claim.kraftonsevent.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claim.kraftonsevent.com/
Submission: On February 24 via automatic, source certstream-suspicious (February 24th 2024, 6:28:27 pm UTC) — Scanned from NL

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is claim.kraftonsevent.com.
TLS certificate: Issued by E1 on February 21st 2024. Valid for: 3 months.

This is the only time claim.kraftonsevent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
16	4

14 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

claim.kraftonsevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
menyala.privrendom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	privrendom.com 2 redirects menyala.privrendom.com	36 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1082	31 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 362	30 KB
1	kraftonsevent.com claim.kraftonsevent.com	864 B
16	4

	Domain	Requested by
13	menyala.privrendom.com	2 redirects claim.kraftonsevent.com menyala.privrendom.com
2	maxcdn.bootstrapcdn.com	claim.kraftonsevent.com
1	ajax.googleapis.com	claim.kraftonsevent.com
1	claim.kraftonsevent.com
16	4

This site contains no links.

Subject Issuer	Validity	Valid
kraftonsevent.com E1	`2024-02-21` - `2024-05-21`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
privrendom.com GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://claim.kraftonsevent.com/
Frame ID: 5DA6E4BE04B2E61C0543FF98210B473A
Requests: 4 HTTP requests in this frame

Frame: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
Frame ID: F39ABFBE40D16246600797979A85F611
Requests: 8 HTTP requests in this frame

Frame: https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: 62A2D58758DB80D8F968A50DACBC13D9
Requests: 2 HTTP requests in this frame

Frame: https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: 4C8AF1753C9585A35C226A137D1CBEC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PUBG Mobile

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

81 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

97 kB
Transfer

289 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://menyala.privrendom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

Request Chain 13

https://menyala.privrendom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
claim.kraftonsevent.com/ 973 B
864 B 304ms
225ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claim.kraftonsevent.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24186032eb5362eb6cd51976b32a7c4fe9b8874807fb8bf5914b10c82fe41e9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85a9c4988fd5668e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 24 Feb 2024 18:28:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2BS8el3zVxqBFa%2BN5HpPM3z04mkopGMcYFAHc0ByH2HPc6hfgRubJ0e%2FpzshPHjDOdaUdpOBqhwGoYH8ua70qXwyRFxT4jCevVELTAJfP4byQbtwEoi5jQ6Wy2lSnUhIZjz5x00xxw1vheocnuG3euHz3K0Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 118ms
72ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: claim.kraftonsevent.com
URL: https://claim.kraftonsevent.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://claim.kraftonsevent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1078
age: 7650304
cdn-cachedat: 10/31/2023 18:59:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a99131ed71793c235969f4741b45dd0f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85a9c49a4b532c5b-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 100ms
23ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: claim.kraftonsevent.com
URL: https://claim.kraftonsevent.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://claim.kraftonsevent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 21:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 21:23:52 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 117ms
71ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: claim.kraftonsevent.com
URL: https://claim.kraftonsevent.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://claim.kraftonsevent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1053
age: 7470636
cdn-cachedat: 10/31/2023 19:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1a04ea32b2f4b219188fda8349c8680c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85a9c49a4b542c5b-FRA
cdn-requestpullsuccess: True

GET
H2 200 / Show response
menyala.privrendom.com/ Frame F39A 1 KB
1 KB 3260ms
151ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://menyala.privrendom.com/
Requested by: Host: claim.kraftonsevent.com
URL: https://claim.kraftonsevent.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d8bc8f4366e289be44a77aa33f0805513e0166dfd9604376d93a53ec2e012d

Request headers

Referer: https://claim.kraftonsevent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85a9c4ae8a6c2040-IAD
content-encoding: br
content-type: text/html
date: Sat, 24 Feb 2024 18:28:26 GMT
last-modified: Tue, 14 Nov 2023 16:00:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkmBdjgH6xqs4R9xUXlHsFB6NlD324fidww0hvEpwaB7FL3zuApxDQrAL%2FHh9tQuxl2SQEPanmA%2BeSj027LMic1mEboTLF4IKjVyCS603GtIeRVDVo8kt862Y6OmdCSEe32lzXsc91rTXXuu5%2Bm1CnmTB6vB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-turbo-charged-by: LiteSpeed

GET
H3

200

main.js Show response
menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame 62A2
Redirect Chain

https://menyala.privrendom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

8 KB
4 KB

44ms
43ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d870336dcd7ff85781bb3cc8a5b11d25c18c50253b7b5807cb512fcf0a9c204

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCKk%2BTWeHCbnlco1K5YN42FZWgM784brEQ%2BuBvN8FyM41tfLH6Yj4DJAZyKE6D%2BlvHOhtyyT%2FQM9pOam%2BEDABq%2BJamqofqBLTbachUWfP6RrOZmPG56tVc6NBEwVNwZD9PFNLzIMWn56zp%2FcuoQsjetdAsbz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85a9c4b01dc9d3f0-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 24 Feb 2024 18:28:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vi%2BR41s3IaC7wHkBoiEv44V2JRYHSDwhsrWB%2BUCLElV6S7TGRchOFC1z7IsGLBnWRjvS0MmiH%2BUsD0rCo%2BiZJh7Lfr66%2BElaDZOmf4DwJHhHn%2FiBkmVJ5O%2FWl0KqqJdY%2BbjBVDdmhObwg0tN3THZTyMoc9k4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control: max-age=300, public
cf-ray: 85a9c4afabaf2040-IAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 defaultwebpage.cgi Show response
menyala.privrendom.com/cgi-sys/ Frame F39A 8 KB
3 KB 155ms
155ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
Requested by: Host: claim.kraftonsevent.com
URL: https://claim.kraftonsevent.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6d36ce129340143415a2afa758f58849b22ea6dc7e1bef7801fa6d46687686

Request headers

Referer: https://menyala.privrendom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85a9c4afabb12040-IAD
content-encoding: br
content-type: text/html
date: Sat, 24 Feb 2024 18:28:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWx2Du3mxGvi7kxbBYtgOuR3Ew1elC6hk5AEWtyqqvNujceFa6aIahHHyduUVf6b2IcVMPDYBCTw3PPt%2BC0BgQh%2FHI51V8oQw5ix3%2Bt20uZOjGvPfRvlS%2FEYsUtJ%2BA02tgwFNphRMsiQ5AhjpBY32TOqsMrp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

POST 85a9c4ae8a6c2040
menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 62A2 0
0

GET
H3 200 IP_changed.png
menyala.privrendom.com/img-sys/ Frame F39A 3 KB
3 KB 232ms
232ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://menyala.privrendom.com/img-sys/IP_changed.png
Requested by: Host: menyala.privrendom.com
URL: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 15:42:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMadEY98Mf2HGUK%2F8qKTzf9U6RBHSlC6%2FxiUrnNa90mLnoML7i7wGm9U%2BlexXgNQ4o5tu%2FJ2bXOVvruvJnkxjr70dndqeJlQ7Y7QtQ7cAqI7208UAvR%2F46y5%2BURjqg25LgT1HXsloK539jlTFF5Xt5n%2B7NoR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85a9c4b0feb3d3f0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2939
expires: Sat, 02 Mar 2024 18:28:26 GMT

GET
H3 200 server_misconfigured.png
menyala.privrendom.com/img-sys/ Frame F39A 3 KB
4 KB 230ms
230ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://menyala.privrendom.com/img-sys/server_misconfigured.png
Requested by: Host: menyala.privrendom.com
URL: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 15:42:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3y4Z%2FVJvxUR%2FD8ijBl5mm%2FkHzSlhTPPm0No7tkgN5s%2FzoKv4w%2Fob8yJgRUQSDV8H0EREKEuJGu8h%2FEC9P4Gs%2BZvha8RUNE7Bn%2BxyaIaRB8upexZXkE%2BkWVDpyXyncKB0zUg8QCvsuZkH3WUATaGo1QV6Qrs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85a9c4b0feb6d3f0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 3164
expires: Sat, 02 Mar 2024 18:28:26 GMT

GET
H3 200 server_moved.png
menyala.privrendom.com/img-sys/ Frame F39A 3 KB
4 KB 235ms
235ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://menyala.privrendom.com/img-sys/server_moved.png
Requested by: Host: menyala.privrendom.com
URL: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 15:42:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ws%2FrGdp%2Bf7TCnRIeEd5Ytu4ZOoIYa%2FJttjjivrdmkSL7cdjE5n4OdhtPK1zyMGKPkvM419q04bIsWrl%2Fc11exxLI0sgfEC7MmIstHm7aTzYOmZcGL7bLSXFrdi1kXGta0heoWnYqVruOPwPaTlqzH8y2HVPl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85a9c4b0feb9d3f0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 3327
expires: Sat, 02 Mar 2024 18:28:26 GMT

GET
H3 200 powered_by_cpanel.svg
menyala.privrendom.com/img-sys/ Frame F39A 5 KB
3 KB 228ms
227ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://menyala.privrendom.com/img-sys/powered_by_cpanel.svg
Requested by: Host: menyala.privrendom.com
URL: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 15:42:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdYRoRagtVBqjXPLeTXqnDGpADhA%2Bs%2BvmR828RDWYLgA1V4oQR33oVwT5cQmlDbx3pIxwPOvdFe94o2jdF%2FUJWdNBqdP%2BnDTJhPoyioIc9puoXnKSHLZPvuVVrcJhSxJBV9Q1qYW4nA3tJgy%2BXWihj4UVACY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85a9c4b0febad3f0-CDG
alt-svc: h3=":443"; ma=86400
expires: Sat, 02 Mar 2024 18:28:26 GMT

GET
H3 200 email-decode.min.js Show response
menyala.privrendom.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame F39A 1 KB
1 KB 54ms
54ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://menyala.privrendom.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: menyala.privrendom.com
URL: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Feb 2024 14:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65cf73c3-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Un3NqOUkY6wTyk4hVDNKgSGqJAUjR3rr7wMYmEsO9Gp%2BJa2lYkrU1I5AzzJvwSJMt13rEG224%2FUGW0wZSrKIxYI7KMybu2vaO7%2BOA%2F1KvD7Yeg0E0DLatiwh5cU%2F8bPW9a%2Bl6VdeVoj7BbmMUmH83EgET%2F0M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85a9c4b0febbd3f0-CDG
expires: Mon, 26 Feb 2024 18:28:26 GMT

GET
H3 200 error-bg-left.png
menyala.privrendom.com/img-sys/ Frame F39A 8 KB
8 KB 262ms
262ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://menyala.privrendom.com/img-sys/error-bg-left.png
Requested by: Host: menyala.privrendom.com
URL: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Feb 2022 15:42:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbFAUaWnKI9By8Jz5pzZGzL%2BAOudkxYMoBaJ3lLNK15%2BQSF3mzonsanIHRxGoUHFzgMTjv0oGBVDG2t3AZK61I0Jy2QCRbIIbkQur30T8LK37OBHZjspVBDuqtzzkv8gTSN3%2BmJwNXuymljW55rI3RiMVOLr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85a9c4b0febdd3f0-CDG
alt-svc: h3=":443"; ma=86400
content-length: 8072
expires: Sat, 02 Mar 2024 18:28:26 GMT

GET
H3

200

main.js Show response
menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame 4C8A
Redirect Chain

https://menyala.privrendom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

8 KB
4 KB

54ms
54ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

Requested by

Host: menyala.privrendom.com
URL: https://menyala.privrendom.com/cgi-sys/defaultwebpage.cgi

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95913785fce63c12db234e8bd84b9e681c6b4cddb08fcf0837f834990246b371

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWFU0FNdUgG1vEIiWZYtMh3gJJOhWeHvhleXqzNd8RHIqk%2B6CPiD32XgHIeRR2DFCEiuo8ANvwoSX39ajzrol2X59UTgNzSTpAiAFVJiPhgGIbkoTV3df6NbeN1aCl4G5hgxpcVFHjDz7s03O4zIOTnWXngc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85a9c4b1af62d3f0-CDG
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 24 Feb 2024 18:28:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qk6UgdoMSSV%2BJspTMCxeY8rfaWDeRszDKX5XJhndvvhOAmAOhsDymLtxzaIhor0bpqWi%2FivYcLiMqdoJiW5kKO649h8umBX9AAhPHCtXoG6J0K%2F%2FbmabwMwMHV8ru%2Ft9rvE28Eq4ycjrKD5TkVp%2FhMiUqkEk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control: max-age=300, public
cf-ray: 85a9c4b15f11d3f0-CDG
alt-svc: h3=":443"; ma=86400

POST
H3 200 85a9c4afabb12040 Show response
menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4C8A 0
606 B 50ms
48ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/jsd/r/85a9c4afabb12040
Requested by: Host: menyala.privrendom.com
URL: https://menyala.privrendom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Feb 2024 18:28:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPsvkyNMRqHA2ERFOpGMlDQX%2BO5bjXZN3fqWcruePEaUCK8i16US2TYGNtq0f8ValH5Be%2FxAQGjpIIIn3tlbJp7pJGal19osARcwVx%2FsDgLSNEFpWsUs944NWXPRjR%2BO5eERhtEsi5IJ9Lnp3Q9cMlvzf%2F1o"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 85a9c4b27808d3f0-CDG
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: menyala.privrendom.com
URL: https://menyala.privrendom.com/cdn-cgi/challenge-platform/h/b/jsd/r/85a9c4ae8a6c2040

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://claim.kraftonsevent.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
claim.kraftonsevent.com
maxcdn.bootstrapcdn.com
menyala.privrendom.com
menyala.privrendom.com
2606:4700::6812:acf
2a00:1450:4001:806::200a
2a06:98c1:3121::3
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
1d870336dcd7ff85781bb3cc8a5b11d25c18c50253b7b5807cb512fcf0a9c204
24186032eb5362eb6cd51976b32a7c4fe9b8874807fb8bf5914b10c82fe41e9a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
37d8bc8f4366e289be44a77aa33f0805513e0166dfd9604376d93a53ec2e012d
3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
95913785fce63c12db234e8bd84b9e681c6b4cddb08fcf0837f834990246b371
b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c
de6d36ce129340143415a2afa758f58849b22ea6dc7e1bef7801fa6d46687686
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

claim.kraftonsevent.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

81 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

97 kBTransfer

289 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

claim.kraftonsevent.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

81 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

97 kB
Transfer

289 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions