| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css |  104.17.24.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.24.14:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 17:46:07 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 511316
expires: Tue, 18 Mar 2025 17:46:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpw6VEfU5TgOCY6sHi8FJ9Qt%2B4bKfcMcmmimaphk6ZRIzseBbqsZ7zn5GXK9S4TVVZIYT%2Ffdmpm4ahNMHElZeegsyzLkb%2FoW3IAI1QmQSPvLzWdW0H0YBCPKbl2na8i0dGayu0Mm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86b97017dc571c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css | 104.17.24.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css IP104.17.24.14:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hash5222e06b77a1692fa2520a219840e6be 8b4236206a8b86af3761a244277663046d7ff7ee 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 17:46:07 GMT
content-type: text/css; charset=utf-8
content-length: 18778
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64cac444-495a"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 672067
expires: Tue, 18 Mar 2025 17:46:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nc90z675ak8krsdg6dLVtJXoWSuqDkqq3boxdlZrrvrivPLkKG7DhVXL6snYruRxFNacFgDz1qHHAq9RRiyFd36Emb6mxl32%2BGXyh26EcMNUKbQ%2F0ZCKcSYqrf02QxGYFBg%2F3czq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86b97017ec5c1c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-1.10.2.min.js |  151.101.2.137 | 200 OK | 33 kB |
URL GET HTTP/2code.jquery.com/jquery-1.10.2.min.js IP151.101.2.137:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32072) Hash628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 28 Mar 2024 17:46:08 GMT
age: 16847362
x-served-by: cache-lga13622-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 1, 106576
x-timer: S1711647968.040858,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2
|
|
| sjs23.krafton-news.com/img/style-img/navFb.png | 104.21.82.93 | 200 OK | 213 B |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/navFb.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 50 x 50, 4-bit colormap, non-interlaced Hash756030900ed6b763b5b4bfb185559edd 9b4464e12561e40602646f860d8ef959ca4601ae 2e818306520c5a0d18248492c8033d9869c12339e4348243b04f39fe5f96ddac
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/navFb.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 213
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:42:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yel6hQHV7rWc5OIfoaV%2FVkw8PZfOhlAszuik55Zq7WzIzukYFftNFzNpYNqCZJ%2Bly9x9n1Eb5L9bePpXrqwu6nUt8CD7eVPofW%2Bqa3S4dwkCbLRHwORQMNr2WmQeYFoC%2FXveI9oTN6JB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ae66712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/navYt.png | 104.21.82.93 | 200 OK | 197 B |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/navYt.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 50 x 50, 4-bit colormap, non-interlaced Hash02b91bc0164230109fe37541c7e7cdbb d6a55536d0eed29a2a6cf4642c4508d5adb35f46 1ef4956c3ebec8311223cdbaa7094ab090121eb4e8d83f5c1a6f5bc581d05865
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/navYt.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 197
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:42:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3yR5NCkqh3nmEJwyu%2FWJrI0RbXnia5jdiWtNn9zJ%2B25MEscDCHo3DhBrPUgQWaloqNwWnwv3s5oGgED6haxKAshNIeghvuzi5dPwDkd1mU7fWDAonIlMdu3zt2V0%2Ff6FlT29ybHucyE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be82712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/menu.png | 104.21.82.93 | 200 OK | 114 B |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/menu.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 35 x 24, 1-bit colormap, non-interlaced Hashe919899a07bdaa75931018f99c65a510 4551ca23f49d379299a27d9f04547cbc95134617 bad7f2cd2dec1b7eea7650a0f8ac01751e8d192f57d96318710eb981f07b0925
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/menu.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 114
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:42:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuLe582IztS89QKAZ%2Bz%2BeMAhNetE9q14jz6vG7jh4gkdrS%2BSbs2QGgZUTgPQnLyyJ4dXvGtaG5mAvX6w%2Fxk3lwXvG2ffoNp%2FyS6pybuasOj5F0srkRcOXpuc7tq2jXtlkhK68CRwPxgz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be85712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/icon-twitter.png | 104.21.82.93 | 200 OK | 1.8 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/icon-twitter.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 243 x 249, 8-bit colormap, non-interlaced Hash006c037306c84149fc3f2f4b5fffe17d 61c68d0b49c83979a498b2130b32de14b9ef4905 b751c2a21beb1db048e3a60bf2401378e199018fee98d82a660201cd22843c08
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/icon-twitter.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 1822
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 14:03:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5lk1ygZ4il9dZKcVN1%2FktxO6ezghHGCzrkOYixzAA1HNIqQA%2Bk2C9fyeSxRCV1iBEQ02FkO%2FP8E7c47U%2Bs7x14k5qb4uPnqjGqAiHyqPxCLKfeELPNsMv5uCWQfpxwGaqqUVIBFEfK8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017eeeb712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 142.250.74.106 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP142.250.74.106:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:38:22 GMT
expires: Fri, 28 Mar 2025 17:38:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sjs23.krafton-news.com/img/style-img/footer.png | 104.21.82.93 | 200 OK | 1.9 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/footer.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 276 x 35, 8-bit colormap, non-interlaced Hash47d5be1837ffb5b95ef60e2cf9a8505c ccca004995bae929fc9a3ac4e94ae88b6cf3c007 ccf819e59aab2d28f351e5d02c57f33631e8213b76b0cc78c9b9f848ff9b6e94
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/footer.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 1865
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:42:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bjGSx%2FGbJe7qNJoDiUbXaqVRjOoIdSrcMcb9NTVlm5WfzZ75cpqIHnI%2Ba5PukZ2kpZpFLS5%2FU2y0NPXWnQdYf3cQEn3KdhkaMGt57H2OVjTy6r%2FxcUy1N%2B%2BB7TRsNnle8ZYS9K59iSs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017dedc712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 142.250.74.106 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP142.250.74.106:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typeJavaScript source, ASCII text, with very long lines (32180) Hash32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:21:57 GMT
expires: Fri, 28 Mar 2025 17:21:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 1451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sjs23.krafton-news.com/img/style-img/logo.png | 104.21.82.93 | 200 OK | 1.2 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/logo.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 132 x 54, 8-bit colormap, non-interlaced Hash0e93c8871c544f47f6be2ef164479a88 62a17eac7f2f2462a858d7da147699de31ebbaab 0572e7d99b6c490da3dc5242fdb0bc46fa30ed1904189d945be22e6fbcd94d36
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/logo.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 1197
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:42:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GESMeI5h5CHe9WFd%2Ffof%2B3heMXCO9R0jv8RE1s7tIT%2FMxXFtJ1chmonY4gPQ%2BbOREO7kTLlSOk%2BYBP8fZ8cbGIV3IIWBPdmH7upbxJ%2BMiFIhm55bmzpSivxadDjITF6nBRsHbtLRoW1j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ae65712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.82.93 | 200 OK | 10 kB |
URL User Request GET HTTP/2IP104.21.82.93:443
CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1125) Hash051f515d4efba9995c0b4f547ef6dd2d 14729586b27249db4763a08cac246e5dbefa1c34 134e28d3a5e1058919048d8214e8b103b8c335aedf3f41170b7594dcbe3f461e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET / HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 17:46:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cRzwmN9HapFRcZIKOQVCvjBmSubQ%2BKODKYGR%2FyxJbW%2BQpMqSB9486NsyiVLUAMr3Tyfs73GSGhlMBPk1kOMr1oq6Q4V6bmr0TOC%2BWb%2BZH4iKOjLARPOAW2YlhpGkKGbdDsTDTjORvIY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b97014cdd10b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sjs23.krafton-news.com/img/style-img/icon-facebook.png | 104.21.82.93 | 200 OK | 3.0 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/icon-facebook.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 1024 x 1024, 4-bit colormap, non-interlaced Hash3a060aee536fa81819122333f6f83f35 3267734a47be526dc3235d716e7d7c8a84300be8 4a1673430f37a8693e3ca8008dec7d08b617b2c8e2832231f5269e1d717bd74e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/icon-facebook.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 2962
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 14:03:26 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g4NUQb96AUSPNiAJFFWptpZmR2ZiUFuMsc0AAI4Co%2Fn2McCdFFeZY7i9Zktdx5mPZ8Yuih67VhXsqyajoed7hzwrCPv3nQ2yt3znotBNGYCsqWn4PgQ84JQwT6UW7weJ8HUfrLFKER8c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017fefa712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/alert.png | 104.21.82.93 | 200 OK | 884 B |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/alert.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 86 x 86, 8-bit colormap, non-interlaced Hash91401cde482e650953a39b2d3657a564 e67b51d82e2ea3b8dc49ae2dbbc35b2fd380b7d2 c239b86b0c64c09b91a35492861c717b7134e33b5e7ebb856adf9711e8856f8c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/alert.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 884
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 14:03:22 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4sJr7kvAiDgKXEI8e5XMxmhI2ZwEKFPSjX2iEM9KoYpx%2FV02aF1L40siuZkpLZW4wi5GBn38poJkuXimqgtwDwJmZKg3UhSgcJ4qJmqGcU%2BwiGz%2Ba%2F4Rdoyh4SU61kMI5ArtC5gIB8Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017eef3712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/icon_fb.png | 104.21.82.93 | 200 OK | 3.1 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/icon_fb.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 512 x 512, 4-bit colormap, non-interlaced Hashbedc806e16cbe3dbb90de1790adce6da 8e2efd0afe04a0d6b39c5f22ae8597a4704a5777 63e21af008d3e310fa4e9e8f14cd9585b31d0ecb359abdd4cd1a237c930a0856
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/icon_fb.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 3109
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 14:03:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jmrum6bMzsl%2BYApWqGXrYiQVMaVOVST1Jhwd0IMfUjz6FTP0mnTM2jEPChSixIEZ0y8YtGYcwkJsNugA6JHuvDF9dqih2ZS8xaG3RtvyGVrmvSNa%2Fubkq0BIn4t1A4Hut6%2Fm%2Fw5XzD4z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017fefb712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/icon_2.jpg | 104.21.82.93 | 200 OK | 6.1 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/icon_2.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 117 x 117, 8-bit colormap, non-interlaced Hash46b38f708f721ed327a719a4f8451c7b a72770c0d7d618c59fa82f59e429ea86ce3409e5 b29d5693d898a1c5cf76231d6f4347b4a043671e98f22ebc11a3f14cac771450
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/icon_2.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 6084
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:56:28 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAZ5N9kWGNrnmR0vwC80hSlvoY3GBcWkeNcfOuVDRHZ%2Fdwkmh60nFsKtoZzX8mPhv7fXA9jV95CTgQVUunE%2FaykUPCY50pTUzepUNZKSl23G6LjXQD7FpQNwPT42He8oOVK3oBSAAUFj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017eeec712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/time.png | 104.21.82.93 | 200 OK | 318 B |
URL GET HTTP/3sjs23.krafton-news.com/img/time.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 24 x 23, 8-bit colormap, non-interlaced Hash931c35d5b01860050eb531ec73edb0ec de079da39f700264a530e4121de1e18428bf4aa1 e7336b8caf9c05229acb61566f3ffc4471462210672bbaee883fb5a808aa6732
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/time.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 318
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 14:04:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hT59vXJDSH5kNXPbcXtJ%2B7fGkiq1oQi93TrJgBcixPrC%2FRS75luBvFhk2vcXgbRuIgDbbyBAZI%2Bf3z3HPJuBy811RH1KVCZQy7MWWvgNVxac0pEiUYvIQ%2BzFPecwNUHP2Zbf08Tc%2FIYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be89712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/details.png | 104.21.82.93 | 200 OK | 332 B |
URL GET HTTP/3sjs23.krafton-news.com/img/details.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 24 x 24, 8-bit colormap, non-interlaced Hashc3abad1122a8bbdc1ad4222e751a1abd f8d7753c3c0a8569e62e198450cb2af9c4f4b918 fe6d96f7820a1893551488b134be76e2b3edfea12e4a6ca5863cb79a549ad2ec
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/details.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 332
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 14:04:14 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BgYMCDaZ7RPrD%2B3nJ0rq6RMeSHZv0UXyoHqBZ21doU66akMgG4y1z%2BAluS2wVILqz5Yp94SieJ1jzUUmTxSJivnkrr0i3TFBuTP%2FBSOgDj4TzfSJru23Ri7fVIIvJOH5z%2BOKI%2B1pukG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be87712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/loading.png | 104.21.82.93 | 200 OK | 1.8 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/loading.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 88 x 88, 8-bit colormap, non-interlaced Hashbe33c96c2dcf2480abbddf2297b8fd7f 449c58d674ea49613fe2b4c9f0a76233b17852b9 ef850a1178d4da6a50c129158abe1c87870da1c01d0591633495258a3e6bf293
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/loading.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 1752
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Thu, 04 Jan 2024 17:35:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfL%2B6uVL3aMQqADVHCxy4sQrZuPwAKoep8TCvlV3OA%2B3ZhDeGQ2DTvYfUCgRWxw%2F6UXwnm4kTozjkzr2XSFJLBEkZFPSJDzgzshUbJ2w55GN9KboIRqLelgJH5IlR%2Fc4CcsmLc6Dq9II"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017fefc712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/5.jpg | 104.21.82.93 | 200 OK | 36 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/5.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashdf2b6f319dbf8e4a6b43220b7dd2aba0 460edb5b201c153d35985e089969d5fb0212b3bc 33e04ecfde4f69aeed396a9a126f264be4811cf7c0e41b2c9d24ac8001722b1c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/5.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 36308
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blxn0nnEuc2qD%2FnEcfhOSokWH2uFRsbekVbAu4%2Bw7OrZkauogVTJqLwR4t1xJAreDvpMBe2A9wI3u93RjYXIeAapGjxqUyUEx2WSrrlsVLXSVF3Yt%2FSm46lw9gGWqDDdFrz5UJmLLPp4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be90712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/16.jpg | 104.21.82.93 | 200 OK | 40 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/16.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashc2092a2aa862ffe75b3f00253c33ac86 e80662c4fffd6a2bb5271a5712247cfd16d31d5e 2c424d541b5bb35fb2edf1a05e8c82aa3ee74245d36305883b8ba1fb2309495e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/16.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 39937
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2siPepIqPS0t%2BR1IAju2i82oh9u%2B1id3feT%2BTc6FHTxIQZBnuI8bWbfoK8lZ72aIHs9bWvZSbMeInzekWmYbch6GeSHk288J0Cr%2B9jXSA%2FTlQqaUCNy8xU2iLe2bCpuM0ottljhbZFy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017dec0712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/Token.png | 104.21.82.93 | 200 OK | 30 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/Token.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 135 x 130, 8-bit/color RGBA, non-interlaced Hashd02c9d4d558a113e2aebd45c7d8237dc edd72f80a319adf3fec2f3f061c1b82d6bf59aa7 7fb8131422bba9cda088005359870721b090dcd043d3cea030367be68c6328a6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/Token.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 29942
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Thu, 15 Feb 2024 09:59:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZutEcSz9XEPM%2FLN7YUxo4RfBN9g1qvezObAobJTgOyS7UHl%2Blegy7pwam4AThXAXHQpVMxron2nHNjto%2FRLm3%2BqxDqF4gsZTWupupRTuBdwK526hoKw6bKdb4jzFhHC1IjuSyCwTI%2BF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ded9712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/9.jpg | 104.21.82.93 | 200 OK | 38 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/9.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hasha16dcbfa9245afd7aa5cc86f10aab771 ec9832a2430cd1a8b05748cbb0466ddfa55af84e b64d28c1607e4a14377b6dd52fbb142551df6fc0b928e821ad30bb5040dd6d6f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/9.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 37842
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=arNfyoHDow10g8qsLXsfuEJsTEwrIO5%2FsF9mz2%2BD8X9tjmhqCUG4vFXYil6LTwDwvD0RwN7CisCD9ZFRLoYg%2FoNGV4spMMAlln6em3qAIDvRdRUIv5s1L%2FZHrB9WHflo82CZNmQk1of%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017cea3712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/17.jpg | 104.21.82.93 | 200 OK | 40 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/17.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hash323a5ff8ce52e66a6d59aa0b03d73824 6790851e88b6d11cef1ea246336a76b0e8b7c56e 42d589d45d559936f424051ac888936432c349b009cbf9f56fac6a7c138e6c03
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/17.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 39629
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cb8d3Zy5f3cPSbyCkrSlXH%2BUx1aLvUd8eht7iO6z9xNCfhc2yJb94hDHspsAqRH4xshAZ1dDvge4N5JXJ386z2bwbS60Fy%2FNws57%2FXJKH%2BQabQzTYQWpdkzliVgAYXKvAkt9M%2FftGwl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ded2712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/18.jpg | 104.21.82.93 | 200 OK | 31 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/18.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hash44bbd09089e9c198fdecde981809f5ee 9a90afcc8fb64f72d388054c77bd6fb320dae019 620ef24b9dbb8055a6e9494c082ed05a30ebf9f62477d5f79bb0e977664eb1b0
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/18.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 31321
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swfeMfuuA2FhTL%2FjmwtC%2BApEsiwClcv1DAvOn7qcwwq87Bxa%2FopebPuT3Oqq0WTirsjMxEjoYaA9iTogTudmF3ftc%2F%2BwX8GY1F5xcIIZG0eP03wgxmzxFpON2QE7CUGBQOHKn91oyemJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ded6712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/gamecon.png | 104.21.82.93 | 200 OK | 31 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/gamecon.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 768 x 244, 8-bit colormap, non-interlaced Hashaa23589f839ed001d85b7a259a8d96f1 056e97ca401d7fb09f364d1d4fd311e6e1482172 63944d94f469e7aa142ac195ae7b3ca66d79c3deb8274d38a52d7820de4dedd2
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/gamecon.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 31091
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:42:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AD%2BQPsp3%2BB%2BqnrWbarSSxOiOxe%2B6AcYhqHG5tWMYvITeBVeNX81JsJtuGFvKWqw61Po5VKjGIzfqofiPFedv9BX6BXAi%2BUzPPSk91ICznPLT408cJoyWb5rYDC7JKMA5dvobsN6SK6le"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017eee0712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/1.jpg | 104.21.82.93 | 200 OK | 45 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/1.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashc9b13a536b4e340f218010e884af9093 cd47f4fdf19998b20dd0d7e51585577d200f0b90 ac87d4c750cef16f607c2ad09d42fb5f8308179100ce688da9e7e69c0a4a5422
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/1.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 45395
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRa%2FitmG8Maea9iDz1X1MW5DAzO%2BnosXK8h4bzTCcnKvZWmEXgqb5pfJZhuJe0kmywIkR8OSRGMUG4VGn6kloA22uDUYQ3egyaktQ%2FOIzSS%2BT5pqAWSPowdlqjfS3mSvNk49g4WfAR3o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be8a712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/7.jpg | 104.21.82.93 | 200 OK | 34 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/7.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashada70b7c7e786f5043e0c8da6c484e1c f8376262d2078ce2a59e5302f11edd8a896b64df 5d12b51ee8c900e71895a42aaaf3425c5a29ea55d22961e5c519e1394c1e6233
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/7.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 34345
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=INs0GOGe%2FMoLaGNo1%2BApdXOZsQgjp1%2Fi6sMjN561TO7IM5VWhRaM%2FMyVcJRw1r6CSYv5kXjH1nfRuNqtPVhMO4fXdhViiuyArjPplkWrR%2B0aGJDCurPOamHzp9vy%2BdybkPWxA0lNVWYI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be95712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/13.jpg | 104.21.82.93 | 200 OK | 56 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/13.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hash1302773d208c0609856df6d1c2abed61 103c451b40f5bf036128791f672bcd84c8f9f55e a4d53ab6ebe6837c4908ce8e5560010921be6778a387c1e2c255219b5b6cc8b9
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/13.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 56401
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dzGIk8ZoqT0V7vb5ObShM%2FnRE8UsGw9Z%2FGZ8gncjxSYR2k1DrMuj98lKpDTryRUpTVdvhd4ORLxS2NbmB4wNPnjju0tje%2BE339NAumXVD%2BZSotKprOPT%2FpUJAHl%2FkZtSRJ6vi1PGuv5I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ceb9712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/12.jpg | 104.21.82.93 | 200 OK | 70 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/12.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hash2aa5cb6da4cfe8d2f01b5e1e35745f58 9242fb7dad9a6a133146fea4ee4b26847d2ae587 f16bc3d085749cf3f3ab4dcc699dcf6238053a37c634845bdaa05662144e3942
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/12.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 69465
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EytZwINbyo2pMAQOT7N10JXeMWNl45Tg13t%2Bg4U%2BiqvPQnHM49QAZoaBryXzU9k0Jz9QWM8vZMrl3CGe%2Bx3mMtN793vaTVF3wId2g%2FciukfbF%2F7zl42pqkKNW8PMgeWhgoOZoHNxIanF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ceb7712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.82.93 | 302 Found | 0 B |
URL GET HTTP/3sjs23.krafton-news.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 28 Mar 2024 17:46:08 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=grLDtETUmbG161DnSWqW3FJGjqIyjmDHfmIsZdYzo2mRocVolTemkRsneGKDoQaK0fLxK3o40a%2FBxEx5YMePsa%2FSGlN2Yyi9OM9uJUB8F%2Fk8H%2FYEsmeCzJEekbE5sZBCOb7QfC6PqVHr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701aea97712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/4.jpg | 104.21.82.93 | 200 OK | 46 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/4.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashe8546d706dcf57452fbdf647263630cd e098b10344674ad51d2277c61852b82c9e6ce2c4 154f94dae59934de419c68865c7149f6041768c3b19eeb218cd57245116a7d6f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/4.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 46516
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvqLXgzwdA%2Bt%2Fqst5%2F6KSctwy0ZVpFfcZo8jh2avG1XcvSUtDhxVUbl1op9ObRiP36WOi5b3gC0rgg5vBtclaelBMBwB0Si6gdG1BsxVexRMThE3UD4NC3r%2FbiRxgXVa83z6VgkQjxvY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be8f712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/11.jpg | 104.21.82.93 | 200 OK | 53 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/11.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hash2096d8ebaaf1704314e38f235a5398a4 417f366da2f1d99f9ba54199a832757ac5a57e4b 59a9b5b53b0ebf028652ae0ab8f76dc2d09af5f3877abc4ba45382dd4ec274f7
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/11.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 53317
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTLh9LHs9R5CZ5BaL27adpdc6h8%2BuAuID2t1Qs5O0WYXtOuHEqNd1fH19HKGcUkG6%2BXb%2FAv%2FrTjzO106XXoKn7zxd%2F3B6BbIxHULqLC7bVmDiTKKtsq6gShBQeG1qo8qkHUliD7MSZo%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ceb6712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/8.jpg | 104.21.82.93 | 200 OK | 44 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/8.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashb002d312c2c82768992b47894564c912 4ec675ae742c6d432c822e39c1de0e6027c0fbc1 f04ff076a335698e7d8222cba371e589b40928277d92cb99acb48dd3dbd2334b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/8.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 43622
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQ%2Bd9b%2FvNwBuUt9rgShqq%2FNfrMkquEWjSwVTpfnXjPZbTaG7uxJ4YTegnbuWbtVyo%2B6pgGRu8hZyy%2FsFj2db5f9YtIAWDyXsKIYG1C1FfRgGzIGekGio4OLjLjBL1T7NhdaXG4ZGYLHR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be96712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/2.jpg | 104.21.82.93 | 200 OK | 46 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/2.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashdaf0a7018a04987fe369d95174af1579 9e59998a88329c1195faa03b207917bed5d84084 17553c6679325d927eceee19b5b7a778c46d2c1986e1ddc7a7dc70421788b9ff
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/2.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 45654
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJuq2nwbC1%2FIBI4oh41TdMS1THaZ%2BfkZxa60DLlePh7ehcmMSg3nd3m7uOWrr1zECX8eQxzAwKZp9w2gdCvqGCjWxJHFZfvm8IULNBnqeagZiu1d1hOrH3%2F2NTncU1avL2L5RXkCafwi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be8b712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/14.jpg | 104.21.82.93 | 200 OK | 62 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/14.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashf1139723025f42b38d6671ecbd4613a7 c4c0e2f496bd1e998e5200fd618fa0164045657b 70e7d6ae3d85bff30304964a2322c459ca11acd0a4b39187d9071cd4925ceb8a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/14.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 62187
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VuwRA0q8gN3R0Om0UP6s6JxscFIa71OUJCr7CVUHSy5uBLuugP1mnrAXXl3G3O8OazK3w%2FRzHEW55BBgyqgbuf6RuKLOnVFDbzEnXNpd5coz4yfIq95jawI8wOUPPe0bPJSjhBjhJQgZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ceba712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/10.jpg | 104.21.82.93 | 200 OK | 52 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/10.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hash05440562a8d714eda1e00f241bf134a6 3f0cfd43588f5ad2862e0f298ac2d90af94f06ae 458d9ad01b135bede73c7da126c9f2bd035261d02e5aefe027b1c8d016eb1c18
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/10.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 51550
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Yl6REdgOfEpK%2FQx3AGxIdoia634A%2FP71zaN6Rvsdtpn0LCWKhP3vcgWgwdhzZdZWA5RVQ4PU6FWVZtbo%2BsystNkf5%2FyMFqtshCcxx819xun1ibZvFAgiwSSSgxi7YwDdQjZiBtRaekq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017cea6712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/login.png | 104.21.82.93 | 200 OK | 63 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/login.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced Hash9c9b804ab29f89bbaf74631f98574278 1ade26603615d5f820880201137c48f4bfa80a60 a7204f9c6e9885587b2d096189b97f58c5b3bdda908df5bd355066723900dfef
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/login.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 63387
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Thu, 15 Feb 2024 09:55:46 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeIQObAD7H86zdKTe%2FfM6E5e6%2FNFcPr1FbogfQqKMKFnEvvQmuJWCyHYmjUzdX49j947%2Fx%2FvCmY2QmpcrDdX8hG8pRnA98tSaQk9qHEoEB6lZSnn4wlvIuQ%2BVujWQKqbob6xtGHs1r%2Bc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017eee9712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/3.jpg | 104.21.82.93 | 200 OK | 52 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/3.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hash222737f5db2521c48033a25f190271ec fe217beadae0f4f97e58117e743d2409caaa5d53 40c462d5196f5234723cc5ce837121b06e6b23eed256f6d77323c3c3fab40bea
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/3.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 51803
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvryYPRbVmpvQZ0Vfdn0DLIxxTkelOwJpk%2FZYz7UZIbxujYNVoRG2ZsXsYaZ7cPtO5Wd17iKJD144V5ZfqfjcWUI%2F%2BKC%2FMI9xlXjttY2bhR9gKuaaLG8ckBvMB%2BpeiOtgNEeboSP%2BfoG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be8e712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/15.jpg | 104.21.82.93 | 200 OK | 49 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/15.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hash1c0f834a1a3c0f7e134995e16ef28339 5b5ed60ec0d5a4121c3f66c6d3efd4716540eecc 811d91e746c7a74585860c11f7bfed4a00e8e72f6432e376a860200a499fb182
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/15.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 48921
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ab0wGHq5cigyoDjXMrRgdcvu6dswj6Er6exGPuQUIBvOKRPN7vv9BtbPDm%2F8PHa3ZxZj8JiWygfTSNM806ufASvmWg7wk2Pt9pOdVWGvzTPMPtg0bDlYcwnZuCj7fj1oLzMMkz8J88tr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017debe712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/prizes/6.jpg | 104.21.82.93 | 200 OK | 42 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/prizes/6.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1125x1280, components 3 Hashf85eeb58a1d393810ccdde5d1b903c0e e93e7f6d59df8bc791b4966d8201089984ded25c c8163587a3bad1005f8aeaa5698a83031aa5d65c885c6a7b87fe37ff081fc447
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/prizes/6.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 42324
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 23:47:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1LVzY4T8XKny1puTtevg0WHIq0zYFZoMGC6fdnY6wvfzArlOEVw4SeVLaUlCxXJYK9wbUFPo1znE4xXQjyC6ZhJBCHdjY0p7fQgvc%2BbrUZyNDP2xASXmqdMi2Br%2BhFeXrbins3ybssg0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be92712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/btn-on.png | 104.21.82.93 | 200 OK | 2.8 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/btn-on.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 194 x 57, 8-bit colormap, non-interlaced Hash394960192dfaf2ad4f302833361cca5e 193001298663b93222d3a89b8600719a0d209023 0a1f9b84036712c81c3e852d8be955476d5f01d64e98e7734d4d0a2c094cb590
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/btn-on.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 2836
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 14:04:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6V5GVTY8fUFHO5OaDM%2B7tp%2BIRVKu7vnbg5Br4zSKZi80FH9n%2FOlQO9E5CsBVGrTM7BUV%2Fpm2MG4aRzCmm5o5RoPgHx7K6E63mOG6vkrSzVtmCTtYh9Shb56IFjvt%2Bk0RilFSsMl%2F%2F6Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701a49f2712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/background.jpg | 104.21.82.93 | 200 OK | 51 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/background.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x1280, components 3 Hash58466bbfbf1dd22f2167a1a1e59fe95d 53d390cf4316c463242905acc6b19673cd7b9347 0d73f4036118412f3974189c4735d8a526a9f9742b353ca45ef4ff145b1ad407
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/background.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 51395
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 17:52:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQtjAAUF8zppftseaXiH82OdOxbjrfj5sMUHjTxQK6n%2FNHCi0ta9SoNVBmiNN06EUX7l17HhIyrY8Nkc8y9KASU63AcbY6JTcyydd6ndtSNDCLicDTh%2BQ28NSSn8WXXPjVrkskV7duyn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701a49ed712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/btn-off.png | 104.21.82.93 | 200 OK | 1.2 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/btn-off.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 194 x 57, 8-bit colormap, non-interlaced Hash201b6580d767f697e018ad223ab7d761 641f92a2a677f70026c096e2f88aa1f0e426fa88 ceafe1e200d86cbaec8127b87c1625a97b0ca46d17033e4c0ffd99b9394deb47
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/btn-off.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 1249
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 14:04:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAcAB3HunuR%2F%2B46m7StjGChFaqWvfzDA%2BPh1KItN2nJmaxaumIt6axj1CG3PQ96VEIspUn6Rla1MKJ7qDM1DZLeGra7oBxgetJ5uBVtxVkthL%2FZYY2u0nkpkhVgG8%2FKRW8xGjKTD3XLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701a49f1712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/header.jpg | 104.21.82.93 | 200 OK | 351 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/header.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x620, components 3 Size351 kB (351290 bytes) Hash0199b9673c22f16c25f475271ac7eaa3 f2ae5a390d07d52a43d820423c113b5166ee57c0 b2be0ee7a128b91c814478e454ed7d855d58acc0913f962f3ea44efb64415ab3
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/header.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 351290
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Thu, 07 Mar 2024 09:58:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLAoRFcA7LYIJA2JCNFAsWrhVK3mxz0eMWyMLmgBypIVNQJpWOymNJpdKBUlbFvuTkEi65A9blYuAGw%2FVQ822LdOkhzOSshtDpPHToHS8xLaJSx4LoOK%2FnxSCDYEEnRIycgooRB7cpCr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017be86712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/fonts/selow.woff2 | 104.21.82.93 | 200 OK | 22 kB |
URL GET HTTP/3sjs23.krafton-news.com/fonts/selow.woff2 IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22220, version 1.0 Hash345579e8566a3dd6dc9feb5362fbe7e1 df075dd0c26e72fd7df19948f07904c1eaa72ded 1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /fonts/selow.woff2 HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: font/woff2
content-length: 22220
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Sun, 02 Oct 2022 09:58:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRg%2BX9TeKQuASEwqOJWa21wBLRh4BrAr9rQ6xTl%2FuXbZ86MOsRi10V2qsvRIznQ%2BVp4L2ZUN01srGWqgz9Y2pHFSsNTz44oWVtDGMyf40l4DQwb74Sa7%2B343S4iwiIViYxom4bsu6XOH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701a49f3712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/media/close.mp3 | 104.21.82.93 | 206 Partial Content | 13 kB |
URL GET HTTP/3sjs23.krafton-news.com/media/close.mp3 IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hash2056bdcfbd551273ee207f8c6ff9d257 6fe68c9917d3409710aee4147ada311093d33ba6 d7633fdf0d543880acc3fdaf578728d7becc1ff429ba054921d3313f73a5a4a7
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /media/close.mp3 HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: audio/mpeg
content-length: 12675
last-modified: Sun, 02 Oct 2022 09:58:58 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-12674/12675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ju4RwbRHsxTxN3WhZixY6%2FV7zApS%2BwoGdJC%2F2rkalUOu3xr3IRW%2Bz6%2BI7rVnIcTi039lhEoVEwQO8Ev44o4o6PTLGyABqrStk34%2BvZqauhUY1U%2FgoekPbCi9IXeWWRPw2eRqbgq7wUTZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701afaa7712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/fonts/selow.woff2 | 104.21.82.93 | 200 OK | 22 kB |
URL GET HTTP/3sjs23.krafton-news.com/fonts/selow.woff2 IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22220, version 1.0 Hash345579e8566a3dd6dc9feb5362fbe7e1 df075dd0c26e72fd7df19948f07904c1eaa72ded 1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /fonts/selow.woff2 HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/css/style.css
Cookie: cf_clearance=23zlsTkwPeHSn_acDTcyfMPmGGV3jLEHT2o_mWdpSAE-1711647968-1.0.1.1-AyqkmHVPx4I2lxXH_SVwAPaYYICeu8n8MhtfHnu2J5OYZDESgNEoI.BsX93cn_ZuYTBg5Cr4JUjdapxgPnSH_A
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: font/woff2
content-length: 22220
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Sun, 02 Oct 2022 09:58:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UnkmEjV0CrzF6Pb6h%2FU1YJtzOURRQ8JiBMZY3Tcro2GjQSte3B12zt6K%2Bu0CXG26W7pOU9BvwLSt7Jjs%2FNcDrPQN0A0vEFOIHcSxpG1lOjl3xVjltlHAwRC2WyIjeF1c1jkU9oyzDUR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701cccc0712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/media/open.mp3 | 104.21.82.93 | 206 Partial Content | 13 kB |
URL GET HTTP/3sjs23.krafton-news.com/media/open.mp3 IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hash58418a30e1310bf4fafa9fa0e57c18d6 b477e72668b181c3080d6b921e2edf15ef134f17 d5ad34e8bb64fba432c1a12b24cd1e532104d0183045e73abaaec72aa824df1d
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /media/open.mp3 HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: audio/mpeg
content-length: 12675
last-modified: Sun, 02 Oct 2022 09:58:58 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-12674/12675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5xjkcVvo1EVqWJbRfU0wT1xujls6OrlQwMsMN5e%2BwLaGb26kBcWR56MC7S6Ux65gOaoc3d%2BZWMjcU6SolH79cTOGI7JE%2FlCj2fBA9y3Gyke%2FDQBVAueWp4y%2FPhHT9DSkmIxnqJDuWLg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701afaa3712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.ibb.co/PYpHF6b/Twitter-Show-Password.png |  162.19.58.156 | 200 OK | 28 kB |
URL GET HTTP/2i.ibb.co/PYpHF6b/Twitter-Show-Password.png IP162.19.58.156:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62 ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT
File typePNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced Hash2fd203703821d5ce5d18bee2a51b779a a78d7b1369ce8bc34de57909af142043cae446f0 6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8
GET /PYpHF6b/Twitter-Show-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 28355
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.ibb.co/pZDr8sd/Twitter-Hide-Password.png | 162.19.58.156 | 200 OK | 28 kB |
URL GET HTTP/2i.ibb.co/pZDr8sd/Twitter-Hide-Password.png IP162.19.58.156:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62 ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT
File typePNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced Hash8d1f08b46884df302bf7300fc234832c 5735d57b6fa211c400d439095d5ff2f5bb57e691 e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7
GET /pZDr8sd/Twitter-Hide-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 28029
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| sjs23.krafton-news.com/img/box.jpg | 104.21.82.93 | 200 OK | 76 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/box.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1228x1280, components 3 Hash55c455ccecef6b56a7594f798c0c1b02 d50c3803794330931e8f2b31268c04bb95617e27 199f762263004138f7e6d2efa4c5d6f32cbaa382be34b4a442554643ed4f8bda
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/box.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/jpeg
content-length: 75811
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Wed, 06 Mar 2024 17:52:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kH%2Fuyb4kZJ8XgzCjcYL7VkfzHbORhfEiJVUFLlm5WSO9cng7IZoyvI1Ms%2Fk80Siifhl8hcNijFPbQwqpLUzGjx8ilwKVXjrdCefBZxOWRyj7LeXgzRTL%2F7IEovilv1YcsX6%2By98Mkz2n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701a49ef712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/media/sound_airdrop.mp3 | 104.21.82.93 | 206 Partial Content | 137 kB |
URL GET HTTP/3sjs23.krafton-news.com/media/sound_airdrop.mp3 IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Size137 kB (137227 bytes) Hash7148a9d0b2197180961c66885a2bccb0 1b20bd61dfb28f06aea20be01e8fd950c1c074b9 c0feb02c70a86d83a27cb47c6b12243151b5f595377467a2f42a9c7a7da6b9ca
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /media/sound_airdrop.mp3 HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: audio/mpeg
content-length: 137227
last-modified: Tue, 02 Jan 2024 16:12:06 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-137226/137227
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjoIsuLUS1u%2F7AQgQ5E6pb0i3fynQB0HWpz4AE7nM413DTe%2Fv1JWtxbfQhr%2Fp%2BYfi%2Feba6If5cpMV2dX3ZqdN3UUkC3NmLP4tDvYm7bDa8aMYjbCQYsW9oDCbrdtOpQdVy0F7kGlqexq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701ada6e712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/media/selowairdrop.mp4 | 104.21.82.93 | 206 Partial Content | 810 kB |
URL GET HTTP/3sjs23.krafton-news.com/media/selowairdrop.mp4 IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size810 kB (809539 bytes) Hash7a43ba7ca095c767d3ca2ed895373f2e ec8556f0003b3bfc1e84c6f2922c60e9434f3eee 4d81062e830a5daba1091ef0c1412e468ec500e86922afb30bea080ba1e86f7c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /media/selowairdrop.mp4 HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: video/mp4
content-length: 809539
last-modified: Tue, 02 Jan 2024 15:02:38 GMT
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-809538/809539
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rW5yGa3mYIeZxyuiu8TNh0tPke%2BrgTHihYV9wgKU4YD6wwzDE2669icI%2FTHXHtg2vHbkhfQ90aRFNXMqCtfI3SuLW7uexd5zEf7H0edZbEujSpurkBWU5hpjfQfWJ2tP%2BFEFhnak7M1Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701948c4712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/icon_2.jpg | 104.21.82.93 | 200 OK | 6.1 kB |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/icon_2.jpg IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 117 x 117, 8-bit colormap, non-interlaced Hash46b38f708f721ed327a719a4f8451c7b a72770c0d7d618c59fa82f59e429ea86ce3409e5 b29d5693d898a1c5cf76231d6f4347b4a043671e98f22ebc11a3f14cac771450
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/icon_2.jpg HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Cookie: cf_clearance=23zlsTkwPeHSn_acDTcyfMPmGGV3jLEHT2o_mWdpSAE-1711647968-1.0.1.1-AyqkmHVPx4I2lxXH_SVwAPaYYICeu8n8MhtfHnu2J5OYZDESgNEoI.BsX93cn_ZuYTBg5Cr4JUjdapxgPnSH_A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:09 GMT
content-type: image/jpeg
content-length: 6084
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:56:28 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Im8EgK4WCQxaYyT58E%2BvfEI6nkEI0kNDs63KXLpMmc9%2BWQtoEkE8gc%2FG2gI9H9q5Gz9AGclQAjPSkHFkSmKpMsCTnh0fuu101RzLGogqavGf7YYOVv0El2hgncGN0MEsjvMh6GCoL741"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b9701f6f8e712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js | 104.21.82.93 | 200 OK | 7.9 kB |
URL GET HTTP/3sjs23.krafton-news.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJavaScript source, ASCII text, with very long lines (7863), with no line terminators Hash87ce34d7a863aa8e9a172115ee137da7 4199b52f595e2ed55642a28d1afed53d0191c27c 81864e3cd4bd3dfa2200e84d8b17f7526a8f004efc2dc8aa820a7cd03e9fc9c6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a5yMsBkXu8JbnpX2KDFozpZmEgcf3IJUhQl%2Bxb0bO9XCrJ1NQvzuGiu0kKmnVJ%2FQUx8akKjNvzNfsiHBx0cgJ2WNQ%2BoJ6wnZTq4704NRZICTHsYKyqKQmMKgipLJQ2J6rxXgEwgfcyps"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b9701b0abd712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/css/style.css | 104.21.82.93 | 200 OK | 19 kB |
URL GET HTTP/3sjs23.krafton-news.com/css/style.css IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hash6d70dc668671fff5b22bfeaaaaf81d4c 0e09a586f9d6e61ace160c9a3241291b08ecb9c7 92c00bfd57ad66444f80c53812f9127d2e339812aec71470a24ca6c8c4cc9b72
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/style.css HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Sat, 13 Jan 2024 08:12:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQIxwM5%2BNqAoOUXrT5TlT0Y4aBdEVLKxJr2CrsuC4kVdHpdQubuwVR6Osj2o3EW0EugzQJ%2FGlBeJ0gWDcwkeZn7eZKn7J55RGOFGbkr9qzmOjG96zmNVX3BMTX0sAHnPW%2B3SCNsWpTh7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b970179e52712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/css/loader.css | 104.21.82.93 | 200 OK | 6.0 kB |
URL GET HTTP/3sjs23.krafton-news.com/css/loader.css IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeASCII text, with very long lines (6146), with no line terminators Hash576a7be8b729d1180248fc3c9ee93b86 6aed201f88da73aa989a19168983d5a586c8ccee 3565d852fbe0e33dc8aadbab2c024b135a01787de0f7aafbf711445d63658d94
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/loader.css HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Tue, 16 Jan 2024 20:03:28 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJOrnEKYs2nSrEhQO66vE1n%2BqpDvmQyOol9V2sKF9CNDrg8Nu5ILTN9UrbSEco2C31HUfq3ssGv%2FQhOvuCHULbLhoY7u3c%2Bw4MXTd%2B5805dVCGjjSwd9Zcar5NZBflEmATndqoKPg35a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b970179e53712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/css/twitter.css | 104.21.82.93 | 200 OK | 6.4 kB |
URL GET HTTP/3sjs23.krafton-news.com/css/twitter.css IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeASCII text, with very long lines (6929), with no line terminators Hash6deebc911d2130cb9cfba82c51459b37 9c2389a5d15fe039f52c4d66e4a2c628e9839aa8 34f4e3cc78057a9fc7ff487d13d013275c9184a09b7246dd4c112b989d743cc8
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/twitter.css HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Thu, 11 Jan 2024 10:27:08 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2FcpR4%2B2DJDKvQyW%2FzKjK6hPMfhy0t28WRnBnKpXH89fJQc95T3%2BsjOXeVHQ2na7%2BhckgbTkhg0AGXPfF6l%2F8JlZI7%2Bv5ILhSa%2FFb3swn2Ee%2B3X3cjeHvSXaqUwwSqdGCx220yp2eLVy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b970179e5a712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700|selow:300,400,500 | 142.250.74.74 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700|selow:300,400,500 IP142.250.74.74:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typeASCII text, with very long lines (8956), with no line terminators Hash91804c0df51e58b0bf469561e1ac2732 cc5a9023e310b49ef8f8ae32bb89ea774fe116ec 8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa
GET /css?family=Roboto:300,400,500,700|selow:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 17:46:08 GMT
date: Thu, 28 Mar 2024 17:46:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sjs23.krafton-news.com/cdn-cgi/challenge-platform/h/g/jsd/r/86b97014cdd10b69 | 104.21.82.93 | 200 OK | 0 B |
URL POST HTTP/3sjs23.krafton-news.com/cdn-cgi/challenge-platform/h/g/jsd/r/86b97014cdd10b69 IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
POST /cdn-cgi/challenge-platform/h/g/jsd/r/86b97014cdd10b69 HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12179
Origin: https://sjs23.krafton-news.com
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=23zlsTkwPeHSn_acDTcyfMPmGGV3jLEHT2o_mWdpSAE-1711647968-1.0.1.1-AyqkmHVPx4I2lxXH_SVwAPaYYICeu8n8MhtfHnu2J5OYZDESgNEoI.BsX93cn_ZuYTBg5Cr4JUjdapxgPnSH_A; path=/; expires=Fri, 28-Mar-25 17:46:08 GMT; domain=.krafton-news.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4h6VLNYJBxr5U3OWznyLBLxFq0P8GWDiP9%2BlTdd2KJlUdF4SpMz0TjrXc4LsZJIQh3kEcvQR0lU9MYotWQH9SGI60ke4%2FBXp1XoZHl8I8IPiz2%2BYmdftlv%2BZUKhEwyeDx07%2BgP6924aG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b9701beba7712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 17:46:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 11022142
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86b97017ef98b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sjs23.krafton-news.com/js/script.js | 104.21.82.93 | 200 OK | 18 kB |
URL GET HTTP/3sjs23.krafton-news.com/js/script.js IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeJavaScript source, ASCII text Hashd9014e843714fb038dd933e7a263ff18 48bcdd1e97bbd94769078ca3e7fa21a436c85d05 c02feeaa00a71faa1837d2ee4abd2f08d58876c90036dee45b95dd41be86d73a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /js/script.js HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Thu, 07 Mar 2024 10:46:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXcpbvPics4zk9NO87Q%2F0kQW5SYIkMZz95SZyQs1ibo6lOVUffMJiIp5T%2FqEDB4saR5VBNCKge28YL9wXbuMhdj%2BuMDn6rou8PEp6yxD%2BmeLKo98qalt4LpwHj4Ee3clP2QUkGbntkMm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b970180f14712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/css/facebook.css | 104.21.82.93 | 200 OK | 5.0 kB |
URL GET HTTP/3sjs23.krafton-news.com/css/facebook.css IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typeASCII text, with very long lines (5325), with no line terminators Hashb31aa9931fedc83d94bf0b0f2ac9c8ff f8b5bd5ebc48ecf1a6a1707cebd8361868a71cfa c17464f70efb51fb6e97fd7429ec1496454dadfc85d388c6b06b406cf332147d
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/facebook.css HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Thu, 11 Jan 2024 10:12:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwPeS9qrp1ZhwGkgFAhHwgdAtBlVJxFLszkabCAsgaCUybqubrMD5LjcVgW%2FJHz%2Frwz1LCLZ6lE5QEcXY8l%2BFLLRTb%2FAY7kZEZ2YFkIEzNsjw33GtHwubNjWSbTd2yAgIM%2BEt8OmdFz3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b970179e58712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/css/animate.css | 104.21.82.93 | 200 OK | 78 kB |
URL GET HTTP/3sjs23.krafton-news.com/css/animate.css IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
Hash8eae1a9cfafdc593321d4d59ec4905ea 232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/animate.css HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Sat, 13 Jan 2024 06:57:12 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=npx9bxnl2Yv98y0VF3OHOshNoaAUITo4VC%2FusMzKmfbP9uo77fbYu373o9fkTSQpzV%2BA5MgplGDw9D7OLKl5rGQMxmF5jq48VRf%2FSLI8vw1v77M4P3JRXVh7jixfxoV%2BPgBI3sHGS51q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86b970179e55712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sjs23.krafton-news.com/img/style-img/navIg.png | 104.21.82.93 | 200 OK | 264 B |
URL GET HTTP/3sjs23.krafton-news.com/img/style-img/navIg.png IP104.21.82.93:443
Requested byhttps://sjs23.krafton-news.com/ CertificateIssuerLet's Encrypt Subjectkrafton-news.com FingerprintC3:62:B3:50:BD:8E:70:D7:F1:59:98:38:41:E9:14:6C:70:AE:6A:1E ValiditySat, 23 Mar 2024 03:16:22 GMT - Fri, 21 Jun 2024 03:16:21 GMT
File typePNG image data, 50 x 50, 8-bit colormap, non-interlaced Hash695b93714faf2f2fd40356e59283f6d9 d7b331941acd164b11505f16c9406c845db12040 35f4b2d7dd21f0a98d75958106e5a2a28ac22cae4fca8ed0b91f267170c11e19
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/style-img/navIg.png HTTP/1.1
Host: sjs23.krafton-news.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sjs23.krafton-news.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 28 Mar 2024 17:46:08 GMT
content-type: image/png
content-length: 264
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 17:46:08 GMT
last-modified: Mon, 12 Feb 2024 15:42:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WU36ho3gR8NbOgWM%2BVP9goHeMc6WYIi4D2A9CNy8y1JKJPUh%2BKKm4%2B%2FUtUKi2sK%2B0jov57v7vNyOEp1Rku1mrsRqGPe9b0PdeOyddFhSlDkz3wbRlH44eg0um9MMm1DfOnNCRkcrWOSu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86b97017ae67712d-OSL
alt-svc: h3=":443"; ma=86400
|
|