{"report_id":"32282568-dcae-47de-a5ec-669bc186a494","version":6,"status":"done","tags":[],"date":"2026-02-25T17:39:58Z","url":{"schema":"http","addr":"889212-kraken.com","fqdn":"889212-kraken.com","domain":"889212-kraken.com","tld":"com"},"ip":{"addr":"172.67.172.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"889212-kraken.com/","fqdn":"889212-kraken.com","domain":"889212-kraken.com","tld":"com"},"title":"889212-kraken.com/","dom":{"size":138,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"c64aa553575f10158e8179ad0320feff","sha1":"12f844c34820f68184d0456ef1e5ca899252a728","sha256":"1665971f11b044f60c56520d737ee3edec0023c93c3697c93a6fb0e576e857ec","sha512":"dd16fa00b55bafee32a785d9c952afc41192c915746e9d79e41a51be3979bc73af1f3467656428831d3683026c60f062912ba0298b95ff2b727f71e6af6435c3","ssdeep":"","tlshash":"23c02bdbc22002177d18b7fcbc8313440a2603d769521614600418b0d01210fc847140","dom_hash":"domhash62522e8ac12fffd33650590f02a699ad","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"889212-kraken.com","fqdn":"889212-kraken.com","domain":"889212-kraken.com","tld":"com"},"ip":{"addr":"172.67.172.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-01T17:39:58Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"889212-kraken.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"889212-kraken.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"889212-kraken.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"889212-kraken.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-24","domain_rank":0,"first_seen":"2026-02-25T00:55:21.95764Z","last_seen":"2026-02-25T00:55:21.95764Z","alert_count":6,"request_count":2,"received_data":1553,"sent_data":888,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"889212-kraken.com/","fqdn":"889212-kraken.com","domain":"889212-kraken.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-25T17:39:37.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"889212-kraken.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 21:52:26 GMT","end":"Mon, 25 May 2026 21:52:25 GMT"},"fingerprint":{"sha1":"4E:87:5D:3E:80:04:8F:0D:94:39:71:8F:A7:05:BC:93:89:92:89:C5","sha256":"3C:E8:09:AA:54:59:C3:C9:52:C3:96:D3:91:D6:86:2E:5D:EE:B4:B9:15:50:EE:5A:F6:EE:B4:27:24:57:7F:4C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 889212-kraken.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 503 Service Unavailable\r\ndate: Wed, 25 Feb 2026 17:39:37 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: DENY\r\nvary: Cookie\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S2NNmgMSuF93%2Fe0A3Qfhyb9YCYNfpdokbOPwGQRsqOUK2Hfi146kyLnf%2B3cdST6VPPwm1J0xlJA18ue9SISQFGhYnmRYiSBfVzgTCY1fHRDh\"}]}\r\ncf-ray: 9d38fbae5eafa7a8-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"2d808496e5580f8a80dde5e19aa42f7e","sha1":"73006f71ef6e8f10f3a19ddaccaba210f6550d17","sha256":"927c599a0d1f440bd5af9d7d4c5a3fa8f6ecb56d1560f5ef87d98eb05ffa71b4","sha512":"21af30838c2e028d30f6ba0e67189620a89a53eb5256ab03602cddfd3a99f43ca90b58a6a0f69c776bc8eb0d3aaaf30afa4de0a648fc75b173de16042e9d6425","ssdeep":"","tlshash":"f7b0124783205323724dc7fcfd031704536702d79a622229a01944a0e02314ed09b100","first_seen":"2026-02-24T14:02:51.556699Z","last_seen":"2026-02-25T17:39:59.110429Z","times_seen":3,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":56,"dns":26,"connect":8,"send":0,"wait":281,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"889212-kraken.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"889212-kraken.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"889212-kraken.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"889212-kraken.com/","fqdn":"889212-kraken.com","domain":"889212-kraken.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-25T17:39:37.719Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 889212-kraken.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nDate: Wed, 25 Feb 2026 17:39:37 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nX-Frame-Options: DENY\r\nVary: Cookie\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: same-origin\r\nCross-Origin-Opener-Policy: same-origin\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jxml44%2FFgNQzGs3GjCIAJFv%2FlwMIYEOXcdM1kFOvp4Lc0Rre7HGqf%2BjLjjDwQNSrhS1ELEdeFMOZalLmFacEsvWYhG%2Ft8%2FvRHWpO2%2BUMzfjE\"}]}\r\nCF-RAY: 9d38fbb0cc753ccd-ARN\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99,"size_decoded":0,"mime_type":"text/html","magic":"ASCII text, with no line terminators","md5":"2d808496e5580f8a80dde5e19aa42f7e","sha1":"73006f71ef6e8f10f3a19ddaccaba210f6550d17","sha256":"927c599a0d1f440bd5af9d7d4c5a3fa8f6ecb56d1560f5ef87d98eb05ffa71b4","sha512":"21af30838c2e028d30f6ba0e67189620a89a53eb5256ab03602cddfd3a99f43ca90b58a6a0f69c776bc8eb0d3aaaf30afa4de0a648fc75b173de16042e9d6425","ssdeep":"","tlshash":"f7b0124783205323724dc7fcfd031704536702d79a622229a01944a0e02314ed09b100","first_seen":"2026-02-24T14:02:51.556699Z","last_seen":"2026-02-25T17:39:59.110429Z","times_seen":3,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":5,"dns":1,"connect":8,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-25","alert":"Phishing Block","trigger":"889212-kraken.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"889212-kraken.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-25","alert":"Sinkholed","trigger":"889212-kraken.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}