2iAVgltd5zzhnj21F1AdWVbTj%2FKAyPZjxhgjZK4Moo5yRlD9A%2BfrqRpe8GLtzZrLIUp1SltuTc9fhOSBBTRohHgjcQ%2BAxAgQgtHr0dgwoAMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8656c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/yes.png

172.67.167.249

200 OK

1.0 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/yes.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 174 x 53, 8-bit colormap, non-interlaced
Size
1.0 kB (1002 bytes)
Hash
f7558390893b9d1f68cf5af031e48d79
a3c456f54e837da82e7cdc95ea47cfbe70664785
a1c63d95dd890a3492613f698354a1962ee9e48a25641e55fa82bbcf55d17ad9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/yes.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/png
content-length: 1002
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQXKizeWG%2BSNnMTsxzmpUvInSvqDAmgx4i0z4qx%2Ff9jUTefBRzwQluVntw34tuQxRpawiKN7MJduu%2FVgJR3YDEMjslMEk8Xj3dgxnRFPfI2CBxOodm%2B0EBWh09ELSahiuhYkJxqkeBNFkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8a56c3-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

142.250.74.99

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15044, version 1.0
Size
15 kB (15044 bytes)
Hash
4806226b885b3b3d0ae52142f6bfb3af
2ea5cc6d5e4adb874989a2b74bda062296fb1ad3
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 00:23:40 GMT
expires: Wed, 23 Apr 2025 00:23:40 GMT
cache-control: public, max-age=31536000
age: 236315
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

142.250.74.99

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15044, version 1.0
Size
15 kB (15044 bytes)
Hash
4806226b885b3b3d0ae52142f6bfb3af
2ea5cc6d5e4adb874989a2b74bda062296fb1ad3
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 00:23:40 GMT
expires: Wed, 23 Apr 2025 00:23:40 GMT
cache-control: public, max-age=31536000
age: 236315
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

12ahkw.krafton-news.com/81/css/animate.css

172.67.167.249

200 OK

5.4 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/css/animate.css
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
ASCII text
Size
5.4 kB (5441 bytes)
Hash
9bf61f05ed28023343517af2a3a74d81
fce2b337a30adf586acd460de936329f4e646b23
e3374dc9f5e06ce96de195a85853092703467fec489146684f7c7ec1d7d414d5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/css/animate.css HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=je89wJGQpH4j3HYGQll8hncF%2FwaA6udh%2FQt6f05fO2NvQD9C5Ab6gGY4pNqNy4%2FYmTh0vSB%2ByGKBmM0bMBDh6KzbuZB2ckwHEg%2B1Gi6weg7%2FROdl9Cp9IAZ3dMQRwNExoKrTY2nxd8jS5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2ffe4956c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

l.top4top.io/m_1725u5z7i1.mp3

135.181.63.70

206 Partial Content

20 kB

URL GET HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
135.181.63.70:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2
ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 26 Apr 2024 17:38:55 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Thu, 25 Apr 2024 20:02:15 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256

151.101.193.229

200 OK

131 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 130648, version 1.0
Size
131 kB (130648 bytes)
Hash
3646a39b6ef5417f27519bada8bbf786
9d95f6fe35540b602284c9f2bfa67d2b464448f7
5b2dd4d4f81cd1f52a50b0833ea12c8f63f2c4ae4d2c5a799fcc741feb2ea40f

HTTP Headers

GET /npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 130648
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.11.2
x-jsd-version-type: version
etag: W/"1fe58-nZX2/jVUC2AihMnyv6Z9K0ZESPc"
accept-ranges: bytes
age: 3692340
date: Thu, 25 Apr 2024 18:02:15 GMT
x-served-by: cache-fra-eddf8230115-FRA, cache-hel1410026-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

a.top4top.io/m_1725zobal2.mp3

65.21.235.194

206 Partial Content

18 kB

URL GET HTTP/2
a.top4top.io/m_1725zobal2.mp3
IP
65.21.235.194:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2
ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Size
18 kB (17691 bytes)
Hash
70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 26 Apr 2024 17:38:55 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Thu, 25 Apr 2024 20:02:15 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2

12ahkw.krafton-news.com/81/img/tittle.png

172.67.167.249

200 OK

164 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/tittle.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 847 x 152, 8-bit/color RGBA, non-interlaced
Size
164 kB (163985 bytes)
Hash
5850824c706719cae59c1a15da500b2a
f1072dd63116d850275a6a4105f1a611ec356232
4ba5909f7e5d6350afa98a5333bf53ca314e259b93637d04be520ed2ae3f5daa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/tittle.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/png
content-length: 163985
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBYXXiCZEs2EV9NpVccUgsy%2BN8rJu8awTNkpxb%2FzONF%2FoycPknz4Llh5CY%2B66PNMnfqi74O6TE0knwUj29cp6V5X4FYUODDB%2BmReoZ81%2BSlNne0%2B4n3NtErES807OXJWGIM%2FKbMHd44jAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8756c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/titbg.png

172.67.167.249

200 OK

103 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/titbg.png
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
PNG image data, 850 x 118, 8-bit/color RGB, non-interlaced
Size
103 kB (102879 bytes)
Hash
e1a5c0ec9a329b4b27889045f74b6181
9e985f271ba22773935264c8c9f505b7c1117f2a
cd3687b273a7c717ef8b83d626b39209eb000cf8cd72fbabb3c99e8d72985172

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/titbg.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/png
content-length: 102879
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdquYksR8aHi4pW3TnHHv%2B3sdHinyIjXpCT8arWphA5uHZVrM2VlMVn7aRX%2B35%2BSLMcyaAdzIz03WoR90AxZNONvSgy0fbsadvcU%2Bl5tScqfEt0V9u0TqnOr4x%2FaTDZjsFlBB6ZovjfbRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8956c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a03e2dbf001c12

172.67.167.249

200 OK

0 B

URL POST HTTP/3
12ahkw.krafton-news.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a03e2dbf001c12
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a03e2dbf001c12 HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12189
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=xTJRK8IDfq.Ed6uu8B_vFcUf.zO.PB3.TfV64B9PZlU-1714068135-1.0.1.1-vdnkyJldFqFyRxqhCNTwaN9y7QP179u_XQTXkQNbleW5LUbp1TftknVFSEiUGGwfq474TUJi59uczEj1lqHLCw; path=/; expires=Fri, 25-Apr-25 18:02:15 GMT; domain=.krafton-news.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ev%2BOXklsdBk8QP%2BHoZooP8fREktcnlRfyOvI44wrO8uSxkXAWnNOE2ql%2FI11zDPFg1y4BqPWHTzZCfamxvVW1Z6XM0%2FWWNv2Ph16TjDxhx%2BcncNTZWZWen4xRGu%2FjZ1yW9DDPWBAW1kCmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e384e7056c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/img/bg.jpg

172.67.167.249

200 OK

189 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/img/bg.jpg
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x1700, components 3
Size
189 kB (189374 bytes)
Hash
77edeab03deca6c222b6a60dcda2ef4d
52d6cef4831e248b8b753914cf174c269568d317
baf9a171da187b1b8077501d52e909aa43e6ce7dbb6eb49114b1fd71bc4c9a56

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/img/bg.jpg HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/jpeg
content-length: 189374
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twcPcRCn%2FvDEw3emUCJk58xZ9OOPKdwluc6aMBB0hhYq2ulb2fFLdTbQwZxNBKCTNOTiUSAqq8xUcQGGdbMSbJzGTCosyEPmhf%2F6IacdeeIpg1onHC84c8iIGDoM1VHm%2Ft7GYMvao5L3RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8456c3-OSL
alt-svc: h3=":443"; ma=86400

www.battlegroundsmobileindia.com/common/img/favicon.ico

23.197.207.19

200 OK

1.4 kB

URL GET HTTP/2
www.battlegroundsmobileindia.com/common/img/favicon.ico
IP
23.197.207.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerDigiCert Inc
Subjecth5.battlegroundsmobileindia.com
FingerprintA3:3D:CE:39:4C:4A:53:EB:BB:BB:6A:47:FC:A6:64:31:B5:7A:B8:18
ValidityTue, 19 Mar 2024 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
Size
1.4 kB (1436 bytes)
Hash
80856a1f0c07b83a6b67d557d0aca397
031cab2f407c8059dcfab8599f8bba9486512f21
5609e69ac9fb00efc23806475c7a228fcb5a87dc7e4380673a44e018af7a8060

HTTP Headers

GET /common/img/favicon.ico HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 1436
last-modified: Fri, 14 May 2021 10:49:26 GMT
etag: "59c-5c247ff585980"
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:02:17 GMT
X-Firefox-Spdy: h2

12ahkw.krafton-news.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

172.67.167.249

200 OK

13 kB

URL GET HTTP/3
12ahkw.krafton-news.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (7870), with no line terminators
Size
13 kB (13162 bytes)
Hash
909dc46da282aca9e946c3276f8a25b3
f520dd39a217918662aa1a913248f1f77d87a5d8
b532960bbf014f0b772bc61983b56f917827b0860fd00a28b34b0cdcbfe86785

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JC%2BF1EmoqCjVLs6cfLO7vz2wSbLCx9V05FwD7Rsfyiv3LoegdaeNgw8KrEBuv01XVQ3DuIw4JDH%2FbVntWwmccTqBRKOEmpGsZYt9xXB0bAcvjpB61xwWw851wK67tMbuu2hi763nFAjyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e366c9156c3-OSL
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/css/style.css

172.67.167.249

200 OK

11 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/css/style.css
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
assembler source, ASCII text
Size
11 kB (11277 bytes)
Hash
2c46745365a1868aff5164a9ecdd7e74
312c15b24d2c53a27fbad04033197feb7ae813f2
634b70267cd8254e2781173ec3e4a6a494ffec7d07300a93a374ae3014696ac0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/css/style.css HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tf8LK2kJn99GiZjkWKn5wZYuZG%2Br8xr31II6Z4gwKGZQO2LJgt67Cy8WEAjOvlBDAX9gTgsjFqi%2BHboFwmbuh2lXVAWPw995peM%2FNPcU0eX0%2BJQ6i8CVU%2FcDeLS1ifoUJOTmSIlIcPvo%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2ffe4656c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/js/script.js

172.67.167.249

200 OK

6.1 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/js/script.js
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (6560), with no line terminators
Size
6.1 kB (6136 bytes)
Hash
377a6699e597067b32bcb444b5b06fe9
c6b7d2348ae63038bc913a7d57bbb6f662f115d9
3a94f173af6d0ee21fe787bdbad4b4280d7d1ba15cc81864a920007d8f75075e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/js/script.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TI8qIlhtZakcmFdjbsBP1tHPal5AyWFyd0cDUNfAz0zGIZhpHnyD%2BREsH53dTZQxEu4dSEoAs9o2MTCocRE%2B216QMce%2FkjNkJ6Rdomc5AclvIt8NS9StCujvzTLb4Ha4axPBNI2tWkl98A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e304eb056c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/

172.67.167.249

200 OK

34 kB

URL User Request GET HTTP/2
12ahkw.krafton-news.com/81/
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type

Size
34 kB (34381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/ HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/html
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2B%2FtysFaGUwQIX8CTwbuTZrwBfIwe0ehGzSuHopbX9ZNgGMZjFT79WBzipnhjTvml2OrSyD40Zyu8QF8MdH5q31NnBMTGZKZSorc3Dj6B8qjJDWGBRfSwHJKZvR9c%2F2Y9zlp5z4CFFbB0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2dbf001c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text
Size
12 kB (11840 bytes)
Hash
807349734f3707b50b73c3fd626526e8
2f3ab67f0ffa01bc1f0c180cae9085ecc8d96d63
ce7d7e11e41b1b3619cbdf436bbf2557fda2d97d434e65fab281207ffae5c0d0

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 18:02:14 GMT
date: Thu, 25 Apr 2024 18:02:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

12ahkw.krafton-news.com/81/js/snow.js

172.67.167.249

200 OK

17 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/js/snow.js
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
JavaScript source, ASCII text
Size
17 kB (16624 bytes)
Hash
969949df87064be675d69c16303371ca
45cf771e88aa55c3929ee4e69f8a57afa8ea3029
f668b4db7d6dcdbcdec0506ac77b3f5af5a8e2dcfb247fcb8b8a846efb11a369

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/js/snow.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGE4HA3n%2B6msjnVwxT3N92kg7%2BXZ3hksddp4YZTjoxEDjykgWNqJy%2FKqk7rnKQg75Wi3K22j28HEql0tZ8M%2FiK8YTy8ksxCpjYwHtYJJ1OcIoi4fXQbItJeBtBcSacfjRZgIfnRE6DNoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e305eb256c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/cdn-cgi/apps/head/Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js

172.67.167.249

404 Not Found

0 B

URL GET HTTP/3
12ahkw.krafton-news.com/cdn-cgi/apps/head/Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/apps/head/Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 18:02:14 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COvlSYE%2FDIC2%2FoAL2XR9aUc8uAJ7AhH2uUNqmrhBHiyDN%2BbFn79Xy5yUlcOpicReIZmrmgk6rFS0BrwiYQDX3VL0z%2FLkSSei6epy4yrxviFh%2ByipeAenac3%2BPdI3HEF4hQmb0B2qcbtQAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e2fee4556c3-OSL
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 13442309
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a03e305bd60b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

12ahkw.krafton-news.com/81/css/login/twitter.css

172.67.167.249

200 OK

2.3 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/css/login/twitter.css
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
ASCII text, with very long lines (2396), with no line terminators
Size
2.3 kB (2277 bytes)
Hash
1c7a75426c05ced52887cc0221e06c41
0ecc1949e805c779aff6d8f8091445bdefb447d9
ede857de1a40fbe132f36327eff4e6e8019e0065d4b3174fc4279abd629189a1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/css/login/twitter.css HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9n9OMwAuTaEqNDf1ERnFRQReJRS4JoAbEqcPrC7EFKWrzyvininQdfxtSof6ZOapUu1u1lN%2BUrMqUrt2yLvaTj%2Fs2uW%2Bf26ymt2epdphiU8VW88cFrRROg0pMruc09OYsdND0XmoBmjlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2ffe4b56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/81/css/login/facebook.css

172.67.167.249

200 OK

3.2 kB

URL GET HTTP/3
12ahkw.krafton-news.com/81/css/login/facebook.css
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type
ASCII text, with very long lines (3350), with no line terminators
Size
3.2 kB (3180 bytes)
Hash
a777e56a2d7288081d548a11378bcfec
1257c84e583bc342ec1d8473b844b2a72c626492
0efa65f31afb19ce059866bafab5b0e4d77a6abfd06bb580cf38da7b554df29f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /81/css/login/facebook.css HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yov9e%2ByVckujg8%2FuntzeCX8TOBXiQC7z8DowijHpOWkWQtbbdF8K3dFnnxUXPrhIofqzLlDoIyf1K6zrn6Tm0AIIwIVBzbh%2BH0VXDKDLSoF9%2FryvrffRUgwm3S%2Fj%2Fth%2BAV5DoqhCx%2B4sYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2ffe4a56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

12ahkw.krafton-news.com/

172.67.167.249

302 Found

34 kB

URL User Request GET HTTP/2
12ahkw.krafton-news.com/
IP
172.67.167.249:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectkrafton-news.com
FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E
ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT

File type

Size
34 kB (34381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET / HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/html; charset=UTF-8
location: ./81/
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uzul9KyVoBLaxKXVlgCZfFJxjLiYSQH%2FRLJgMpbXzksNhvNkPfGFgPKl9XxNf%2BUreLUsga43eVdWy4V7jsYxsMsHcyE9NgAijZzwY%2BmrBMO7IzBvw6IYr7UM5Dp9lvKPWnOo2BZEvbHOKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2bddcb1c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.1.1/css/all.css

104.18.40.68

200 OK

498 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.1.1/css/all.css
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://12ahkw.krafton-news.com/81/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65360)
Size
498 kB (498160 bytes)
Hash
325672b036bab9b57f6873aed5eccc43
264f5db348311950380ad1bca79754ff593d87e2
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

HTTP Headers

GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
x-amz-id-2: Y1TmNuBPJ2aktX68kJThHqHYS+UBzLzvigLuxqSKGropAjQHJXqctJ8cMj8EZaj3hWZqBw7vjseo/ptPWK0rIs/nC5bnGezhyLprTTXGcJA=
x-amz-request-id: 9ZNBHYHZ9G1WY9FS
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 13362416
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303af97128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL