{"report_id":"17687abe-ea95-46ec-8910-23d2d5b25406","version":6,"status":"done","tags":[],"date":"2026-04-16T15:00:58Z","url":{"schema":"http","addr":"otckraken.online","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.36.21","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"otckraken.online/","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"title":"Kraken Bank","dom":{"size":14562,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (13318)","md5":"816d22ae2509642321dacf3a7e6bee1d","sha1":"419c797ff01b6534e0fcd66e9acd9ef125b4bcbc","sha256":"3ed3b2e0eebe718d51d4f94fd3ca81cdb226dc5ab4c1b88aa82b0f54337a53de","sha512":"9896d13faf8cbbcb36cbb7871c2fc27cfde99b9bb66e7d9172252c02f744364db8655f86cf2584faaaabfaf965c308dee0aa396ad47baceb181ecb2e86536155","ssdeep":"384:X54tPFjcjyjDjHj4tgQoQ6kcKp3VxO1zVymVwySuT5mTw92syd3Du2:J4z8OvDmjzcKpjc51dz4d3Du2","tlshash":"e56284b013083e3f26578ae4f622773861fe9188c55f9a5cb6bc12f16bcac95c94e351","dom_hash":"domhash9a744f558fca98d4067d4b0ef375b2fe","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"otckraken.online","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.36.21","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-21T15:00:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"otckraken.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"otckraken.online","ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":5,"received_data":1466027,"sent_data":3179,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"fastly.picsum.photos","ip":{"addr":"151.101.65.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2017-09-14","domain_rank":452388,"first_seen":"2023-01-26T01:05:02Z","last_seen":"2026-04-14T05:40:35.035743Z","alert_count":0,"request_count":3,"received_data":262100,"sent_data":1387,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.transparenttextures.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-02-12","domain_rank":1483376,"first_seen":"2014-04-11T07:48:17Z","last_seen":"2026-04-11T20:33:46.820903Z","alert_count":0,"request_count":1,"received_data":892,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"img.icons8.com","ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2011-10-04","domain_rank":218854,"first_seen":"2017-05-26T09:10:54Z","last_seen":"2026-04-09T15:04:35.040961Z","alert_count":0,"request_count":1,"received_data":18927,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"picsum.photos","ip":{"addr":"104.26.4.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-09-14","domain_rank":29556,"first_seen":"2017-10-10T10:03:26Z","last_seen":"2026-04-11T01:31:34.44221Z","alert_count":0,"request_count":6,"received_data":263005,"sent_data":2462,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"otckraken.online/","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ced9a85c02bee80dd6fd9feb0003441f","sha1":"8149276c0537032f67c42e04e259e62bd6ed377a","sha256":"a1da90025fa60d1631d048a6403db68c28c24d2b90596bb1c3d498cd14049ad1","sha512":"830df002be26a62d127f2cd247c91d99891d19b0dd870cb09ea2841bda0c22af0d059fe38765adc4479cc6ff0f13c33c516b47517325a800c1407a2dd5b9b929","ssdeep":"","tlshash":"87f0e51b8ef9987b1973206e1c0b0316366f055741d8fa14bbfd93645fd2c38d1ab4a5","size":464,"data":"","first_seen":"2026-03-04T16:05:39.416435Z","last_seen":"2026-04-30T09:59:20.032785Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otckraken.online/assets/index-CBWCyh1S.js","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c6cac8e7ddf543ac67090dc01c3966bd","sha1":"ae249d990a75dcb901acedbee8778b87b4a746f6","sha256":"824a7e51b9787a7eee72bd2b1f62a4cf53603cb68e37a894d4f78324f59ca636","sha512":"f67f36400d24b03a9477b307ebc769ee1d840e20521657c0e568b8f27f0c47ffd74bc912286fdcb29e08fff1c2e7a18a42257b244bd3d61b6c1adb47267929b7","ssdeep":"24576:SJm+bsgLS1/ATobekQRpZJh2zjOhwOvCY0cfbjLCz:Om+bsv/ATobekQNJh2zjOhwuRfLCz","tlshash":"d5555be87295b57747e245e5503f4107f22da945b40e84a8f12cd8ea3d3884a62fffb8","size":1399550,"data":"","first_seen":"2026-04-16T15:01:04.751095Z","last_seen":"2026-04-16T15:08:11.136523Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otckraken.online/_websocket-interceptor.js","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a938e549f1b177993e69be98c3ec3aba","sha1":"ef721b25adc94fbb6d9e6cf96a3b6769ef4dcbe0","sha256":"7d6186292fb114258243b2597f1b6077a81cb356c92be070bf18100cf87d31a5","sha512":"87fd43c7817def0f00bfa16c9bc3780d77cc820573e7957cfddc325b4f7af09171addbe30fed226ff197121ca8965d6f6448d032c007134ea759288a2156e90b","ssdeep":"","tlshash":"92512f8e75fb60e448f610650b0bab81b31910976b29edd9bdfc8350afc7119c2617d5","size":2801,"data":"","first_seen":"2026-03-22T22:13:16.052436Z","last_seen":"2026-04-28T09:30:32.146459Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"img.icons8.com/color/512/shield.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /color/512/shield.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otckraken.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 18195\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: 16239\r\nicon-size: 512\r\nicon-format: png\r\nlast-modified: Mon, 13 Apr 2026 04:00:25\r\nversion: 0.0.29\r\nfrom-mongo-cache: true\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k9k7aV+doOUbStglsh1Du+uh0bEb/wfZA81prz/0so2jhLpM9AtMOBRmMU8L1DQM2w\r\nx-77-nzt-ray: e2f754208c4c243995f9e0691e796015\r\nx-77-cache: HIT\r\nx-77-age: 15319\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18195,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"f64da5e23e960fcbf5c8a1533bafc47b","sha1":"a4c60cbbc930162d1742d4c3cfa65c992650cd60","sha256":"31bb676b8cef1585e8fcc24552bb79dd10124f6d00aa23a0e7f597cfe0891254","sha512":"ac204e5577e60ac57870d7341fcb12bfeebb3a489250bae8bb6f62c983c56eef18a7b63ef811b3bac0a47a5e633ea718e367ce57c8cb58568bd05219ba819612","ssdeep":"384:SXPDzVgf+rTcazcOjOQLA75cbdv0Dbb1JZneD2H/:I7Zgfd0LA75cbdueD2H/","tlshash":"4b82d08edfd9c2f8f5f3787ec20b4a7981a0dec8c975ba04a3d54018a18225da32c295","first_seen":"2026-04-16T15:01:04.675658Z","last_seen":"2026-04-16T15:08:11.126882Z","times_seen":2,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":0,"dns":20,"connect":8,"send":0,"wait":40,"receive":2,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"picsum.photos/seed/kraken-app/800/1000","fqdn":"picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"104.26.4.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"picsum.photos","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Mar 2026 00:56:50 GMT","end":"Sat, 30 May 2026 01:56:48 GMT"},"fingerprint":{"sha1":"12:C1:58:6D:9A:D6:EE:F1:45:73:0E:CF:A5:2C:78:CD:50:FB:F2:31","sha256":"C8:18:9D:59:02:60:3D:4A:15:F6:FA:B6:E0:FF:DE:5A:A3:7C:53:17:D0:00:C4:21:D6:40:EF:2A:A2:2B:BA:CF"}}},"request":{"raw":"GET /seed/kraken-app/800/1000 HTTP/1.1\r\nHost: picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\ncontent-length: 0\r\nlocation: https://fastly.picsum.photos/id/764/800/1000.jpg?hmac=rAmWfjn18nGY9y2sdot_WN9QtzQXzFyiwqZ_fFYdIBY\r\nserver: cloudflare\r\ncache-control: public, max-age=86400, stale-while-revalidate=60, stale-if-error=43200\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3qW9AMdAmfTq0KLUxAtXZaw9sYlAJoNpEV9%2FFnhYZ0pYOMVg3abmiUvXIkMEiS1LUodoIL3doN5IrdxYs1dGIFdsJIUa7bnY7tf8azoK93vgJRhif6ZdqSchL4k6WZA%3D\"}]}\r\ncf-ray: 9ed40f85dc580daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78439,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T00:39:32.821134Z","times_seen":14448175,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":36,"dns":3,"connect":1,"send":0,"wait":54,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otckraken.online/assets/index-CBWCyh1S.js","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:36.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"otckraken.online","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 09:42:08 GMT","end":"Wed, 15 Jul 2026 10:31:39 GMT"},"fingerprint":{"sha1":"E9:CB:0C:DA:F7:65:EE:8C:A4:9E:18:FA:8B:BE:B4:17:88:C3:83:4B","sha256":"7E:3E:35:11:72:FD:A5:1D:18:CA:31:FA:86:BD:CA:E6:06:4B:9A:B1:E4:CB:B4:2B:EF:AB:78:38:B0:D2:03:F4"}}},"request":{"raw":"GET /assets/index-CBWCyh1S.js HTTP/1.1\r\nHost: otckraken.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otckraken.online/\r\nCookie: GAESA=CpwBMDA4YzE1ZmYwOGNjNGQ5ODI4MjIxYjc0ODhjNjgyYmYzMjljNDQ4MTkzOWMwYzFhOTgwNmU4N2U0NjA3ZmI4NDk1MzUzNmE1NmZlNmIzMjNjMGQ4MzdiMzI5NjU0MDY1ZGY5OWQ0ZTcxOWM3Y2RjNjJhMzBmNTgzNjhkNDg0ZWE3ZGFlNjBlYzllY2UxYzc0ZDY1Yzk1MDg4NjYwEOTZu7bZMw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\ncache-control: public, max-age=0\r\nlast-modified: Thu, 16 Apr 2026 12:28:53 GMT\r\netag: W/\"155afe-19d96440388\"\r\ncontent-encoding: gzip\r\ndate: Thu, 16 Apr 2026 15:00:36 GMT\r\nserver: Google Frontend\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1399550,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (40712)","md5":"c1f4ec097c12dbe9cce16dfe0d29866b","sha1":"854f0bcc887e187b877766b1de84535075ddf368","sha256":"a86f949ad31a338ed0d75d81cf6c0c3cae2ee47ea590df2d490a829df95fc682","sha512":"6ea839d9e8486363d36a7b9df1d44a179a2969235f16407c61217e56f6a3c1d917dd9dcf9dcab2eaf2d9c7df24ee304fb109675234d353eea22e2ed2c1dc18c1","ssdeep":"24576:SJm+bsgLS1/ATobekQRpZJh2zjOhwOvCY0C:Om+bsv/ATobekQNJh2zjOhwuD","tlshash":"e92518ec3296747243d285f5543f414bf329a856340e80a8f52dd9ea3d3984a52fbfb8","first_seen":"2026-04-16T15:01:04.689002Z","last_seen":"2026-04-16T15:08:11.122391Z","times_seen":2,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"otckraken.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otckraken.online/assets/index-Dse-JSB2.css","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:36.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"otckraken.online","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 09:42:08 GMT","end":"Wed, 15 Jul 2026 10:31:39 GMT"},"fingerprint":{"sha1":"E9:CB:0C:DA:F7:65:EE:8C:A4:9E:18:FA:8B:BE:B4:17:88:C3:83:4B","sha256":"7E:3E:35:11:72:FD:A5:1D:18:CA:31:FA:86:BD:CA:E6:06:4B:9A:B1:E4:CB:B4:2B:EF:AB:78:38:B0:D2:03:F4"}}},"request":{"raw":"GET /assets/index-Dse-JSB2.css HTTP/1.1\r\nHost: otckraken.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otckraken.online/\r\nCookie: GAESA=CpwBMDA4YzE1ZmYwOGNjNGQ5ODI4MjIxYjc0ODhjNjgyYmYzMjljNDQ4MTkzOWMwYzFhOTgwNmU4N2U0NjA3ZmI4NDk1MzUzNmE1NmZlNmIzMjNjMGQ4MzdiMzI5NjU0MDY1ZGY5OWQ0ZTcxOWM3Y2RjNjJhMzBmNTgzNjhkNDg0ZWE3ZGFlNjBlYzllY2UxYzc0ZDY1Yzk1MDg4NjYwEOTZu7bZMw\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\ncache-control: public, max-age=0\r\nlast-modified: Thu, 16 Apr 2026 12:28:53 GMT\r\netag: W/\"e778-19d96440388\"\r\ncontent-encoding: gzip\r\ndate: Thu, 16 Apr 2026 15:00:36 GMT\r\nserver: Google Frontend\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":59256,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (59255)","md5":"0fcfe02e85af35d01c92771491473b7b","sha1":"89b6f47944affdeafe0030c7c8c449dd909c545c","sha256":"2e32de09547fbf2eb9498c316df13c0dbf04e31b028a59c191b7652fa2ad6891","sha512":"e5c72df9ef59438662ed1a39427f55f51bc8d106e6e6c73dfdf4294bda23cb63b83d69d8c3e4c10d0bcbf275eecba406da43bdbb66e31aa322e2c2acf85a8d57","ssdeep":"768:+D5SBnHX/DOJ1d4t1lQlSWpnToBZ3CaUVZszWELp1sum0XjM1ZTG:ISBnHX6iyfELp1su3Y1ZTG","tlshash":"4b434060f274c97fbc2374bde3ace45c720a7086dd25a7ecba12a11226c7bf65c86514","first_seen":"2026-04-16T15:01:04.692623Z","last_seen":"2026-04-16T15:08:11.124969Z","times_seen":2,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"otckraken.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"otckraken.online/_websocket-interceptor.js","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:36.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"otckraken.online","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 09:42:08 GMT","end":"Wed, 15 Jul 2026 10:31:39 GMT"},"fingerprint":{"sha1":"E9:CB:0C:DA:F7:65:EE:8C:A4:9E:18:FA:8B:BE:B4:17:88:C3:83:4B","sha256":"7E:3E:35:11:72:FD:A5:1D:18:CA:31:FA:86:BD:CA:E6:06:4B:9A:B1:E4:CB:B4:2B:EF:AB:78:38:B0:D2:03:F4"}}},"request":{"raw":"GET /_websocket-interceptor.js HTTP/1.1\r\nHost: otckraken.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otckraken.online/\r\nCookie: GAESA=CpwBMDA4YzE1ZmYwOGNjNGQ5ODI4MjIxYjc0ODhjNjgyYmYzMjljNDQ4MTkzOWMwYzFhOTgwNmU4N2U0NjA3ZmI4NDk1MzUzNmE1NmZlNmIzMjNjMGQ4MzdiMzI5NjU0MDY1ZGY5OWQ0ZTcxOWM3Y2RjNjJhMzBmNTgzNjhkNDg0ZWE3ZGFlNjBlYzllY2UxYzc0ZDY1Yzk1MDg4NjYwEOTZu7bZMw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Mar 2026 00:35:39 GMT\r\netag: \"69af675b-af1\"\r\nexpires: Fri, 17 Apr 2026 15:00:36 GMT\r\ncache-control: max-age=86400, public, no-transform\r\naccept-ranges: bytes\r\nx-cloud-trace-context: a4ec1f1dbb1d31ca7ab21635ed21243d\r\ndate: Thu, 16 Apr 2026 15:00:36 GMT\r\nserver: Google Frontend\r\ncontent-length: 2801\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2801,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"a938e549f1b177993e69be98c3ec3aba","sha1":"ef721b25adc94fbb6d9e6cf96a3b6769ef4dcbe0","sha256":"7d6186292fb114258243b2597f1b6077a81cb356c92be070bf18100cf87d31a5","sha512":"87fd43c7817def0f00bfa16c9bc3780d77cc820573e7957cfddc325b4f7af09171addbe30fed226ff197121ca8965d6f6448d032c007134ea759288a2156e90b","ssdeep":"","tlshash":"92512f8e75fb60e448f610650b0bab81b31910976b29edd9bdfc8350afc7119c2617d5","first_seen":"2026-03-22T22:13:16.052436Z","last_seen":"2026-04-28T09:30:32.146459Z","times_seen":46,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"otckraken.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"picsum.photos/seed/kraken-app/800/1000","fqdn":"picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.356Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /seed/kraken-app/800/1000 HTTP/1.1\r\nHost: picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T00:39:32.821134Z","times_seen":14448175,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fastly.picsum.photos/id/93/1000/800.jpg?hmac=89dww45V2jsKiDSPmGFFDsjkqEziTaB4U_CTEB_UyBI","fqdn":"fastly.picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"151.101.65.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fastly.picsum.photos","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 06:42:45 GMT","end":"Mon, 08 Jun 2026 06:42:44 GMT"},"fingerprint":{"sha1":"02:E1:D8:F7:3C:5B:F4:D4:60:C6:79:58:3B:BE:0D:27:01:67:CB:E1","sha256":"8E:C7:B3:94:18:FC:5E:64:D3:8F:48:07:0E:4E:5E:67:D9:31:C8:E0:7D:29:97:AE:4E:E2:3F:74:3C:E2:F7:95"}}},"request":{"raw":"GET /id/93/1000/800.jpg?hmac=89dww45V2jsKiDSPmGFFDsjkqEziTaB4U_CTEB_UyBI HTTP/1.1\r\nHost: fastly.picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: image/jpeg\r\ncache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable\r\ncontent-disposition: inline; filename=\"93-1000x800.jpg\"\r\npicsum-id: 93\r\ntiming-allow-origin: *\r\naccept-ranges: bytes\r\nage: 2072\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410028-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1776351638.655551,VS0,VE1\r\nvary: Origin\r\ncontent-length: 169948\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":169948,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1000x800, components 3","md5":"5c14010e6d798be02fa53f42cec54e75","sha1":"12705e5778122ecdc1d85b776b8e88579c7a10ba","sha256":"30e875ae232be90c64093641901802e2acf7ed308faf00923059017cb78a9b28","sha512":"07fdd01a907d4caaca0da666cc36fd9ffef3aef71d39b5c290679587a90a43227139ee74efe734242e9bf6805d992ce705dbd04834e09db7a18bb21866456437","ssdeep":"3072:79Fn72FfqchfB9KRDW8RoNuKdJbnQTeCav2KN4sjXpdoVIfdqW6IjBPEV5nr5l+W:79F72Ff3hZ9KRy8tKdJbQ6CzKBjX/fd+","tlshash":"a5f31209fb488c6a5b519832d0615f84071547eb179c07a3a7f1792f32f7aa168e0dee","first_seen":"2026-04-16T15:01:04.705509Z","last_seen":"2026-04-16T15:08:11.130086Z","times_seen":2,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":84,"dns":44,"connect":13,"send":0,"wait":15,"receive":34,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otckraken.online/","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-16T15:00:36.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"otckraken.online","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 09:42:08 GMT","end":"Wed, 15 Jul 2026 10:31:39 GMT"},"fingerprint":{"sha1":"E9:CB:0C:DA:F7:65:EE:8C:A4:9E:18:FA:8B:BE:B4:17:88:C3:83:4B","sha256":"7E:3E:35:11:72:FD:A5:1D:18:CA:31:FA:86:BD:CA:E6:06:4B:9A:B1:E4:CB:B4:2B:EF:AB:78:38:B0:D2:03:F4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: otckraken.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\ncache-control: private, max-age=0\r\nset-cookie: GAESA=CpwBMDA4YzE1ZmYwOGNjNGQ5ODI4MjIxYjc0ODhjNjgyYmYzMjljNDQ4MTkzOWMwYzFhOTgwNmU4N2U0NjA3ZmI4NDk1MzUzNmE1NmZlNmIzMjNjMGQ4MzdiMzI5NjU0MDY1ZGY5OWQ0ZTcxOWM3Y2RjNjJhMzBmNTgzNjhkNDg0ZWE3ZGFlNjBlYzllY2UxYzc0ZDY1Yzk1MDg4NjYwEOTZu7bZMw; expires=Sat, 16-May-2026 15:00:36 GMT; path=/\r\ncontent-encoding: gzip\r\ndate: Thu, 16 Apr 2026 15:00:36 GMT\r\nserver: Google Frontend\r\nexpires: Thu, 16 Apr 2026 15:00:36 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"a77ab57a678fe89d215d6a6b66db5517","sha1":"bfcde1930f3f75e62971f113eb39dcf389097ea8","sha256":"25feed37ff54462fca080793d759cbe7efdbf92d30044c2cb5da7a31ac765f5e","sha512":"608741c799eba98a803d3774f224492a2e4bf0aaa21f8b6ecc583a2d6375e273bfab3a8d2b597e945a22656a6d32869a02a8767a50d3258525c27d406f7d780d","ssdeep":"","tlshash":"69210247cdf19c1b053354685e83f10c6e6a581b81c8ea44b7fd92b84fc2ae5c8db579","first_seen":"2026-04-16T15:01:04.712713Z","last_seen":"2026-04-16T15:08:11.12867Z","times_seen":2,"resource_available":true,"data":null}},"time_used":718,"timings":{"blocked":323,"dns":80,"connect":8,"send":0,"wait":72,"receive":0,"ssl":231},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"otckraken.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"picsum.photos/seed/kraken-pro/1000/800","fqdn":"picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.363Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /seed/kraken-pro/1000/800 HTTP/1.1\r\nHost: picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T00:39:32.821134Z","times_seen":14448175,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.transparenttextures.com/patterns/carbon-fibre.png","fqdn":"www.transparenttextures.com","domain":"transparenttextures.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"transparenttextures.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Feb 2026 02:23:50 GMT","end":"Wed, 20 May 2026 03:21:41 GMT"},"fingerprint":{"sha1":"4E:C1:01:27:63:E7:58:7F:F4:5C:02:FA:C5:C0:18:87:21:C4:AE:12","sha256":"E0:34:23:45:6A:3E:6A:EF:E9:AB:59:A5:1B:CE:20:5D:6E:55:F8:D2:2A:AC:47:C0:34:ED:E3:F6:BF:31:31:81"}}},"request":{"raw":"GET /patterns/carbon-fibre.png HTTP/1.1\r\nHost: www.transparenttextures.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otckraken.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 144\r\nserver: cloudflare\r\nlast-modified: Mon, 04 Jul 2016 09:04:18 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"577a2692-90\"\r\nexpires: Sun, 19 Apr 2026 07:00:14 GMT\r\ncache-control: public, max-age=2592000\r\naccept-ranges: bytes\r\nage: 2361623\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ga8BHfLPVgUSGO%2Fb0shR999fPQNQBL67cTA46Km7xLCjfaCPrnwgHk1r3yQ2H4iNBR%2B0fY7L3WsfwBmd8zhBJF80xfA2Ozhe5qabFqjrg4Uac5x2nNu2hJ9%2BC%2FAgDkNV32tie%2FUcFasR1gfsjg8%3D\"}]}\r\ncf-ray: 9ed40f860d415697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 22, 8-bit/color RGBA, non-interlaced","md5":"8bb232d29f3842db4cecd54785edf256","sha1":"f84ad6d75c01f5865641dba32416e817dee06ff5","sha256":"acb288e1bc5ee834750cd3ad8c1f78db0c82de133d6750836186f72c54d8c2c6","sha512":"3ea65ad6d4d677a46dd3b99b19f14b4c5ce691484efaaf74bc5272b1a243326f977d59cf882d1b4a2314c43c299b090f42835dece94f69c778381021612a886c","ssdeep":"","tlshash":"34c08cc25a32be28fafa0476d282d208b86782671d21480911159810ac12104714070a","first_seen":"2023-12-26T17:46:29Z","last_seen":"2026-04-30T08:24:04.477964Z","times_seen":174,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":61,"dns":35,"connect":1,"send":0,"wait":9,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fastly.picsum.photos/id/764/800/1000.jpg?hmac=rAmWfjn18nGY9y2sdot_WN9QtzQXzFyiwqZ_fFYdIBY","fqdn":"fastly.picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"151.101.65.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fastly.picsum.photos","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 06:42:45 GMT","end":"Mon, 08 Jun 2026 06:42:44 GMT"},"fingerprint":{"sha1":"02:E1:D8:F7:3C:5B:F4:D4:60:C6:79:58:3B:BE:0D:27:01:67:CB:E1","sha256":"8E:C7:B3:94:18:FC:5E:64:D3:8F:48:07:0E:4E:5E:67:D9:31:C8:E0:7D:29:97:AE:4E:E2:3F:74:3C:E2:F7:95"}}},"request":{"raw":"GET /id/764/800/1000.jpg?hmac=rAmWfjn18nGY9y2sdot_WN9QtzQXzFyiwqZ_fFYdIBY HTTP/1.1\r\nHost: fastly.picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: image/jpeg\r\ncache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable\r\ncontent-disposition: inline; filename=\"764-800x1000.jpg\"\r\npicsum-id: 764\r\ntiming-allow-origin: *\r\naccept-ranges: bytes\r\nage: 2072\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410028-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1776351638.663780,VS0,VE1\r\nvary: Origin\r\ncontent-length: 78439\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78439,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 800x1000, components 3","md5":"b34072af298da405c96ef090cea78a16","sha1":"607872794dafbd764f30ed79817490bef73da01b","sha256":"fcdb17cb1e877489f8661bd7b66c8399df4ddb91c3604c71c9f3cdfe5162a84a","sha512":"e23ef5630bc5fa9e2fa3b433e7ee16da445c4f98e819747729297c3c672bc6dfee0880d28fd161223996c8aed23c94bdf07ef49cd3c9193d3a86ec84a6749876","ssdeep":"1536:mPaJdJ8dcvQj9bn4wl+eXslBgFX38i7/eUfyxaCA3VyAUjBsk2af:maJ7+L4wlulBgFH8i7lyZGVjyBz/","tlshash":"937312a69ec0285fe1f9d839af79ffbca760af9175bd446359002f4015289a0c7920bd","first_seen":"2026-04-16T15:01:04.730079Z","last_seen":"2026-04-16T15:08:11.127745Z","times_seen":2,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":94,"dns":46,"connect":16,"send":0,"wait":28,"receive":15,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"otckraken.online/favicon.ico","fqdn":"otckraken.online","domain":"otckraken.online","tld":"online"},"ip":{"addr":"216.239.38.21","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"otckraken.online","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 09:42:08 GMT","end":"Wed, 15 Jul 2026 10:31:39 GMT"},"fingerprint":{"sha1":"E9:CB:0C:DA:F7:65:EE:8C:A4:9E:18:FA:8B:BE:B4:17:88:C3:83:4B","sha256":"7E:3E:35:11:72:FD:A5:1D:18:CA:31:FA:86:BD:CA:E6:06:4B:9A:B1:E4:CB:B4:2B:EF:AB:78:38:B0:D2:03:F4"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: otckraken.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://otckraken.online/\r\nCookie: GAESA=CpwBMDA4YzE1ZmYwOGNjNGQ5ODI4MjIxYjc0ODhjNjgyYmYzMjljNDQ4MTkzOWMwYzFhOTgwNmU4N2U0NjA3ZmI4NDk1MzUzNmE1NmZlNmIzMjNjMGQ4MzdiMzI5NjU0MDY1ZGY5OWQ0ZTcxOWM3Y2RjNjJhMzBmNTgzNjhkNDg0ZWE3ZGFlNjBlYzllY2UxYzc0ZDY1Yzk1MDg4NjYwEOTZu7bZMw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: Express\r\ncache-control: public, max-age=0\r\ncontent-encoding: gzip\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\nserver: Google Frontend\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"a77ab57a678fe89d215d6a6b66db5517","sha1":"bfcde1930f3f75e62971f113eb39dcf389097ea8","sha256":"25feed37ff54462fca080793d759cbe7efdbf92d30044c2cb5da7a31ac765f5e","sha512":"608741c799eba98a803d3774f224492a2e4bf0aaa21f8b6ecc583a2d6375e273bfab3a8d2b597e945a22656a6d32869a02a8767a50d3258525c27d406f7d780d","ssdeep":"","tlshash":"69210247cdf19c1b053354685e83f10c6e6a581b81c8ea44b7fd92b84fc2ae5c8db579","first_seen":"2026-04-16T15:01:04.712713Z","last_seen":"2026-04-16T15:08:11.12867Z","times_seen":2,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-16","alert":"Sinkholed","trigger":"otckraken.online","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"picsum.photos/seed/simple/400/300","fqdn":"picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.360Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /seed/simple/400/300 HTTP/1.1\r\nHost: picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T00:39:32.821134Z","times_seen":14448175,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"picsum.photos/seed/simple/400/300","fqdn":"picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"104.26.4.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"picsum.photos","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Mar 2026 00:56:50 GMT","end":"Sat, 30 May 2026 01:56:48 GMT"},"fingerprint":{"sha1":"12:C1:58:6D:9A:D6:EE:F1:45:73:0E:CF:A5:2C:78:CD:50:FB:F2:31","sha256":"C8:18:9D:59:02:60:3D:4A:15:F6:FA:B6:E0:FF:DE:5A:A3:7C:53:17:D0:00:C4:21:D6:40:EF:2A:A2:2B:BA:CF"}}},"request":{"raw":"GET /seed/simple/400/300 HTTP/1.1\r\nHost: picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\ncontent-length: 0\r\nlocation: https://fastly.picsum.photos/id/873/400/300.jpg?hmac=Mqu8T8rj9k1k3m9whFAQc2rtU5tZTFENmLEhHrfHz7Q\r\nserver: cloudflare\r\ncache-control: public, max-age=86400, stale-while-revalidate=60, stale-if-error=43200\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sp4YyZys%2B4NI7ONr2x6EkICHfmPvnFKdAbNbyYZWPXyAEyj25p6A1kC%2FuWpCA8FzWji4bKY38KPDnKgumGxrDpIP6u13cfdVeDVyNtbn4JQaq4W4C1gYHHWUfeUuN3Q%3D\"}]}\r\ncf-ray: 9ed40f85ec910daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12203,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T00:39:32.821134Z","times_seen":14448175,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":44,"dns":2,"connect":4,"send":0,"wait":54,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"picsum.photos/seed/kraken-pro/1000/800","fqdn":"picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"104.26.4.30","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"picsum.photos","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Mar 2026 00:56:50 GMT","end":"Sat, 30 May 2026 01:56:48 GMT"},"fingerprint":{"sha1":"12:C1:58:6D:9A:D6:EE:F1:45:73:0E:CF:A5:2C:78:CD:50:FB:F2:31","sha256":"C8:18:9D:59:02:60:3D:4A:15:F6:FA:B6:E0:FF:DE:5A:A3:7C:53:17:D0:00:C4:21:D6:40:EF:2A:A2:2B:BA:CF"}}},"request":{"raw":"GET /seed/kraken-pro/1000/800 HTTP/1.1\r\nHost: picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\ncontent-length: 0\r\nlocation: https://fastly.picsum.photos/id/93/1000/800.jpg?hmac=89dww45V2jsKiDSPmGFFDsjkqEziTaB4U_CTEB_UyBI\r\nserver: cloudflare\r\ncache-control: public, max-age=86400, stale-while-revalidate=60, stale-if-error=43200\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RYoiAnl8XZOutKNwm%2B3NePCNU1M6WKxgQmBOQJnP3Qe7fNs3HUAIGGO0hOChbIKZC23iEo0TSDeQL2hH2OQSLhLKZXkbtY1Y4yOhNMBo09cMncmb7VkLSwpSldvr9Lo%3D\"}]}\r\ncf-ray: 9ed40f85ec9b0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":169948,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-01T00:39:32.821134Z","times_seen":14448175,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":44,"dns":1,"connect":4,"send":0,"wait":53,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fastly.picsum.photos/id/873/400/300.jpg?hmac=Mqu8T8rj9k1k3m9whFAQc2rtU5tZTFENmLEhHrfHz7Q","fqdn":"fastly.picsum.photos","domain":"picsum.photos","tld":"photos"},"ip":{"addr":"151.101.65.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://otckraken.online/","date":"2026-04-16T15:00:37.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fastly.picsum.photos","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 06:42:45 GMT","end":"Mon, 08 Jun 2026 06:42:44 GMT"},"fingerprint":{"sha1":"02:E1:D8:F7:3C:5B:F4:D4:60:C6:79:58:3B:BE:0D:27:01:67:CB:E1","sha256":"8E:C7:B3:94:18:FC:5E:64:D3:8F:48:07:0E:4E:5E:67:D9:31:C8:E0:7D:29:97:AE:4E:E2:3F:74:3C:E2:F7:95"}}},"request":{"raw":"GET /id/873/400/300.jpg?hmac=Mqu8T8rj9k1k3m9whFAQc2rtU5tZTFENmLEhHrfHz7Q HTTP/1.1\r\nHost: fastly.picsum.photos\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: image/jpeg\r\ncache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable\r\ncontent-disposition: inline; filename=\"873-400x300.jpg\"\r\npicsum-id: 873\r\ntiming-allow-origin: *\r\naccept-ranges: bytes\r\nage: 2072\r\ndate: Thu, 16 Apr 2026 15:00:37 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410028-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1776351638.651465,VS0,VE1\r\nvary: Origin\r\ncontent-length: 12203\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":12203,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 400x300, components 3","md5":"35011df72b37c825de5b8c9e53e89521","sha1":"782880f9b696fb0a0d70ec8aa7989040ab9a907a","sha256":"048499bf61cf9ba6a79fe74aa91434d1f7a399ad4ef60032627288b2e54e7934","sha512":"3efa4fbfd0e55f1a9c575197e93049c4b4d4edd078532ead566509f954df10d6473376901585b523ba02fe0b906f07e4dee960dadb7a0ff17247629751c71173","ssdeep":"192:mZqEbj3/RM5FYX0RmxavVDYS0tMIY4rKjLqHnQb/N3PLyqXQxC4qpAYMofvu8Ei3:mQEbb/Qmx8mtM34wLqwTRyqgpqpf5fGu","tlshash":"6f42b039576a8a53cb3f42b85a936703f263d60c2e8709366719cff42848fb4e47155c","first_seen":"2026-04-16T15:01:04.733983Z","last_seen":"2026-04-16T15:08:11.134396Z","times_seen":2,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":80,"dns":45,"connect":13,"send":0,"wait":15,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}