| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.25.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.25.14:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1249287
expires: Tue, 15 Apr 2025 18:02:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zs1iy7yt7k3A5RyyQYMsC4gb16SrrDgMNRSWpzHMyoTDrBU5stpGFXwui0n%2FHde0nFcSLTolTgx2%2BtMaTugbVAy4eqIARdO3BnbO6SM0kQnkewnQ6WevehLRgcEPKPm2C2Tp4pL7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03e304c920afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css | 151.101.193.229 | 200 OK | 13 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css IP151.101.193.229:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (65354) Hashda9ff512cdd9f6c89e8a4e0eff2011aa c1664dcdbe11da68b9c3b6363b3c23ac4344d4da 483e1bf6ead25d54b37456cf0e51ea0220d9de03ef6ba2a2d8c3f34a4bc34c17
GET /npm/bootstrap-icons@1.11.2/font/bootstrap-icons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.11.2
x-jsd-version-type: version
etag: W/"14f73-wWZNzb4R2mi5w7Y2OzwjrENE1No"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:02:14 GMT
age: 13470640
x-served-by: cache-fra-eddf8230114-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13301
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 142.250.74.138 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP142.250.74.138:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (32180) Hash32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:21:57 GMT
expires: Fri, 25 Apr 2025 17:21:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 2417
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 142.250.74.138 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP142.250.74.138:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:38:24 GMT
expires: Fri, 25 Apr 2025 17:38:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 1430
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-1.10.2.min.js | 151.101.194.137 | 200 OK | 93 kB |
URL GET HTTP/2code.jquery.com/jquery-1.10.2.min.js IP151.101.194.137:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32072) Hash628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:02:14 GMT
age: 715941
x-served-by: cache-lga13622-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 1606, 4234
x-timer: S1714068135.576458,VS0,VE0
vary: Accept-Encoding
content-length: 93107
X-Firefox-Spdy: h2
|
|
| 12ahkw.krafton-news.com/81/img/navFb.png | 172.67.167.249 | 200 OK | 2.4 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/navFb.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash57b33ef147508d9a59ce3b90d6cc10c3 c402619796c175d8d1f77f39082c51583e365df3 347be294958042503fc06f16c339c6eb9e9341fc8b4ee7ccb535abb8cd9f372b
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/navFb.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 2369
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twAIClFX6SfBFuRj2G%2B1EYEFUnAxML1oS8wEfrt4m4VqyyRFIjaLP%2FI%2FtJtN605BQlpI9Wxn%2FRZofkIj4gSANYJemW%2Bu%2Fphfs4FyZhuf7fUHmQxWcZlviNba%2BaFL5AIofwqUfRDtPfamqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e300e5456c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/menu.png | 172.67.167.249 | 200 OK | 2.3 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/menu.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 35 x 24, 8-bit/color RGBA, non-interlaced Hashd5a2ebc27f552863a6d97950a47670f5 ebfe5290a052cebe610c3eaa1e6a0d34db10e39b ac6bd07a81c6f0a4bd2f23a40478d0c2e08f419c5d8b411d2364eec2f3d17da7
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/menu.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 2293
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMdWpjNqXYwjMJnFASmMrXQQYEWbFlPqN72Mq4hFXlyB6LJGoIQTA6BMFMx3SRBaovF2dy9MQDVz4SZaE6mXsSNaoW7lKFQds2D%2FTNldt5UdMpvf%2F9adbR7FGzMljuyk9vrGgj7a%2FzzU1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e300e6056c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/navYt.png | 172.67.167.249 | 200 OK | 2.4 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/navYt.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hash888954c471597ea2fdcca77103f505b1 c16d8786c8232f657583507a1257b5d2be978c58 f8fd1f87d08b5e87f6b12577883a00bc6340d84cbd3b8b837b4f6472d2dc27cc
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/navYt.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 2369
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BWrf5IKN%2BCCHHyBuX7NQiRhQjqb871WaI%2BARNZJSL3Qf2Q8zCYQH0ATPc4lSjQ4E3Ycm2To9jmNiY1Pwt1pudolRgxbtnN3HuJriszjEYSUJlqmCJ9vygR9vHOFUwMv6fNg5FUBsN3FAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e300e5f56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/logo.png | 172.67.167.249 | 200 OK | 3.9 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/logo.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 132 x 54, 8-bit/color RGBA, non-interlaced Hashf88d0e27c031d9af88a7d5edf771f2bf 3ad0d9da957738707ec959d52c070c62fc6a8bfd 6314644539af517f687e019e0470e60b84d770c9d80aa046818d2d025f27eaa7
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/logo.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 3945
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YG%2Bswab7w%2FNP3WQVXs4bqPqZA0W96kz1yL3G%2Bqx4vbfZCUVyDYDxd2RMA%2BouNZKLMRjhl3Cmy4tjjB297fdm1iwecomTkG8rtvY9vDPtaL4lUNwRWPXvoA19AkY5R1UyyIW9IG7y86BmHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e2ffe5156c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.ibb.co/PYpHF6b/Twitter-Show-Password.png | 162.19.58.156 | 200 OK | 28 kB |
URL GET HTTP/2i.ibb.co/PYpHF6b/Twitter-Show-Password.png IP162.19.58.156:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced Hash2fd203703821d5ce5d18bee2a51b779a a78d7b1369ce8bc34de57909af142043cae446f0 6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8
GET /PYpHF6b/Twitter-Show-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 28355
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.ibb.co/pZDr8sd/Twitter-Hide-Password.png | 162.19.58.156 | 200 OK | 28 kB |
URL GET HTTP/2i.ibb.co/pZDr8sd/Twitter-Hide-Password.png IP162.19.58.156:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced Hash8d1f08b46884df302bf7300fc234832c 5735d57b6fa211c400d439095d5ff2f5bb57e691 e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7
GET /pZDr8sd/Twitter-Hide-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 28029
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 12ahkw.krafton-news.com/81/img/footer.png | 172.67.167.249 | 200 OK | 7.0 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/footer.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 276 x 35, 8-bit/color RGBA, non-interlaced Hash731bcfc15f2a21cd7b9744a1c8f61714 b8c612461c8eb46b4605b0c41fd2dfd8efb6b7f5 8fce2cab2eb55065e9cca8bbf72667662b27de4d938178c8658808550fe30a43
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/footer.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 7004
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbLBA2pVke%2FxULjJ4UUH0EF3lfl96zuw%2FgIDeeXn4KduhSZyWLMEjDSJSFm0DUAAZnn%2BnbERQTStWGNsbt63V0kjUZJ92uC%2F4kh5RShRKSFv5S0pdwvtjlrsoOtoYNBtXwRblGJsf6BuOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9056c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/navIg.png | 172.67.167.249 | 200 OK | 2.6 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/navIg.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hashd4e9b873d6494773a9f585a1cfafc26f 0d3b37b5345415a2e9c8572041fb7906a67c2f8a 7167f2fd7e13d728e91d8ba6ed8e7b1fcd714087c59910463e11e2b08cfdfa54
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/navIg.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 2638
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzRlKB4QRkSivk7%2FadVUm1dfSMBhqkxpGZz9nLO06cBtY1BWD58haF2sOIVpesOtkQ32XLoJ3KiKA%2BeqfY8A70Hq4s%2B9hl5kiKSuWFtU0XgK1Z%2BXLfneFmW1hGOiRP6tu86v9paaUSfSFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e300e5d56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/popup-close2.png | 172.67.167.249 | 200 OK | 867 B |
URL GET HTTP/312ahkw.krafton-news.com/81/img/popup-close2.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced Hash75b8fc9fb0f1dce9c0e53d119e637af8 c429caf6e1ed51a43421419c2a08d8ab8a654ae9 be08cce2cf15dba627fec531ea422ca0bdc76de1c2b61d6de21e2920687d4678
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/popup-close2.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 867
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slJtudjNM8%2FcIvORQ8bvOfUS7%2BApxPOkwrT%2B9yYVEFW%2BDHobyQ%2FQP8OCBTElMkK%2FFmDkKcmL9XL0XwRpCpLCX1frjN4XRDiK%2BvXTrEmsAd4NckCje%2BOlXd7An2NxIZ1WWiForpm3J2WcUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9756c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/1.png | 172.67.167.249 | 200 OK | 14 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/1.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x480, components 3 Hash33831843d54ddac16ebc39ee646f3770 7642cd99aa740bdee5ee76c78b3f3670e632846d 48e958cb8800b0e8214979fdc04f1fcf434cc1161a9adbd28ad5a06ef81b6413
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/1.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 13669
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxmsnkUDawQgwkgVWVwG4eZqplVxx%2BMFqVKA5myyCvn8GyA3pPKYmu4J34%2Brzy%2FB09K4eH%2BRr6WbHgbYogVvjH57BfqPlRYmfxAuaKGRL0xgEn7q%2FfLOD6sKXyJNfS4iQq8Q%2Fy%2BS5TjUeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6656c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/parachute.png | 172.67.167.249 | 200 OK | 85 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/parachute.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 600 x 649, 8-bit colormap, non-interlaced Hash5edeb15fc008e850a62344c8cc678eda 48599b23fd0da1c8ae3707a9cdfd29569353cdeb 0948067659fe1621f1cd8460a70633d1c3ed2605bb7d74955c0f38ba107c0ea5
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/parachute.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 84616
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0u%2FxMzE8sjm2CVl7V%2BHgTeWyD5pH5IT461TxZyJxFTWOjMaO2Qna23WCiZWR%2BQeGplUhig9DBPqo0AWhdQbaQUBAP7dfaZtkM0hZ3rFbfHqzd3ETytswk1jC5rK6v22JIvZi8WJ8OBJj7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6456c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/icon.png | 172.67.167.249 | 200 OK | 30 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/icon.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced Hash6ae43b6c707f6c559b4b19ba64ba6f4e 8a67a6bbe6d443180fb3a0d88355cef490ec85b1 e85ade5d6786ebf81122a53e42d731a33edf5368d8b18e8dc397c0fbf06b9268
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/icon.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 30182
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vL%2FYYpVRyrqWqYQEVMDpa%2BQPAbKwtbI49dn84HWjS4G2LW%2FOFgwkhCNFaMVsVv3KJoYSd3zYnWwIdTrQpfXqCl3UKn7kRx3Kfb7bHikYV%2FV5d9%2Be8R9GXvBf7Iu6sElWAe3jEgjL7Tej1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9c56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/gamecon.png | 172.67.167.249 | 200 OK | 43 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/gamecon.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 768 x 244, 8-bit colormap, non-interlaced Hash60f0aed7d9febef0bd3b391cb64760d6 22ee08574792dcd54a9c0f84cbb895f52c5907bb d0f846f4af6083f0d1045ed11ec4c8b34b5f0d220a45b485d1261caee7b6c3ec
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/gamecon.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 42582
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtZdfATPfEmYhGiOX4XdDdz0xWIuYZOAQ6a%2FbA8uvXAvOK4IFuDvhKi34njE63RMyUvg8hYf0WBay6cUo%2F%2BCkJpTzsrGxtsTwL4592Oyof6LhWds1RMJDUUlz5Tjh%2BDcvxg2Pi3xYrEXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9956c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.postimg.cc/dtyfWFF2/login-Method2.png | 162.19.88.69 | 200 OK | 4.3 kB |
URL GET HTTP/2i.postimg.cc/dtyfWFF2/login-Method2.png IP162.19.88.69:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectpostimg.cc Fingerprint53:90:A2:AC:6E:D0:9C:56:06:D5:4F:6E:EE:C9:67:58:10:CF:9A:D6 ValidityMon, 22 Apr 2024 06:32:22 GMT - Sun, 21 Jul 2024 06:32:21 GMT
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced Hashfef946b8bba756359e2a1e87ccd915ea acc364946077b0e32b2343474ce4066ad3ee524c 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /dtyfWFF2/login-Method2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 12ahkw.krafton-news.com/81/img/kinnon.png | 172.67.167.249 | 200 OK | 88 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/kinnon.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced Hash6774f33254c7f07a7763bd503b7c918c 9e212fcefaece30889f0aad36e0ead3a41ceb4fe e072b60dd0fb713c703bf0496b6bc130c8c9653a44746cffb2cf854c090334b4
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/kinnon.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 88464
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVxeIt4OSaQ68yCxqhv6i8mUFarKijRK8g3i3fSVR1fk656iZCqy9ql5m34iKwS46triuj4OAH7eVv%2FpG0WG19waXA%2Fla8nUP5dYt5TYrJK%2BzamhdKAdrLJIXdq55m%2BiM1mzxe87hLAg%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303e9b56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/4.png | 172.67.167.249 | 200 OK | 193 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/4.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 1041x986, components 3 Size193 kB (192995 bytes) Hash746b9af1f26d8ca85fd73e0a27aecea1 e2162efcb803c44ab4f4bb67aaf13614b2571e8d a7d80f18e9142dfe09b5c36ff55280907f2e5f429bef362ab5c2a24b4fad7b78
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/4.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 192995
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHeaux257fiVIk5eSb2UAldkQXdvN%2B16SrKQ7RD%2FqJ4IIArKKLM2NsLMvPgW61Q2waInnE%2Fwvlbxaif1gOprincVTQdG1XMIx4KHt7%2F1LFzdxAiUmCZ3r1nVyJVK9BWdb0%2BrEisp9qHZAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6c56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/2.png | 172.67.167.249 | 200 OK | 57 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/2.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced Hashd1928b6cca6ca2be84f857b554961db6 7babad5563e4c2ab701bc5b13c2a9b2ed3f5b641 3e0540d4ccd3216754e4c921a3ab6dd1699d0950a7ae2d96fa296cba2c5a5100
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/2.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 57249
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CoZwr%2BNlNCtQq%2FSrVqx0lYOuKkcqAZi1N1Uug7HTDgafoVXc%2FLcnBeMlyozpcjWDGSSQRBA93rHAFxmMthspR8zDWa3N%2BPRvC2bQDZBvRFPRWmxscb1%2FOKRM911zNIyvW2XWkNgoGTJ90w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6756c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/5.png | 172.67.167.249 | 200 OK | 138 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/5.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 1267 x 1266, 8-bit colormap, non-interlaced Size138 kB (137709 bytes) Hashdd4bb26c4394b67034ff6c3b221f8c0a ed2c5143c29f57f8272ffcbe73756d890227f475 bba932efd998f500df06545d8a9b5a69a6a6fa07453ca3700517935a78e90c55
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/5.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 137709
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fojy1kHMoRUld9bsoa2jtELEsBcaFcLO4MRQg8Nai3EaihFeTqcAl1vvqH5Eus01abs2kI0rA2D9dhUxHC1qcqi8DJgHQ7UXAaS0yH4bVny%2FyCLzobsGjbyfMv2IvYMZWE0fgdzdNeEhNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e7256c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/8.png | 172.67.167.249 | 200 OK | 138 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/8.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size138 kB (137812 bytes) Hash80bf6637cc27dc76eee7d2dcf6fbab8e 45d1a24608a2bdc963189a0e2866141ebb525856 cba7c2c6e6f4c4fe8c572bf1e62fcb9e79724fc4850fa09d47d9ae648504257c
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/8.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 137812
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8lK%2Bf9GPfIzf6aK13nTzwwAnfD4Zo0GGKMIm6dA8z3hf8kE1dga204sp8okBcFP2Ae10gKU2GxkQ0lxWC9iKRjpbT5wv3WntgRuJ5HarEE8zmflmWUR%2FDe9ioJ7oydVb2ix%2BBh2fFYYVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e8656c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/7.png | 172.67.167.249 | 200 OK | 132 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/7.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced Size132 kB (131696 bytes) Hash8eee84efe5a68b32a01775f29cacc318 7b76ce3715f3131b3a07d669daefcb4c38ca4baa 58105c86b9b8ea948e2e6ea9c3a8d012178828e4cb13f916e82f087d7df1ff0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/7.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 131696
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BZhPNrgfMGCv1oyERL136AAeGWr1j2qZ296XpZfGYmTP0EnUH6VAVRHkfA8sYNzK%2B4%2B4bCs9HsBdvfROEUCwAG7ZQ1dpmtpO8ygxmoIPAChQBzGsq06Vi3EnW5iqzSVVlXp7mWPg7WylQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e8356c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.postimg.cc/3wBVgZTz/login-Method1.png | 162.19.88.69 | 200 OK | 29 kB |
URL GET HTTP/2i.postimg.cc/3wBVgZTz/login-Method1.png IP162.19.88.69:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectpostimg.cc Fingerprint53:90:A2:AC:6E:D0:9C:56:06:D5:4F:6E:EE:C9:67:58:10:CF:9A:D6 ValidityMon, 22 Apr 2024 06:32:22 GMT - Sun, 21 Jul 2024 06:32:21 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /3wBVgZTz/login-Method1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/png
content-length: 28789
last-modified: Sun, 26 Dec 2021 01:51:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 | 104.17.25.14 | 200 OK | 38 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 IP104.17.25.14:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 38384, version 1.0 Hasha4d31128b633bc0b1cc1f18a34fb3851 6ee4c79372c3fd679706306ede47e4b03cf53d60 e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 77452
expires: Tue, 15 Apr 2025 18:02:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d7i0vZbnrspB4RxsHjU4lEfJNkoDu367LML44gLbhB5et5COSOfwFwYnGUIw9T8B02ysWnoJZ8hCfi%2FUFZw33yw%2B8yxugywMMqSzJsRgT90gy%2B%2BCQIyTNevwDUOm35Tzbq3SBHaX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03e347f5e569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/3.png | 172.67.167.249 | 200 OK | 298 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/3.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 1080 x 1080, 8-bit/color RGB, non-interlaced Size298 kB (297867 bytes) Hash325ec107866cd632897820bfaaa9aaa5 fb9c0b4e7e6c7fd5b3d7b5d192272fa0d08145f3 095d4d3418477aaec0a4c738be3b87e9674caf2fd325d05792e35a1401ca55c9
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/3.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 297867
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNCAuNZa7RtWZ1vyTKCWfaDJPFGTgIc8WlMMIgY2SdhCye6Ze7qF6H88sJIIo%2BK2mJGhoQ0IJaDyTqh4rQKkg5gwa3tSQKJiWq97XDElbpG1xCeYEiZ1BkDizsCPjJ6E1jwUvV%2BBhihjYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e301e6b56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/6.png | 172.67.167.249 | 200 OK | 562 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/6.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 1040 x 979, 8-bit/color RGB, non-interlaced Size562 kB (561980 bytes) Hash0e4545d3f3381ecd8a49257ee5e308cb e3eb77814f43e023011be4fe56f5d23d61f09e40 11efe523f13128c3596499379d7298e201a4d4ec7459fdfbf6f892e568c13068
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/6.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 561980
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XssyvRpRZARgErV4zJlNm3lRgK9jVM4XgwTQ854MFRqHXYM8k90ddRi%2BBtti0lbHT%2Fy%2FNJ3dwIdVguBiDQnRgaNW5qGCQ5mkXXrx2RpPguo7r0p46F2imI6XMZKdl1W0cdS4lKuGgRW0RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e8056c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.167.249 | 302 Found | 0 B |
URL GET HTTP/312ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 25 Apr 2024 18:02:15 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UfJhpKlbwCuHr6cQ1vwFuj5Micq7j06Pvq2I1zeV0iw0WE%2FaGoC9FxQsgJzGXK1zfqhFTUgO0BjeaeCZ%2BWubJrzT0TsYG%2BLwH7Cy%2FSSOSuu7AXp%2FVkfNnT62yBZCALYfGerHc9s5xewpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e356b8a56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.167.249 | 302 Found | 0 B |
URL GET HTTP/312ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 25 Apr 2024 18:02:15 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naL1x94f67EfhEGOUZ97Mgs%2Bm0kkfBUkr0QlP7Ne8mIaaydHIaGDwr2s5hmVrTmnyJcS%2FN2cnJKSvKpwBJL1BzEghN7C7hNqapFEqJJB4e0fv1yRkqy5BszZ7ithFNxfjkM2geycsWM%2FmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e356b8c56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.167.249 | 302 Found | 0 B |
URL GET HTTP/312ahkw.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 25 Apr 2024 18:02:15 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69bWyNpBoaLYnr5j28tgeYp2Q38mQw9arqaN7uRF%2FtzjBZAqonlE8sfdo%2By6O9e0pPJrQo82kB4BQazLv%2FFGUhTZuLBwKmD7n4s%2B1tdqqBM4BeXHqb9OZamLa%2F2ezRKv18ZSJrVMA5ZbDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e356b8956c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/rewards/9.png | 172.67.167.249 | 200 OK | 424 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/rewards/9.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced Size424 kB (424478 bytes) Hash30d7c153dd78ca53a0d67ffd4d4b4f68 611a14deb2586ff4f19575812ad7c4deb67b0757 a54bd4c349e13dee3f153da4172d87e399c2419c7db5583e4b7ebade9f992545
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/rewards/9.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: image/png
content-length: 424478
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8sbQRZrn7WAB73IWUDgoz84r2hTHUDB8KHLjzWJ6KHgigGgfC3W3uz%2Fn9LLEdcnJBH8rts327h%2F1njzcWbBQ40zZgZeTlNCf5x8GQ0w1XoTQro95n88MmlPvkAES%2BLoyDGq1Z9fzDGuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e302e8756c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/header.jpg | 172.67.167.249 | 200 OK | 76 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/header.jpg IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1080x748, components 3 Hash760bb966614ff1a7812b7787da5e49bf ab27a3b46da5d3295671b9f6aa4717c2f97c2bd7 34f77134b7fa1ec85e73402801107f9ff6ae1c673c3bf16e4bebaff4f9626b39
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/header.jpg HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/jpeg
content-length: 75570
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOIvREl58CiuUBWUZ1a1nQCRLTMEE76iXU2iAVgltd5zzhnj21F1AdWVbTj%2FKAyPZjxhgjZK4Moo5yRlD9A%2BfrqRpe8GLtzZrLIUp1SltuTc9fhOSBBTRohHgjcQ%2BAxAgQgtHr0dgwoAMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8656c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/yes.png | 172.67.167.249 | 200 OK | 1.0 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/yes.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 174 x 53, 8-bit colormap, non-interlaced Hashf7558390893b9d1f68cf5af031e48d79 a3c456f54e837da82e7cdc95ea47cfbe70664785 a1c63d95dd890a3492613f698354a1962ee9e48a25641e55fa82bbcf55d17ad9
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/yes.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/png
content-length: 1002
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQXKizeWG%2BSNnMTsxzmpUvInSvqDAmgx4i0z4qx%2Ff9jUTefBRzwQluVntw34tuQxRpawiKN7MJduu%2FVgJR3YDEMjslMEk8Xj3dgxnRFPfI2CBxOodm%2B0EBWh09ELSahiuhYkJxqkeBNFkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8a56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 142.250.74.99 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP142.250.74.99:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 00:23:40 GMT
expires: Wed, 23 Apr 2025 00:23:40 GMT
cache-control: public, max-age=31536000
age: 236315
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 142.250.74.99 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP142.250.74.99:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 00:23:40 GMT
expires: Wed, 23 Apr 2025 00:23:40 GMT
cache-control: public, max-age=31536000
age: 236315
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 12ahkw.krafton-news.com/81/css/animate.css | 172.67.167.249 | 200 OK | 5.4 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/css/animate.css IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hash9bf61f05ed28023343517af2a3a74d81 fce2b337a30adf586acd460de936329f4e646b23 e3374dc9f5e06ce96de195a85853092703467fec489146684f7c7ec1d7d414d5
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/css/animate.css HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=je89wJGQpH4j3HYGQll8hncF%2FwaA6udh%2FQt6f05fO2NvQD9C5Ab6gGY4pNqNy4%2FYmTh0vSB%2ByGKBmM0bMBDh6KzbuZB2ckwHEg%2B1Gi6weg7%2FROdl9Cp9IAZ3dMQRwNExoKrTY2nxd8jS5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2ffe4956c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l.top4top.io/m_1725u5z7i1.mp3 | 135.181.63.70 | 206 Partial Content | 20 kB |
URL GET HTTP/2l.top4top.io/m_1725u5z7i1.mp3 IP135.181.63.70:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subject*.top4top.co Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2 ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hashee5b5d12064ae26f839b882edb33da62 6fa93ef00f294eec4ef05276e81813db1e95e346 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 26 Apr 2024 17:38:55 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Thu, 25 Apr 2024 20:02:15 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256 | 151.101.193.229 | 200 OK | 131 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256 IP151.101.193.229:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 130648, version 1.0 Size131 kB (130648 bytes) Hash3646a39b6ef5417f27519bada8bbf786 9d95f6fe35540b602284c9f2bfa67d2b464448f7 5b2dd4d4f81cd1f52a50b0833ea12c8f63f2c4ae4d2c5a799fcc741feb2ea40f
GET /npm/bootstrap-icons@1.11.2/font/fonts/bootstrap-icons.woff2?7141511ac37f13e1a387fb9fc6646256 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 130648
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.11.2
x-jsd-version-type: version
etag: W/"1fe58-nZX2/jVUC2AihMnyv6Z9K0ZESPc"
accept-ranges: bytes
age: 3692340
date: Thu, 25 Apr 2024 18:02:15 GMT
x-served-by: cache-fra-eddf8230115-FRA, cache-hel1410026-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| a.top4top.io/m_1725zobal2.mp3 | 65.21.235.194 | 206 Partial Content | 18 kB |
URL GET HTTP/2a.top4top.io/m_1725zobal2.mp3 IP65.21.235.194:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subject*.top4top.co Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2 ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hash70ded6b0b406f9710307bc35e221629f 7034ec2ff72c936255b04c0890ce8976599380cc 22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 26 Apr 2024 17:38:55 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Thu, 25 Apr 2024 20:02:15 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
|
|
| 12ahkw.krafton-news.com/81/img/tittle.png | 172.67.167.249 | 200 OK | 164 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/tittle.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 847 x 152, 8-bit/color RGBA, non-interlaced Size164 kB (163985 bytes) Hash5850824c706719cae59c1a15da500b2a f1072dd63116d850275a6a4105f1a611ec356232 4ba5909f7e5d6350afa98a5333bf53ca314e259b93637d04be520ed2ae3f5daa
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/tittle.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/png
content-length: 163985
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBYXXiCZEs2EV9NpVccUgsy%2BN8rJu8awTNkpxb%2FzONF%2FoycPknz4Llh5CY%2B66PNMnfqi74O6TE0knwUj29cp6V5X4FYUODDB%2BmReoZ81%2BSlNne0%2B4n3NtErES807OXJWGIM%2FKbMHd44jAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8756c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/titbg.png | 172.67.167.249 | 200 OK | 103 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/titbg.png IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 850 x 118, 8-bit/color RGB, non-interlaced Size103 kB (102879 bytes) Hashe1a5c0ec9a329b4b27889045f74b6181 9e985f271ba22773935264c8c9f505b7c1117f2a cd3687b273a7c717ef8b83d626b39209eb000cf8cd72fbabb3c99e8d72985172
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/titbg.png HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/png
content-length: 102879
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdquYksR8aHi4pW3TnHHv%2B3sdHinyIjXpCT8arWphA5uHZVrM2VlMVn7aRX%2B35%2BSLMcyaAdzIz03WoR90AxZNONvSgy0fbsadvcU%2Bl5tScqfEt0V9u0TqnOr4x%2FaTDZjsFlBB6ZovjfbRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8956c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a03e2dbf001c12 | 172.67.167.249 | 200 OK | 0 B |
URL POST HTTP/312ahkw.krafton-news.com/cdn-cgi/challenge-platform/h/b/jsd/r/87a03e2dbf001c12 IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a03e2dbf001c12 HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12189
Origin: https://12ahkw.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=xTJRK8IDfq.Ed6uu8B_vFcUf.zO.PB3.TfV64B9PZlU-1714068135-1.0.1.1-vdnkyJldFqFyRxqhCNTwaN9y7QP179u_XQTXkQNbleW5LUbp1TftknVFSEiUGGwfq474TUJi59uczEj1lqHLCw; path=/; expires=Fri, 25-Apr-25 18:02:15 GMT; domain=.krafton-news.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ev%2BOXklsdBk8QP%2BHoZooP8fREktcnlRfyOvI44wrO8uSxkXAWnNOE2ql%2FI11zDPFg1y4BqPWHTzZCfamxvVW1Z6XM0%2FWWNv2Ph16TjDxhx%2BcncNTZWZWen4xRGu%2FjZ1yW9DDPWBAW1kCmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e384e7056c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/img/bg.jpg | 172.67.167.249 | 200 OK | 189 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/img/bg.jpg IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 850x1700, components 3 Size189 kB (189374 bytes) Hash77edeab03deca6c222b6a60dcda2ef4d 52d6cef4831e248b8b753914cf174c269568d317 baf9a171da187b1b8077501d52e909aa43e6ce7dbb6eb49114b1fd71bc4c9a56
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/img/bg.jpg HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: image/jpeg
content-length: 189374
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:15 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twcPcRCn%2FvDEw3emUCJk58xZ9OOPKdwluc6aMBB0hhYq2ulb2fFLdTbQwZxNBKCTNOTiUSAqq8xUcQGGdbMSbJzGTCosyEPmhf%2F6IacdeeIpg1onHC84c8iIGDoM1VHm%2Ft7GYMvao5L3RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e345a8456c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.battlegroundsmobileindia.com/common/img/favicon.ico | 23.197.207.19 | 200 OK | 1.4 kB |
URL GET HTTP/2www.battlegroundsmobileindia.com/common/img/favicon.ico IP23.197.207.19:443 ASN#20940 Akamai International B.V.
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerDigiCert Inc Subjecth5.battlegroundsmobileindia.com FingerprintA3:3D:CE:39:4C:4A:53:EB:BB:BB:6A:47:FC:A6:64:31:B5:7A:B8:18 ValidityTue, 19 Mar 2024 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File typePNG image data, 16 x 16, 8-bit/color RGB, non-interlaced Hash80856a1f0c07b83a6b67d557d0aca397 031cab2f407c8059dcfab8599f8bba9486512f21 5609e69ac9fb00efc23806475c7a228fcb5a87dc7e4380673a44e018af7a8060
GET /common/img/favicon.ico HTTP/1.1
Host: www.battlegroundsmobileindia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 1436
last-modified: Fri, 14 May 2021 10:49:26 GMT
etag: "59c-5c247ff585980"
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:02:17 GMT
X-Firefox-Spdy: h2
|
|
| 12ahkw.krafton-news.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 172.67.167.249 | 200 OK | 13 kB |
URL GET HTTP/312ahkw.krafton-news.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJavaScript source, ASCII text, with very long lines (7870), with no line terminators Hash909dc46da282aca9e946c3276f8a25b3 f520dd39a217918662aa1a913248f1f77d87a5d8 b532960bbf014f0b772bc61983b56f917827b0860fd00a28b34b0cdcbfe86785
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:15 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JC%2BF1EmoqCjVLs6cfLO7vz2wSbLCx9V05FwD7Rsfyiv3LoegdaeNgw8KrEBuv01XVQ3DuIw4JDH%2FbVntWwmccTqBRKOEmpGsZYt9xXB0bAcvjpB61xwWw851wK67tMbuu2hi763nFAjyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e366c9156c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/css/style.css | 172.67.167.249 | 200 OK | 11 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/css/style.css IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeassembler source, ASCII text Hash2c46745365a1868aff5164a9ecdd7e74 312c15b24d2c53a27fbad04033197feb7ae813f2 634b70267cd8254e2781173ec3e4a6a494ffec7d07300a93a374ae3014696ac0
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/css/style.css HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tf8LK2kJn99GiZjkWKn5wZYuZG%2Br8xr31II6Z4gwKGZQO2LJgt67Cy8WEAjOvlBDAX9gTgsjFqi%2BHboFwmbuh2lXVAWPw995peM%2FNPcU0eX0%2BJQ6i8CVU%2FcDeLS1ifoUJOTmSIlIcPvo%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2ffe4656c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/js/script.js | 172.67.167.249 | 200 OK | 6.1 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/js/script.js IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJavaScript source, ASCII text, with very long lines (6560), with no line terminators Hash377a6699e597067b32bcb444b5b06fe9 c6b7d2348ae63038bc913a7d57bbb6f662f115d9 3a94f173af6d0ee21fe787bdbad4b4280d7d1ba15cc81864a920007d8f75075e
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/js/script.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TI8qIlhtZakcmFdjbsBP1tHPal5AyWFyd0cDUNfAz0zGIZhpHnyD%2BREsH53dTZQxEu4dSEoAs9o2MTCocRE%2B216QMce%2FkjNkJ6Rdomc5AclvIt8NS9StCujvzTLb4Ha4axPBNI2tWkl98A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e304eb056c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/ | 172.67.167.249 | 200 OK | 34 kB |
URL User Request GET HTTP/212ahkw.krafton-news.com/81/ IP172.67.167.249:443
CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/ HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/html
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2B%2FtysFaGUwQIX8CTwbuTZrwBfIwe0ehGzSuHopbX9ZNgGMZjFT79WBzipnhjTvml2OrSyD40Zyu8QF8MdH5q31NnBMTGZKZSorc3Dj6B8qjJDWGBRfSwHJKZvR9c%2F2Y9zlp5z4CFFbB0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2dbf001c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 | 142.250.74.106 | 200 OK | 12 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 IP142.250.74.106:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash807349734f3707b50b73c3fd626526e8 2f3ab67f0ffa01bc1f0c180cae9085ecc8d96d63 ce7d7e11e41b1b3619cbdf436bbf2557fda2d97d434e65fab281207ffae5c0d0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 18:02:14 GMT
date: Thu, 25 Apr 2024 18:02:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 12ahkw.krafton-news.com/81/js/snow.js | 172.67.167.249 | 200 OK | 17 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/js/snow.js IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJavaScript source, ASCII text Hash969949df87064be675d69c16303371ca 45cf771e88aa55c3929ee4e69f8a57afa8ea3029 f668b4db7d6dcdbcdec0506ac77b3f5af5a8e2dcfb247fcb8b8a846efb11a369
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/js/snow.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGE4HA3n%2B6msjnVwxT3N92kg7%2BXZ3hksddp4YZTjoxEDjykgWNqJy%2FKqk7rnKQg75Wi3K22j28HEql0tZ8M%2FiK8YTy8ksxCpjYwHtYJJ1OcIoi4fXQbItJeBtBcSacfjRZgIfnRE6DNoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e305eb256c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/cdn-cgi/apps/head/Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js | 172.67.167.249 | 404 Not Found | 0 B |
URL GET HTTP/312ahkw.krafton-news.com/cdn-cgi/apps/head/Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /cdn-cgi/apps/head/Hm2FY5wQTdZS3ZPQJh5tLjKLA3M.js HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 18:02:14 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COvlSYE%2FDIC2%2FoAL2XR9aUc8uAJ7AhH2uUNqmrhBHiyDN%2BbFn79Xy5yUlcOpicReIZmrmgk6rFS0BrwiYQDX3VL0z%2FLkSSei6epy4yrxviFh%2ByipeAenac3%2BPdI3HEF4hQmb0B2qcbtQAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e2fee4556c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 13442309
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a03e305bd60b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 12ahkw.krafton-news.com/81/css/login/twitter.css | 172.67.167.249 | 200 OK | 2.3 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/css/login/twitter.css IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeASCII text, with very long lines (2396), with no line terminators Hash1c7a75426c05ced52887cc0221e06c41 0ecc1949e805c779aff6d8f8091445bdefb447d9 ede857de1a40fbe132f36327eff4e6e8019e0065d4b3174fc4279abd629189a1
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/css/login/twitter.css HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9n9OMwAuTaEqNDf1ERnFRQReJRS4JoAbEqcPrC7EFKWrzyvininQdfxtSof6ZOapUu1u1lN%2BUrMqUrt2yLvaTj%2Fs2uW%2Bf26ymt2epdphiU8VW88cFrRROg0pMruc09OYsdND0XmoBmjlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2ffe4b56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 12ahkw.krafton-news.com/81/css/login/facebook.css | 172.67.167.249 | 200 OK | 3.2 kB |
URL GET HTTP/312ahkw.krafton-news.com/81/css/login/facebook.css IP172.67.167.249:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeASCII text, with very long lines (3350), with no line terminators Hasha777e56a2d7288081d548a11378bcfec 1257c84e583bc342ec1d8473b844b2a72c626492 0efa65f31afb19ce059866bafab5b0e4d77a6abfd06bb580cf38da7b554df29f
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET /81/css/login/facebook.css HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/81/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 18:02:14 GMT
last-modified: Sun, 11 Feb 2024 16:25:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yov9e%2ByVckujg8%2FuntzeCX8TOBXiQC7z8DowijHpOWkWQtbbdF8K3dFnnxUXPrhIofqzLlDoIyf1K6zrn6Tm0AIIwIVBzbh%2BH0VXDKDLSoF9%2FryvrffRUgwm3S%2Fj%2Fth%2BAV5DoqhCx%2B4sYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2ffe4a56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.167.249 | 302 Found | 34 kB |
URL User Request GET HTTP/2IP172.67.167.249:443
CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Tencent |
GET / HTTP/1.1
Host: 12ahkw.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/html; charset=UTF-8
location: ./81/
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uzul9KyVoBLaxKXVlgCZfFJxjLiYSQH%2FRLJgMpbXzksNhvNkPfGFgPKl9XxNf%2BUreLUsga43eVdWy4V7jsYxsMsHcyE9NgAijZzwY%2BmrBMO7IzBvw6IYr7UM5Dp9lvKPWnOo2BZEvbHOKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03e2bddcb1c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| site-assets.fontawesome.com/releases/v6.1.1/css/all.css | 104.18.40.68 | 200 OK | 498 kB |
URL GET HTTP/2site-assets.fontawesome.com/releases/v6.1.1/css/all.css IP104.18.40.68:443
Requested byhttps://12ahkw.krafton-news.com/81/ CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (65360) Size498 kB (498160 bytes) Hash325672b036bab9b57f6873aed5eccc43 264f5db348311950380ad1bca79754ff593d87e2 a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://12ahkw.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:02:14 GMT
content-type: text/css
x-amz-id-2: Y1TmNuBPJ2aktX68kJThHqHYS+UBzLzvigLuxqSKGropAjQHJXqctJ8cMj8EZaj3hWZqBw7vjseo/ptPWK0rIs/nC5bnGezhyLprTTXGcJA=
x-amz-request-id: 9ZNBHYHZ9G1WY9FS
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 13362416
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03e303af97128-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|