{"report_id":"41a4d6d2-542e-4981-8933-59f0ab985bfa","version":6,"status":"done","tags":[],"date":"2026-02-08T21:45:56Z","url":{"schema":"http","addr":"krakens-pro.com","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":0,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"krakens-pro.com/#/","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"title":"Kraken","dom":{"size":203340,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (40058)","md5":"a614eab0ba5e084fb667a330c335e09d","sha1":"cf1a8ae51a4ae8ad4b1fb5f62924e997229a0ade","sha256":"fa6caaa0b8fa5fa95d6cdf3da1f91f691c13918658b501e04319c1000e8dd2ff","sha512":"9cbe435af14cd3390c4558f1c2b1560f075cb5a49cdbe0280b4299d605b18dd795d0773e4da4367a3acbdb60d50f10f1ad4b6c6d109d8cd161ac8041e5e1bdc9","ssdeep":"3072:lsp0NVr7fnaM/51fuPlIHGvXNWPf1f4yH9sUnbauJ9BxEuMa8Qc1tblK1mklU5Qr:9rr7fnFwc2XcP","tlshash":"de14c761b689241ee93bc984e0997b78b56f6e71c30a9fd6f72137248fc29d3221131d","dom_hash":"domhashd537b225f22d5d2bc462c1df2ebe7a5a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"krakens-pro.com","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":0,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-15T21:45:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.krakexnsstrong.com","ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-08T19:14:13.741099Z","last_seen":"2026-02-08T19:14:13.741099Z","alert_count":0,"request_count":1,"received_data":227,"sent_data":597,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"111.231.169.247","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-02-04T15:02:37.513902Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":446,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"krakens-pro.com","ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-08T21:45:58.04217Z","last_seen":"2026-02-08T21:45:58.04217Z","alert_count":88,"request_count":44,"received_data":2800889,"sent_data":31514,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"krakens-pro.com/static/js/index.9e8dad38.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b3a11a9bce9b0b2ea7abed6bf6e1280","sha1":"abbc97d3632fe96fca279f4294b107f04fcfea1c","sha256":"b4590e0d67bef174a7a1fdb700da410db1d814194f9658941be2f7c22c6e1de5","sha512":"dd70c5c0e1d77a97064dfd19d0593455a3ce5dc65650932dfec8a7689e3db139a843578111ea3a567705655eb5d4fe9e81ad0d89d02a20a5eda635b132133eea","ssdeep":"12288:358Xy5PauVWdFmK+Gld4k8D9emBaVr/PiHkBDsxGnScF4uwW8uwgoZqcQ+A9hNJi:J8OhVWdFm2VDsxGnScCfTA9c","tlshash":"54b47e9b7bcc725c09497a4af04fbebee5bb1cf1a356e0c141e82b2127e0e95c216574","size":512122,"data":"","first_seen":"2026-02-08T19:14:18.84849Z","last_seen":"2026-02-09T10:35:46.516127Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/chunk-vendors.8e1fb2cc.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8705018cd82756eb1f3927a1afc0f6b8","sha1":"317159b388153441cb2c0ff9ca88c077bfceebbc","sha256":"dff16b4ab8a9abe33907d71fc5575a715065b4b3f680e41daaf55d5b2a60cc3f","sha512":"6b8f772d6612a6a83716d3d6fa3fa608a8f3d0d0348a38c1624704d0135bed0b5d4b070ed92487c6b8d1b6e81b3c87c7f030c2d8d2a874e4419064050a448a59","ssdeep":"24576:SUXfInMVZWDUp1FfdOR66YAsIfvzJHBzehfmjzGA:SUXfInMVZWDUp1FfdOR66YAsEZ4mjSA","tlshash":"f9552a8df186b0b147e720b5403f260bb23b6a69b40e8495f665e4d1ac78d8e5237f7c","size":1393351,"data":"","first_seen":"2026-02-08T19:14:18.850664Z","last_seen":"2026-02-09T10:35:46.514974Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/pages-index-index.43ff5783.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"898448c9bd5e8d6ef53d315cdea827fc","sha1":"351c0e7929224c35a0b55761bc2d9b2b6a7dbeb4","sha256":"b06a5a40ae3f3b0f70ac218f985a5dbe7e846bb07f77660bfd8c3b17642170b1","sha512":"0d4daf94ffa06d6201eaccafbfa85e680c5845f3919a2ada9f58e0bf9da7b175d56e667309565a31e193f4c4fb8be7b62a366cf5d9b5a28cde61ec2be5d052c2","ssdeep":"1536:U+sXKZn6K3elKbhoBlqWo8kjW3DVf8zYONE:pephkjiR","tlshash":"80732a14f08bf02fa85bd024206f6a1450362f65d115bfacf376a5d88eee6de2163b5c","size":79613,"data":"","first_seen":"2026-02-08T19:14:18.843454Z","last_seen":"2026-02-09T10:35:46.473923Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/pages-assets-index~pages-help-center-center~pages-index-index~pages-my-my~pages-template-index~pages~b3704ff9.b773dd6a.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f859d14fe39edcb03812712f505c2761","sha1":"2815db46a64e229fab8d72208800c560298b5d03","sha256":"15c2e11c7ac1efa736c851cb64b91986498b9ae2fee6e48387f61c453cbe5d36","sha512":"48ab6a5b5bc9f8ea9270c4791df535b091fc970b02cf953786f113671c12c6337b73190e624922ecaaa20beea5bc3a8e19e705f7a9c6d5f8da11a62a2352c2d3","ssdeep":"384:aHLKgcjwyIUpH1BGtfb+3j9ytmyKHIPquJOHhrGq0V:YypG1Y9wqKOHhrGq0V","tlshash":"5662c778b0cab0371a87d12520af3a04512b7995c418eff4f7b5f0e54bf91cd226ab5a","size":15053,"data":"","first_seen":"2026-02-08T19:14:18.793712Z","last_seen":"2026-02-09T10:35:46.495855Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/pages-assets-deposit-charge~pages-assets-index~pages-assets-record~pages-assets-tradeAccount~pages-a~827c4946.b37c8cac.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57464dd77acd6b7465c9b03b528be0c3","sha1":"be81d53242bb0c99bfcc63e5db88ca7307bcbea4","sha256":"b5a53722025030cb68040544dc19ff2c53d9ae708779d299fffb5112d306faf9","sha512":"b4de85842ba99b7e64a83b020e4d0374a91cb44aaedc4ebd1e6c83aa680cb30e0577beb4284ac8fa250415f8c803419df3eec5dc7369b582e2a2bc0745c6eeac","ssdeep":"1536:dFTsYId0FHoMqu7NdEAaM2Ol51hwJX2RcJZHYpN7xCIx/+eJF4cL3nnisGQaOmvd:ddsp0NVr7fnaMj51hwJX2RcJZHYpN7xy","tlshash":"4343fbe6e10c0cd17f7bcc8f6240235f6549ff62d9968dd8f126264c8de23a021a977a","size":55378,"data":"","first_seen":"2026-02-08T19:14:18.83858Z","last_seen":"2026-02-09T10:35:46.494588Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/pages-index-index~pages-publication-details.3baea1c0.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c1f69c00f0ba2389a87a0b8a6f80049","sha1":"0147446a71c4dba7718589ef0ff2e6af05fcd87e","sha256":"293679e8fd5878681f8de40e0ef66d4c1aab8db604527d580feda0124560a383","sha512":"d163d050b31aec9940af0027b8e337f995625291adde574aec872b8d9efb99a42ae7ead58ccbbb5d941c3d1a7a4c6c3b270add8bf4ca1a8f468d3fcb5a385e20","ssdeep":"384:tA5CFlqPQgnXl0HqVs5jxUvYYRFkGbscGTsZa:tA5C3qh8VUvLRFkGbKaa","tlshash":"7572f98cf0c6b415069761b2803f6705013aa985b1179b9cb7baeaf14e6998c3363f7d","size":17048,"data":"","first_seen":"2026-02-08T19:14:18.817351Z","last_seen":"2026-02-09T10:35:46.480091Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"93368157fb131b56a45d6f60f8b40342","sha1":"ea2a25edb7b00c3e0a06650f02fded5bd87dfa20","sha256":"c48d4859bc082aa591168f7d7230bef438ecc2b3074e707c83864e11ec1a891f","sha512":"366c90d022f7fd6718d76460de51a154cf6cf8bf8e3aefa2e0e736cbba24ec53506485331abd3c3c2a7e6ae00c9a3b957a9aa675ecdd389afca7863ad8365908","ssdeep":"","tlshash":"c8e068c260a6294c02208016304ac1031bb608729ec149613c4c67a58fb9f4bc46e859","size":352,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-24T07:27:15.520861Z","times_seen":4123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-07T08:18:02.151537Z","times_seen":15899,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"krakens-pro.com/static/images/tabbar/tabbar-trade-dark.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-trade-dark.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-a33\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2611,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit/color RGBA, non-interlaced","md5":"7111f84eded0b3ea2dc4ca9a7c616b7e","sha1":"1ad33b1e551c0ea721ce5b01a24b34d26ae4b3ba","sha256":"e8a3f96249ec55f58f1834b64afaf1177984cdb4d363d5b06fe635d8384cb0e5","sha512":"dfbb1fe04fe1de4ef2aca236e0631aa2c0c853ee5b7e8457e15740ab5879159ad1bb6d4e57bcdf95a8976aec6526a2a67a4bcd9d23fb1d547234f5bdf92bb3c4","ssdeep":"","tlshash":"97513a47c27107b9ebeb833be7040808d945101d4c5689587aa62948ee6b3f82bcd37e","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-05-04T13:31:01.67919Z","times_seen":26,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/chunk-vendors.8e1fb2cc.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:35.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/chunk-vendors.8e1fb2cc.js HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-1542c7\"\r\nexpires: Mon, 09 Feb 2026 09:45:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1393351,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (20052)","md5":"e6af54a230932814e602578c3f27703e","sha1":"f7e8565bbf642bc15d3ed44e0c5ca656f6924f99","sha256":"36080d491456dff6ee718b092c082432aef9ea37f8587fcc5e5926b8e38ab6c2","sha512":"8bc093d2a632a80c425d536ee80c76e51e96721f0914ba8b16c4042dfca1296661531bd59a3e7b82694a4c90e7c6b560ad6052348dc448090d93aa7a5516b095","ssdeep":"24576:SUXfInMVZWDUp1FfdOR66YAsIfvzJHBz+:SUXfInMVZWDUp1FfdOR66YAsEZM","tlshash":"e235198db186b07147e720b5403f220bb23b6969b40e8499f675e4e5ad78d8d123bf7c","first_seen":"2026-02-08T19:14:18.816001Z","last_seen":"2026-02-08T22:57:46.422331Z","times_seen":4,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/favicon.ico","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:38.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IjgzdXp4TENrZ1wvZk1QNVRVWGZmR3NBPT0iLCJ2YWx1ZSI6IkZvZmY0bktuS29jdFhVbWx3cVJcL2hINklHVzhUNjZSSmM4NE1RWFRNVEF3YlAyUkRTcVRCcUNnMlkwR2hWcGtvWTB4Nkp4K0NOTjJGd1RlQTgzUUdnek00aElCWDFoWkw5UzZUTGh0NGJcL3lYTFpcL2NTOHpBQnRRRTJTWndoN3lGIiwibWFjIjoiNDRlY2M4MjI4YmFlYmYzYWFmMmQyNDQzZDcxMDNmOTQ4OTdmODAyMmZlNWUxYmE1NzI1MzYzZDFiMTljNWE0MSJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:38 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 13952\r\nlast-modified: Sat, 31 Jan 2026 22:49:36 GMT\r\netag: \"697e8700-3680\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13952,"size_decoded":0,"mime_type":"image/x-icon","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 459x465, components 3","md5":"748f25583b6fae1a370dfbf5132bd953","sha1":"0f88963e0d6a0c80eba389c70d34931572cee7d4","sha256":"c034a7daaca915341227171303e08c9a0051e9488850dfb4170a0c11a375f287","sha512":"9544136947c4e979cbe1fe9f70cde195995c0d1d733e72260be40b6902b462a21f283ef29b85515208f59e0aa9c3ee1d6ebe53a5ccb140a83ee65fcce9b9ace8","ssdeep":"192:KgGN39OVyn6OtqjEhZNqNkGDx3j4CGyNd3kc31NndrDTPybIOVMxw0giFA+BOUG8:x1sBqQkx0WHFHDTPE50g0A+BOHowsjx","tlshash":"1e52bf866265aad5eabe0a3fc23c4cb20f2ba15c2d08c1ef551045e6fe1e7246e46d25","first_seen":"2026-02-07T12:28:02.09111Z","last_seen":"2026-02-11T10:37:47.484641Z","times_seen":9,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/currency/quotation_new","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:42.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IlA4eU5kSXd5TXhaSTdIblVEMzV5SkE9PSIsInZhbHVlIjoiVDZpNVZYVWdIcmpLb2NtV0tPS1V6bUo2R3hjWGhHTm1vMFgxTFR5cXo1ekg3K3RvTDlwZ3hcL0F3bWthcDNVczVkcVFlOFlXc0NsUHVYSEJzZTF3Mnd3Zlh3d3V4TTFpQlN4R1hGNCtYb2ZqWTZ1QzlFZW9sQXZTaWxDSXNNSHRBIiwibWFjIjoiNWZmYTA3YjgzMGJjZWJjNTMzYTUyMGE2M2YwMDlmYTkwZDQ4NWI2ZGJkMmJhYWQ1NWIxZDY3YTZkZmY0YmFjZCJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:42 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6Inc4Ukx4eEFwK1BHeUZqU3ZzSWpCdHc9PSIsInZhbHVlIjoiSHJEZE1cL2ljRDdOdEhFeEJ2Y09xTHBvZXZrMHF6N0c5djhBWVZpUVc4QTVHQ2lPMGdpOWo5aHZEXC9TUHJyY0VqMUJsODkxUVwva2RHa1wvblVxXC90M0pDcU5BN3dQNzRQQ1wvVWhiMGZPa0FSUEV2WXYwXC8rN3k1UlwvamRranZlTTNYRCIsIm1hYyI6ImMzNDYwZWYyMWI0MTg2MTg2N2U2MDE3ZGIzOTAxZmYwZDBhZjUzZDNiOTlhNDljYjhiNWVkMWZkM2E2YWU4MjQifQ%3D%3D; expires=Sun, 08-Feb-2026 23:45:42 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14883,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"38387e5d06b5ac634ce364b875de07ca","sha1":"18dd8046b7fc2eb72779e6ac05c08790d0ad283a","sha256":"dd93715d7d993cab7d001e949a4e17558ecf2a712d14095802e76f79e8ee3d58","sha512":"3d1aaf0fdffd8600d4d7c60b5f1ac70c2700ee82fc36de42db9935632bb6473ebd9ab2902346030ebdca1572ff6d719096768f1e1fc7b44b22f6336fb667fd9a","ssdeep":"384:Ei8OagbXbjp7m6U9nVHH3s8Oi/zCdV6o9G1Am5A:Ei8LoXvp7m6knVnc8Oi/zCdV6o9G1Amy","tlshash":"23627d9d361c9a78c6f6aec1dedf32aa3554b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T21:46:03.511675Z","last_seen":"2026-02-08T21:46:03.511675Z","times_seen":1,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":427,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/common/lm_3.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_3.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-631\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1585,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 29 x 26, 8-bit/color RGBA, non-interlaced","md5":"7e5274c84ee7d974cdba7500c76a1b2e","sha1":"4d0760d8ec261e132cec3dc399724d24e7d28a38","sha256":"79303baa446dcbd527ac1ff610fabd8f92c50daf5ff54bbe847ec90582cc5e44","sha512":"d0b462d43ad57f0e1ff22a4a50f12d2fea626cc840b38b18ab0b9c3700087e140b8c1515954f22ad9f50f0a3fa5ce3b8c8937c978ce60d396c65458a3db36581","ssdeep":"","tlshash":"1e31e7d8f623c481cacdb9e118fa8117b50b8c91669aa45d29cbc0291821af708748ef","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-06-18T21:00:52.820816Z","times_seen":130,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/upload/20260201033214/1769934734399578.jpg","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033214/1769934734399578.jpg HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IjVMc1IxMGh2WVF6MG9tdDM2R3V6UUE9PSIsInZhbHVlIjoiaW1sYjNNUUVBZ1B1XC9qUmJjbTdBTkRGV3U2SVgyempGNDI5bnJTdVVWZEhFTzJvVWRNcGRhOGpFMjNWMDFSVWFoenVyc3hnVEVFUlExUG15OCttZFh2RTFHSzg3KzlRc2N2bzkxRkpjRVVpbTFBV3UwUmxwUjNiUzFEcm5YQk9xIiwibWFjIjoiZTRkYzkzNWRmYjE4MjZmNTcyN2M4ZmEwMTQwNzgxNGUzNThmYWZjYTZkMGFhMTEzNTdhNjUwNWIyNDg5ZTEwNyJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:38 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:32:14 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f0f8e-1a229\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107049,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 745x300, components 3","md5":"9cd55711f4f589d9cbf7b6e751368683","sha1":"b3900dd622ac6662da1d5a91a420a03ed6aad94a","sha256":"60ef29d62edf9eb513b9657ae8bd6731934d46b9031db1402c7c867bb89c51a6","sha512":"9146037c3f153a9dad1c4563c6c201fc67050cf60d6bf8bd2f895094211cfcf9b4afc9bdac2d599e0fa487d3112cae83bb7309dcb38b3cd0cbac2bdfcf3c4297","ssdeep":"3072:Rk+xKvXX7+5nDdfa6GFPh0nnEHSzwFIa5Mi31:fMHMRaFPynb8FT5V31","tlshash":"11a312cf8a7e863bc01934ba621070ffd6b6baa68d12187ff5d54d4ce622e1f1901d85","first_seen":"2026-02-08T19:14:18.778488Z","last_seen":"2026-04-29T03:04:13.960952Z","times_seen":6,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/currency/quotation_new","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:40.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IjgzdXp4TENrZ1wvZk1QNVRVWGZmR3NBPT0iLCJ2YWx1ZSI6IkZvZmY0bktuS29jdFhVbWx3cVJcL2hINklHVzhUNjZSSmM4NE1RWFRNVEF3YlAyUkRTcVRCcUNnMlkwR2hWcGtvWTB4Nkp4K0NOTjJGd1RlQTgzUUdnek00aElCWDFoWkw5UzZUTGh0NGJcL3lYTFpcL2NTOHpBQnRRRTJTWndoN3lGIiwibWFjIjoiNDRlY2M4MjI4YmFlYmYzYWFmMmQyNDQzZDcxMDNmOTQ4OTdmODAyMmZlNWUxYmE1NzI1MzYzZDFiMTljNWE0MSJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:40 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IlA4eU5kSXd5TXhaSTdIblVEMzV5SkE9PSIsInZhbHVlIjoiVDZpNVZYVWdIcmpLb2NtV0tPS1V6bUo2R3hjWGhHTm1vMFgxTFR5cXo1ekg3K3RvTDlwZ3hcL0F3bWthcDNVczVkcVFlOFlXc0NsUHVYSEJzZTF3Mnd3Zlh3d3V4TTFpQlN4R1hGNCtYb2ZqWTZ1QzlFZW9sQXZTaWxDSXNNSHRBIiwibWFjIjoiNWZmYTA3YjgzMGJjZWJjNTMzYTUyMGE2M2YwMDlmYTkwZDQ4NWI2ZGJkMmJhYWQ1NWIxZDY3YTZkZmY0YmFjZCJ9; expires=Sun, 08-Feb-2026 23:45:40 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14883,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"fd565c6df730bb7ccc7e9b4aebb2e49d","sha1":"21d579c6e541880f4aeef2b6e44e2dc1619ef01c","sha256":"2781e83ee71f11482cc282eaeeb4368a4bf50287914b5ac4f3942cc8ceecbaeb","sha512":"28fb4d333cf4e388d21d50cfeca4ffc24aaea0b5bfba80903b22e4d79ccb16d28295ebbf3af3c82810c58ac340d13231a16223b37b963d9d1b7586d551c0ad56","ssdeep":"384:Ei8OagbXbjp7m6U9nVHH3s8Oi/zCdV6odG1Am5A:Ei8LoXvp7m6knVnc8Oi/zCdV6odG1Amy","tlshash":"0c626e9d361c9a78c6f6aec1dedf32aa3554b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T21:46:03.51355Z","last_seen":"2026-02-08T21:46:03.51355Z","times_seen":1,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":429,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/upload/20260201033547/1769934947478145.jpg","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033547/1769934947478145.jpg HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IjVMc1IxMGh2WVF6MG9tdDM2R3V6UUE9PSIsInZhbHVlIjoiaW1sYjNNUUVBZ1B1XC9qUmJjbTdBTkRGV3U2SVgyempGNDI5bnJTdVVWZEhFTzJvVWRNcGRhOGpFMjNWMDFSVWFoenVyc3hnVEVFUlExUG15OCttZFh2RTFHSzg3KzlRc2N2bzkxRkpjRVVpbTFBV3UwUmxwUjNiUzFEcm5YQk9xIiwibWFjIjoiZTRkYzkzNWRmYjE4MjZmNTcyN2M4ZmEwMTQwNzgxNGUzNThmYWZjYTZkMGFhMTEzNTdhNjUwNWIyNDg5ZTEwNyJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:38 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:35:47 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f1063-5a60\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23136,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 533x300, components 3","md5":"a5d8ed3b0d05c7d82af332161b46f12a","sha1":"2c5328e30a73d1d9829239d5404a750f92b616b5","sha256":"66c1a7fbb57d632b10f0bf2b53fdf9f22d0bddfd130e9e922c090e3b11fd63a3","sha512":"1fb4c102aec3df290096596f22b42d220f4895e51ff785e2424b3f79e978cce076734ac0d3850cb7077aafe26003c457421c6d07285a18959951be519bda4c55","ssdeep":"384:qYNg7ldMgGMVSWBZ6zgaBUTjNwLBPuHY8uX0JTp8/IjcnQpI/ZS5:qYy5dMg9VLDxTKLBWHYLIT/2QI/W","tlshash":"3fa2be19f60a8675d8adf7bd2c6e3b5233e5b1b6a330e152b90f8ce2d3940234b49056","first_seen":"2026-02-08T19:14:18.806754Z","last_seen":"2026-04-29T03:04:13.995169Z","times_seen":6,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/news/list","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"POST /api/news/list HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nContent-Length: 14\r\nOrigin: https://krakens-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":14,"data":"c_id=4\u0026lang=en"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IkF5aDhRUUM2Vnl3OHNZRUNwQ1wvcW9nPT0iLCJ2YWx1ZSI6IkJya0J1aWZcL281VE9aWjNIcnd1YnhrUUFCSmI1ZGRVU0l2aFRBT3RuZTlram9mUGh3NjVYVlU2cmVsYWJxNWxWaXVRRFNVYjZxNk9cL3lCVU9qNDJnVUgrR2JLcVpiWGkyd1NiS1l6M0xyRFFQQ1ZDWW9IZHErZkxaOE9Cb1UxdDgiLCJtYWMiOiI4NmMyNmRlNmQwMjAzMjUwYzgzZDZlMjQ4NjMxY2QxYzBkNmU5YTFmZDY3NzZiZjZjMjA0Nzc0MTcwOGQxOWNhIn0%3D; expires=Sun, 08-Feb-2026 23:45:37 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"bace47e4713844c973de88e19678c6e0","sha1":"570e51227d00a907a45f9f546ffb472fa5f0f7da","sha256":"42692ab1be49a1606270fb6a6e639cb4eb95db75580cd4645b64d8ed88b3073e","sha512":"461b0fc2193876a9e6cf68eb09d070c01736b653b92c47690ab586575fcbc894ce6e14a941aa224ab2602100c055516a006cd9444b582fa40b658211720e97f1","ssdeep":"","tlshash":"1ba0222020000cba8b0a22e2300b30a2888c20808f0383000ac0a00cc38c0ac2822a3f","first_seen":"2023-08-27T03:45:08Z","last_seen":"2026-06-18T21:00:52.7304Z","times_seen":138,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":313,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/common/lm_1.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_1.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-924\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2340,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"61f8ea6fbd16fc43bc0c6494dd5497b2","sha1":"e74dc56ebf8db750c596e04ff4869095f92759b0","sha256":"d7f415acd4fcc86908ae1b87639a54b4b435817926f44f89cbd2943bc993c277","sha512":"3861cc97c99d9b09b536b1f46a93e31c92a95c0c5439700883d40eab47f14b898521d765478cc738cf4371c6ae6d297a63c46a4cabfeab28be4a06aee6e1e1ae","ssdeep":"","tlshash":"95411a49ef40580293aabc8036e50801f90b4400a761e0b377cec4675de17f868259e7","first_seen":"2023-09-28T10:38:08Z","last_seen":"2026-04-29T03:04:13.964689Z","times_seen":8,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/currency/quotation_new","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:44.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6Inc4Ukx4eEFwK1BHeUZqU3ZzSWpCdHc9PSIsInZhbHVlIjoiSHJEZE1cL2ljRDdOdEhFeEJ2Y09xTHBvZXZrMHF6N0c5djhBWVZpUVc4QTVHQ2lPMGdpOWo5aHZEXC9TUHJyY0VqMUJsODkxUVwva2RHa1wvblVxXC90M0pDcU5BN3dQNzRQQ1wvVWhiMGZPa0FSUEV2WXYwXC8rN3k1UlwvamRranZlTTNYRCIsIm1hYyI6ImMzNDYwZWYyMWI0MTg2MTg2N2U2MDE3ZGIzOTAxZmYwZDBhZjUzZDNiOTlhNDljYjhiNWVkMWZkM2E2YWU4MjQifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:45 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6InpONFJQZlowMDZ0WGUybWVnMXUwM1E9PSIsInZhbHVlIjoiTFNid1NNNjlXNkJkbEpWdyttRFQ3eUJIbndFXC9nTWVyZEJLaE9Yb0dDNjk4QW9VenZlVFNOTnhGQytZdk9YSk56SlpNMWJaRlV0OWh5SGFRZVVlVDNpRVh2XC9TdzZTZklzcjZaTTNiZHlWT1lnaXZjUjV0Z1FMRU5MZENuc2c2bSIsIm1hYyI6IjFjMjA5MTI0YjQ5MjYyN2JhMWMxYjVkYjM0ZDEzOTQ5ZTM0YmM5MmU0ZTQ2YWIzODM1MTM5MzY4MmU4ZmU4ODkifQ%3D%3D; expires=Sun, 08-Feb-2026 23:45:45 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14883,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e1de1b088b3e0d7689b3f513da53fc13","sha1":"3356479078c8d1c3902143f99a82aced15840d3f","sha256":"144fe71e02b97b948bed2ad540e03f81039301eca368d89d787499406aa34b95","sha512":"2f0221c6b2800896ecfc11675b04cda559f4b6b80514688ca7c73f06de5bf2fe14d5884149b7d04492d8576ff33ef4286f25f409af8e22cf19a2aa64ccf79c7b","ssdeep":"384:Ei8g1aHbxbjp7m6U9nVHH3s/Oi/zCdVoocG1Am5A:Ei8gE7xvp7m6knVnc/Oi/zCdVoocG1AZ","tlshash":"0a627d8d362c9a78c6f66ec1dedf32aa3554b10aadd24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T21:46:03.516086Z","last_seen":"2026-02-08T21:46:03.516086Z","times_seen":1,"resource_available":false,"data":null}},"time_used":425,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":425,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/index.9e8dad38.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:35.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/index.9e8dad38.js HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:35 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-7d07a\"\r\nexpires: Mon, 09 Feb 2026 09:45:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":512122,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (56913), with no line terminators","md5":"63982c07d1d4edfc1af01bed853c05ac","sha1":"1de5d87422a825f117fc4b4ea7a749a5942b750c","sha256":"bb2ab0f22159aeb033467d5945e600f235f7a3aa7628e21a6fe459f5ef64a8eb","sha512":"9bcb59130946d43e53f9ec770c1240de93259ae14a7b463b7513bc7a680904938683905356e6fbda872af472e1c6e948fc1e5172d080203b4bd6463e43f521f5","ssdeep":"12288:358Xy5PauVWdFmK+Gld4k8D9emBaVr/PiHkBBSB+BGykdz3ueE3vQ522HoAKbL1S:J8OhVWdFm2VBSBCBolC0ayfTA9c","tlshash":"2ec4498ab6cf238c0c6635c9604f7afa747b1cf26706ecd3c2f4eb1526f5a5091a5960","first_seen":"2026-02-08T21:46:03.516907Z","last_seen":"2026-02-09T10:35:46.482694Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/news/list","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"POST /api/news/list HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nContent-Length: 14\r\nOrigin: https://krakens-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":14,"data":"c_id=5\u0026lang=en"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IjVMc1IxMGh2WVF6MG9tdDM2R3V6UUE9PSIsInZhbHVlIjoiaW1sYjNNUUVBZ1B1XC9qUmJjbTdBTkRGV3U2SVgyempGNDI5bnJTdVVWZEhFTzJvVWRNcGRhOGpFMjNWMDFSVWFoenVyc3hnVEVFUlExUG15OCttZFh2RTFHSzg3KzlRc2N2bzkxRkpjRVVpbTFBV3UwUmxwUjNiUzFEcm5YQk9xIiwibWFjIjoiZTRkYzkzNWRmYjE4MjZmNTcyN2M4ZmEwMTQwNzgxNGUzNThmYWZjYTZkMGFhMTEzNTdhNjUwNWIyNDg5ZTEwNyJ9; expires=Sun, 08-Feb-2026 23:45:37 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1023,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cf47ba2e8775779243fb29b22d3b97b5","sha1":"93b5ebc165cbe033135342c41bd3ebacc98ab3de","sha256":"9c807e552ffb8f498cf071f84643e65a13ccf9a872897203d2a8113b2f784a4c","sha512":"0f732a5973d726f0e2336d26a9acc6c36fa89bae5d00209a25867cfe22bd70b37e7ba10a276c5e18941bcb38f4608785adc22ddc3054c81f7cd0a792f797bc21","ssdeep":"","tlshash":"381157be09c6c77fe0940dc2d4e7a16c32ed8913ab22196537c55cc8ce2c2a59c2bc57","first_seen":"2026-02-08T19:14:18.832482Z","last_seen":"2026-04-29T03:04:13.988838Z","times_seen":6,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/fonts/DIN-Regular-2.otf","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/fonts/DIN-Regular-2.otf HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 20676\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\netag: \"6988bed5-50c4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20676,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"cefc4e9f0d6e7416521f230e0bd690cb","sha1":"503f919cbd521f8a417d82eb90c680874c2ed666","sha256":"a8ac9cfacec43dd23fe2dd61e2ca64f62e9635c47b43915a6f534e5993bc5cc2","sha512":"36e0a692e16f6940714dbe5d18dbbad48bed2215e6eef718e36f2e56f868799830bfcb4b175489561ce14821257864a842d3fabde69b95d5ca8d684410926e21","ssdeep":"384:siBLb1kb+bmaXoAdekq0dtjtI66/WbQVWmT7RfiSKHW:siBv6a3skq0tjtXUVxTcSd","tlshash":"0f928e5b9c941b08c5afb33302226244d6b0a8b893faf4d7dd4422fb34ad9575d7ca93","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-06-18T21:00:52.713493Z","times_seen":151,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/index.883130ca.css","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:35.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/index.883130ca.css HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-1793e\"\r\nexpires: Mon, 09 Feb 2026 09:45:35 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96574,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2de2f2d3943b4b382a28a439daff5939","sha1":"70d04e1c3567cb4f248b29046b98386f215a4d38","sha256":"8a35934d019c2b120a31ae6c51c75b2327f22637824b2a2c2faf4ce17ae9d4d8","sha512":"eba9271e30d6e4b21954078e3ccd839a55e1dcc8212fa375c18dce42104d19a92655c2f289401525b0c9565971a31573b928666515a3ca89b1801bbd48c1de95","ssdeep":"1536:OlIApuK7hmVmb2RS1Wu3xdynGJ7eh/nrhlvbc:VApuK7hmVrS1Wu3iG41nrPI","tlshash":"f393f73719012e39e52bcd26b6c1ab5a1e61c033e15307adfba47628cbcf9c9167b345","first_seen":"2025-07-20T12:48:29.443135Z","last_seen":"2026-06-24T06:08:19.235647Z","times_seen":2700,"resource_available":false,"data":null}},"time_used":579,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":579,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/upload/20260201033138/1769934698439598.jpg","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033138/1769934698439598.jpg HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IjVMc1IxMGh2WVF6MG9tdDM2R3V6UUE9PSIsInZhbHVlIjoiaW1sYjNNUUVBZ1B1XC9qUmJjbTdBTkRGV3U2SVgyempGNDI5bnJTdVVWZEhFTzJvVWRNcGRhOGpFMjNWMDFSVWFoenVyc3hnVEVFUlExUG15OCttZFh2RTFHSzg3KzlRc2N2bzkxRkpjRVVpbTFBV3UwUmxwUjNiUzFEcm5YQk9xIiwibWFjIjoiZTRkYzkzNWRmYjE4MjZmNTcyN2M4ZmEwMTQwNzgxNGUzNThmYWZjYTZkMGFhMTEzNTdhNjUwNWIyNDg5ZTEwNyJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:38 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:31:38 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f0f6a-14f2e\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85806,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 745x300, components 3","md5":"dd1156d1210d00cc170acacf6c8f480a","sha1":"24f2beddbe4d5f2ec2de535468cef10df069d076","sha256":"2cba7dfcd132dc991279ba74288f87cafdf4ceda3aa9b4bacd9c4e8d7fd3b6da","sha512":"a86aa4eddc716c878289ea0b6916acb4d0f7ea2bfce9facd1734f255dbce25b6a8771c9ca1af772b631e289df63db8a6fcd10ff588af77c813da134ba8812e21","ssdeep":"1536:nYt3f1ipp6deQk8TYbd8BgUZywn3HnaPPWLREYLegZ5nA6mvNBv5snPqyMA:Yt30P2bk8Ubd4ws3HnaPPW+4ZDmPv5sN","tlshash":"63831267e9c4723766b3567da53f3e0639dc3e64e4aad9cd08e908012d24acc6f41c6e","first_seen":"2026-02-08T19:14:18.84086Z","last_seen":"2026-04-29T03:04:13.992313Z","times_seen":6,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/currency/quotation_new","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:49.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IlRoaVNsemRleVlzKzNBMnJSZDAyc2c9PSIsInZhbHVlIjoiSUVwOEQ3R1JrbnNkZmJZRUFcL25PNHVRR3ZSY2h0STQrU0hVTndjMklPOTNKVENsRTc5MEJDb3VZRThPMiszZElXdU1WY2xCWGplTUkwbW5mY2dDaTdIR1lWSTBCcEs2ckFTYWtUZ0VQcUhpOGVxVldKdlwvQU5cLzJyS3pQRVRiOVUiLCJtYWMiOiIxNmU1N2E3Nzk3YjIwMTc4ZGEzNmQyNTUxMjQwNzA2OTkxMWRhNzE3ZDM0NjAwZjEyZjljZDdkODhjYTUxYTc2In0%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:50 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6Illab1FUcytETGpSWCtpRzJzaUkrRVE9PSIsInZhbHVlIjoiQ2lIenBYSTUyTkFqY2JrTytxU0d5bnl4Wk1ySlJCb0RUOFN3bFNmdTIrM3dCRXVQNEV0VVFKXC9XSUJaRG5BVEo5Y0dvRUlSait3TG5GdVpmdG1xU0hqTGFzU3BGWldZRm5YTmpET0h1azZ3a1BacUxQRXFGN05cL1FNRndUMkpTeSIsIm1hYyI6IjZhMzYxZjc3Y2M3YzBmZDZmODU1YjJhNmQxODE5MDEwM2Y2OWY0NmMzODE4ZmYwYzBlMmQzODk2YTg3ZDcyODUifQ%3D%3D; expires=Sun, 08-Feb-2026 23:45:50 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14883,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e294f735c91e1a617772c428c8118bbf","sha1":"8b5d85310d4e35eba47973b740994fed67b40d28","sha256":"966469188b9c735fdc0a51bfeaf10a17d67b807ab7ee23bff7998d49617fbe72","sha512":"2d2e8b7ba235da9f42c17f89244c646f5ed7a562f8b4e9c29339065ea698997dbfb8abc29eb94e9d30703ce5daf7543189a35547ab743596007eb78d58ce3cd4","ssdeep":"384:Ei8TaHbxbjp7g6U9nVHH3s/Oi/zCdVfo4G1Am5A:Ei8u7xvp7g6knVnc/Oi/zCdVfo4G1Amy","tlshash":"68626d8d362c9a78c6f66ec1dedb32aa3554b10aadd24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T21:46:03.519908Z","last_seen":"2026-02-08T21:46:03.519908Z","times_seen":1,"resource_available":false,"data":null}},"time_used":428,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/currency/quotation_new","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:52.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6Illab1FUcytETGpSWCtpRzJzaUkrRVE9PSIsInZhbHVlIjoiQ2lIenBYSTUyTkFqY2JrTytxU0d5bnl4Wk1ySlJCb0RUOFN3bFNmdTIrM3dCRXVQNEV0VVFKXC9XSUJaRG5BVEo5Y0dvRUlSait3TG5GdVpmdG1xU0hqTGFzU3BGWldZRm5YTmpET0h1azZ3a1BacUxQRXFGN05cL1FNRndUMkpTeSIsIm1hYyI6IjZhMzYxZjc3Y2M3YzBmZDZmODU1YjJhNmQxODE5MDEwM2Y2OWY0NmMzODE4ZmYwYzBlMmQzODk2YTg3ZDcyODUifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:52 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IjdNR3g1dTI0YU51RzFmeGN0ZHJ5c0E9PSIsInZhbHVlIjoiQWVmc3BUbmdZYjR4QlUwUkF2S1NwbmR3aHdhZW9MdFZyQkZGSVNzMXRcLzBLeGRxenNxbUt2cEdjc092TVNEbytLT3ZxT1YzOEIzc2VrQndjRmtXc2duSmNHWXpLek8wT2dNN3Z6eXNzODNcL2xcL1ZsSnRudENxQUlhSEQ3am5qRDEiLCJtYWMiOiI1ZDEyNjhiZGM0Y2QwNTk4ZTNkM2MzN2VjZTExMTU3YjhjNWY2NmIwZWI0ZGMxZWQ4MmU3YjVlYTVkMjVmMjBmIn0%3D; expires=Sun, 08-Feb-2026 23:45:52 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14883,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5673cc0c6c1dd690ace7d26094a8b6cf","sha1":"45f8d14251926f3c86690c7599fd6b82cc8b4804","sha256":"cfbbf86d5722b7ed2f32254cfc1e9f1d59bb212f72cb22a85b5c1520cc626892","sha512":"a35d68721f9409df2054b83f57e974fed3eef773bd2875f200dc8ec28bc1e3ef51cedaaa70538679b91138205d1c25c03ac0e460d62c70830d8d5ea416ed23c3","ssdeep":"384:Ei8OaHbdKtjp7g6U9nVHH3s/Oi/zCdVfoZG1Am5A:Ei8L7dWp7g6knVnc/Oi/zCdVfoZG1Amy","tlshash":"1f626d9d362c8a78c6f66ec1dedf32ae3554b10aadd24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T21:46:03.520712Z","last_seen":"2026-02-08T21:46:03.520712Z","times_seen":1,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":471,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/currency/quotation_new","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IjgzdXp4TENrZ1wvZk1QNVRVWGZmR3NBPT0iLCJ2YWx1ZSI6IkZvZmY0bktuS29jdFhVbWx3cVJcL2hINklHVzhUNjZSSmM4NE1RWFRNVEF3YlAyUkRTcVRCcUNnMlkwR2hWcGtvWTB4Nkp4K0NOTjJGd1RlQTgzUUdnek00aElCWDFoWkw5UzZUTGh0NGJcL3lYTFpcL2NTOHpBQnRRRTJTWndoN3lGIiwibWFjIjoiNDRlY2M4MjI4YmFlYmYzYWFmMmQyNDQzZDcxMDNmOTQ4OTdmODAyMmZlNWUxYmE1NzI1MzYzZDFiMTljNWE0MSJ9; expires=Sun, 08-Feb-2026 23:45:37 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14883,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"fd565c6df730bb7ccc7e9b4aebb2e49d","sha1":"21d579c6e541880f4aeef2b6e44e2dc1619ef01c","sha256":"2781e83ee71f11482cc282eaeeb4368a4bf50287914b5ac4f3942cc8ceecbaeb","sha512":"28fb4d333cf4e388d21d50cfeca4ffc24aaea0b5bfba80903b22e4d79ccb16d28295ebbf3af3c82810c58ac340d13231a16223b37b963d9d1b7586d551c0ad56","ssdeep":"384:Ei8OagbXbjp7m6U9nVHH3s8Oi/zCdV6odG1Am5A:Ei8LoXvp7m6knVnc8Oi/zCdV6odG1Amy","tlshash":"0c626e9d361c9a78c6f6aec1dedf32aa3554b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T21:46:03.51355Z","last_seen":"2026-02-08T21:46:03.51355Z","times_seen":1,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/home-cz.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.704Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-cz.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-335c\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13148,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 181 x 129, 8-bit/color RGB, non-interlaced","md5":"7bf7730bab7a67b1d3e0635468112a86","sha1":"782d7882cdfda025faa2fce0de47f66c61cef028","sha256":"9880930b8b34f51e546637e091c76a968beb0b507faa8edfec49ec971295c811","sha512":"f74e38c5c6fece18b1107751abc06588555d9e3fde6a5ac234e80e461699925ea2cdb59458c2f44d7cc43faff24e609a399e4056278082d7b38586a159f209bd","ssdeep":"384:b5dfJJIoAGyrG8pnNLtCOgHjfAcBEr2YU:5hAGyK8NNLPgDfVX7","tlshash":"d942d0475e658ca034d470a219ebd47c6cefeaa8ffa19c7b1859d05bb30d4a32042ccb","first_seen":"2023-07-07T09:47:56Z","last_seen":"2026-04-29T03:04:13.956773Z","times_seen":15,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/currency/quotation_new","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:47.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6InpONFJQZlowMDZ0WGUybWVnMXUwM1E9PSIsInZhbHVlIjoiTFNid1NNNjlXNkJkbEpWdyttRFQ3eUJIbndFXC9nTWVyZEJLaE9Yb0dDNjk4QW9VenZlVFNOTnhGQytZdk9YSk56SlpNMWJaRlV0OWh5SGFRZVVlVDNpRVh2XC9TdzZTZklzcjZaTTNiZHlWT1lnaXZjUjV0Z1FMRU5MZENuc2c2bSIsIm1hYyI6IjFjMjA5MTI0YjQ5MjYyN2JhMWMxYjVkYjM0ZDEzOTQ5ZTM0YmM5MmU0ZTQ2YWIzODM1MTM5MzY4MmU4ZmU4ODkifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:47 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IlRoaVNsemRleVlzKzNBMnJSZDAyc2c9PSIsInZhbHVlIjoiSUVwOEQ3R1JrbnNkZmJZRUFcL25PNHVRR3ZSY2h0STQrU0hVTndjMklPOTNKVENsRTc5MEJDb3VZRThPMiszZElXdU1WY2xCWGplTUkwbW5mY2dDaTdIR1lWSTBCcEs2ckFTYWtUZ0VQcUhpOGVxVldKdlwvQU5cLzJyS3pQRVRiOVUiLCJtYWMiOiIxNmU1N2E3Nzk3YjIwMTc4ZGEzNmQyNTUxMjQwNzA2OTkxMWRhNzE3ZDM0NjAwZjEyZjljZDdkODhjYTUxYTc2In0%3D; expires=Sun, 08-Feb-2026 23:45:47 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14883,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d3d23692886046ce739a0f60f23bfa45","sha1":"b31ae5b03e738588772ae3662b411c511dc9756e","sha256":"7ef59517bebc44b06a978e9c059f8e28191ae69073b4654b3815e46959115e7e","sha512":"c815d830b075a1976eea444f20a1690aeb751328cc799cec11e5f6804351b82d24a1f3c86f36730950b398e1e569d1df30f3bd3bf28a4266b2f5c3dc774e7614","ssdeep":"384:Ei8TaHbxbjp7m6U9nVHH3s/Oi/zCdVooFG1Am5A:Ei8u7xvp7m6knVnc/Oi/zCdVooFG1Amy","tlshash":"42626e9d362c9a78c6f66ec1dedf32aa3554b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T21:46:03.521959Z","last_seen":"2026-02-08T21:46:03.521959Z","times_seen":1,"resource_available":false,"data":null}},"time_used":412,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":412,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"www.krakexnsstrong.com/socket.io/?EIO=3\u0026transport=websocket","fqdn":"www.krakexnsstrong.com","domain":"krakexnsstrong.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: www.krakexnsstrong.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://krakens-pro.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: EIf92AAMX+Yc2LKa+Ofzkg==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Sun, 08 Feb 2026 21:45:38 GMT\r\nContent-Length: 0\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: yzz6paNiAG5YvRltt1zlhXQ140k=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-24T11:14:31.127166Z","times_seen":16678930,"resource_available":true,"data":null}},"time_used":1908,"timings":{"blocked":0,"dns":556,"connect":818,"send":0,"wait":263,"receive":0,"ssl":816},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/home-kefu.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-kefu.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-80a\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2058,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 39 x 43, 8-bit/color RGBA, non-interlaced","md5":"4d15c9ce96267ef3b00850ed58bd1908","sha1":"2bf8620e820d6afe4844e47da3dcf0fee5e011fd","sha256":"aa1b5f16b69804fb738086b60976974cb10d7c12c27930e9c858297ebe4fd36d","sha512":"b5f28e43c0972b844fa3deb78e5726673e166f9728b6c6c8ff1fee6b15da0efbb73b01dfcd74e9f27c5edc0076d3f07bc3363b527d55325f30c4ee8b12ef59b4","ssdeep":"","tlshash":"07410a5eff617c10c486a6ca2cfb5842ed4a85487a50906b3adbc85e1e706f209485ca","first_seen":"2023-07-07T09:47:56Z","last_seen":"2026-04-29T03:04:13.986532Z","times_seen":17,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/common/lm_2.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_2.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-5a5\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced","md5":"06a43db0d552cb5a405ca74704a65705","sha1":"cc0890640d6c246c219ef4a93aedf0724a14f71c","sha256":"d857a8c315937da20836c04d2b4cedad4154c9e98726bd89ed00360ca9fd3fe4","sha512":"9bc8169a49a4fa5df08cbbb68af4dcd4372dfb6af0281c2d21e4f05c5a4c690f1cc7f8c148f0e36faead384049c910a36945fc3cc5ad3e2b695231d196ccfc44","ssdeep":"","tlshash":"8b3196dee94114c152ccad9311eb2023e5920c848eb5ba61f4cdd80b5e316f2016b9ef","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-06-18T21:00:52.795585Z","times_seen":131,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/upload/20260201033637/1769934997966502.jpg","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033637/1769934997966502.jpg HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IjVMc1IxMGh2WVF6MG9tdDM2R3V6UUE9PSIsInZhbHVlIjoiaW1sYjNNUUVBZ1B1XC9qUmJjbTdBTkRGV3U2SVgyempGNDI5bnJTdVVWZEhFTzJvVWRNcGRhOGpFMjNWMDFSVWFoenVyc3hnVEVFUlExUG15OCttZFh2RTFHSzg3KzlRc2N2bzkxRkpjRVVpbTFBV3UwUmxwUjNiUzFEcm5YQk9xIiwibWFjIjoiZTRkYzkzNWRmYjE4MjZmNTcyN2M4ZmEwMTQwNzgxNGUzNThmYWZjYTZkMGFhMTEzNTdhNjUwNWIyNDg5ZTEwNyJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:38 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:36:37 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f1095-10843\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67651,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x300, components 3","md5":"93e20a2a035535b2d3b7c64d60ffde5d","sha1":"36939500b110095a28f3673e189fa33a481da10a","sha256":"08acebf4c9747bd782a245a8fcec1daba468fa13a7a4e3eaa2c4739ddae9d449","sha512":"f63165887ff10ed652aa1cc02890966c249d2a8034359929e4793b2c493663fb1989529688854afcb1b7decbaae73a6c08430e45e879ae58ddddd1ed4a670256","ssdeep":"1536:qnTtgeHT6w6HU137Lku4QpmDlG7APIiExckvP9tGs3:qTvOkLJ4Qp3fzxrUs3","tlshash":"396302f0d1d662a7f223a4b57ae20dd0d34a070682c15929c5af3379d63e91d9e7c30a","first_seen":"2026-02-08T19:14:18.787403Z","last_seen":"2026-04-29T03:04:13.976404Z","times_seen":6,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/home-help.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-help.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-e4f\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3663,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 71 x 71, 8-bit/color RGB, non-interlaced","md5":"7846338ba84cff5f06fdd7508450bbf0","sha1":"5af7c1b7502af3c0396c951d0e1447f4b5a15ace","sha256":"131b50606f648276be3eaf571f44b39071a8933acda4520c9198bc78bf02c11a","sha512":"e9c691fa1180b69957127324f00ce67c60125f635e2576d601d221f46fc2b6d34ab46cac0a8bd274d461b2e0e86db66603f64745adfd10a70227f9b7269e55e2","ssdeep":"","tlshash":"0f715dd3fc4099a46e30649a90f544dbea425f48cfd0f45aab96d81a02583f8b4c96ff","first_seen":"2023-10-24T23:07:08Z","last_seen":"2026-04-29T03:04:13.972537Z","times_seen":11,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/common/lm_6.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_6.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-6c7\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1735,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced","md5":"fb7c1ab1476b2b6be4d49a6cb35fb25b","sha1":"986fbfc4d865ce4e0043049603073670161ed6ed","sha256":"57d4a342ec3e59be5d2fad45490700adeccd84a0b3cb16c94f788dbe8b7718a2","sha512":"4ed1530275ce8eb6963dd15c89d38b443fdf4938282927e3dc4233296efa4cc53edde8ed364e457fb766a4e1e2b22dc419a694842a1a5294a05e98d5fa67d7af","ssdeep":"","tlshash":"e931850eb551ba4252ede68129f7417ada079c408bd4b0a174cfd06299223b4856b3cb","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-06-18T21:00:52.821545Z","times_seen":133,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/lh/send/get_recommend","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/lh/send/get_recommend HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nx-ratelimit-limit: 60\r\nx-ratelimit-remaining: 59\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"216383716d804488f71f7837d92db335","sha1":"03caf07e94db10bd3fcd9357a229782d8d11781d","sha256":"94d3e19eef51b52f43d0695296c9622a2c507ebb696e5c130703a6f46437583f","sha512":"63c2f0245e090fd11dba5daad1b6e90a8fb1f8f0e817f67e37742bc4bfdaf57212424c48365042c83592a180c93ab0c999a95e8462b9f40209555de5f8959ffb","ssdeep":"","tlshash":"5c80040035145c1c470515c134443c40414d1143c04115110c44dd14c35d470313173d","first_seen":"2024-08-19T18:56:08.011824Z","last_seen":"2026-06-18T21:00:52.800948Z","times_seen":107,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/tabbar/tabbar-option-dark.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-option-dark.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-dd4\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3540,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit/color RGBA, non-interlaced","md5":"d883d0fcd09ffb995d282ad715119fac","sha1":"48206a2fd5f5127745c8a77c4f39a71bfc10995a","sha256":"8e3ea2da53fe58d88068b19b25420b74416eee2ffa10563331dd842cd377a4a5","sha512":"128d59e13722357285b7e367c9fda7f3fb305fd3124d77cff7cb1f2c915ed551c7a4de6a8cc4832f22e47a67fc1000e711806e27d80de15636f470c749e64f3e","ssdeep":"","tlshash":"4d716cea4160722dc2803114cab2f754682cab042ed7eb4031edf7493cdb490d24923b","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-04-29T03:04:13.981111Z","times_seen":13,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/tabbar/ic_tab5_nor.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/ic_tab5_nor.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-67f\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1663,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit/color RGBA, non-interlaced","md5":"587b6a1c8e6f1734750ab3404cd98b87","sha1":"103f46253058408cdcfb1b723b25963872f18f3b","sha256":"4849b92fd70888cad93fda975d3fb17601bc47745917fd59a001e5d621685546","sha512":"b246872ad09de24564fa0fd6f88fba1700abd5d49807fe2f50f41b967bd1a556b7b63d08d6f2eacc4ab68005fe1e92d37fdfffab88b38dd530c72fc1835a267a","ssdeep":"","tlshash":"eb311a474d080ecc44ee162238bb9ca3e96ba07a14137c1d8dc15c37ba7a20e4481233","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-05-04T13:31:01.629805Z","times_seen":26,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":550,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-08T21:45:33.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:34 GMT\r\ncontent-type: text/html\r\ncontent-length: 781\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\netag: \"6988bed5-30d\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":781,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (500)","md5":"037d0cc3dab778d5de8293d264e6f80d","sha1":"ee8bd35bd300d31472f23bc19e680ac29bd69ddd","sha256":"1c8f9db995ec1f8a78f5a561efbe46907a14e351aa4e5e7a358cfe956c811e79","sha512":"f10f89c4dec5782f6fcd1dd24ace80c913a04760b07412ff1589d389b54409577373aa5deb2668652b4c293b235f250c49778fa5ad03250ea6666cea4299d439","ssdeep":"","tlshash":"6901f1c31c10e94d0720865160b7e51e89e64af8699098503cdc6afc8be0b8ece7f814","first_seen":"2026-02-08T19:14:18.83651Z","last_seen":"2026-02-09T10:35:46.505762Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1505,"timings":{"blocked":608,"dns":23,"connect":287,"send":0,"wait":287,"receive":1,"ssl":294},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/pages-assets-index~pages-help-center-center~pages-index-index~pages-my-my~pages-template-index~pages~b3704ff9.b773dd6a.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/pages-assets-index~pages-help-center-center~pages-index-index~pages-my-my~pages-template-index~pages~b3704ff9.b773dd6a.js HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-3acd\"\r\nexpires: Mon, 09 Feb 2026 09:45:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15053,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14993), with no line terminators","md5":"f859d14fe39edcb03812712f505c2761","sha1":"2815db46a64e229fab8d72208800c560298b5d03","sha256":"15c2e11c7ac1efa736c851cb64b91986498b9ae2fee6e48387f61c453cbe5d36","sha512":"48ab6a5b5bc9f8ea9270c4791df535b091fc970b02cf953786f113671c12c6337b73190e624922ecaaa20beea5bc3a8e19e705f7a9c6d5f8da11a62a2352c2d3","ssdeep":"384:aHLKgcjwyIUpH1BGtfb+3j9ytmyKHIPquJOHhrGq0V:YypG1Y9wqKOHhrGq0V","tlshash":"5662c778b0cab0371a87d12520af3a04512b7995c418eff4f7b5f0e54bf91cd226ab5a","first_seen":"2026-02-08T19:14:18.793712Z","last_seen":"2026-02-09T10:35:46.495855Z","times_seen":5,"resource_available":true,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/pages-index-index~pages-publication-details.3baea1c0.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/pages-index-index~pages-publication-details.3baea1c0.js HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-4298\"\r\nexpires: Mon, 09 Feb 2026 09:45:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17048,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16970), with no line terminators","md5":"6c1f69c00f0ba2389a87a0b8a6f80049","sha1":"0147446a71c4dba7718589ef0ff2e6af05fcd87e","sha256":"293679e8fd5878681f8de40e0ef66d4c1aab8db604527d580feda0124560a383","sha512":"d163d050b31aec9940af0027b8e337f995625291adde574aec872b8d9efb99a42ae7ead58ccbbb5d941c3d1a7a4c6c3b270add8bf4ca1a8f468d3fcb5a385e20","ssdeep":"384:tA5CFlqPQgnXl0HqVs5jxUvYYRFkGbscGTsZa:tA5C3qh8VUvLRFkGbKaa","tlshash":"7572f98cf0c6b415069761b2803f6705013aa985b1179b9cb7baeaf14e6998c3363f7d","first_seen":"2026-02-08T19:14:18.817351Z","last_seen":"2026-02-09T10:35:46.480091Z","times_seen":5,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/home-fy.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-fy.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-80e\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2062,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 42, 8-bit/color RGBA, non-interlaced","md5":"7f4389b86c6586fc59ad24fe6052822e","sha1":"d90a2027b503b1c8926902f538e96ccc0d5b88d9","sha256":"e42537bb60fff52f74c0557c146a2ca86977e0b135bd0359b7de6ee68654f73d","sha512":"041a332809b464e22f4856196d67abfb6f803652aed24b81179bbd7422e9ca75c379a645d91acb03737410a66beb6d225df2b1a9647f291da7fb02e0cc2df94f","ssdeep":"","tlshash":"6b41da45a4a00d41d4e6a5c100f39427e3238f40e9e4f4966bdfd81a0af21a578709c7","first_seen":"2023-10-24T23:07:08Z","last_seen":"2026-04-29T03:04:13.971642Z","times_seen":13,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/common/lm_5.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_5.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-615\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1557,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 23 x 29, 8-bit/color RGBA, non-interlaced","md5":"7045dfb26a5920ae530b250d26167e2e","sha1":"924eaa15ece9d75817c3008a9deb198871a85f38","sha256":"96e893a98d7c621f83902a037ebba8d22e3e8e920af91aae576dbfe60d2b9223","sha512":"b6e7fbe774e3e5ff27a5eb20f88b4e5d8e39df8886ae40f3567626621245b5109be59a886ddb25dd33ca938ddc5f09c904cda921d90a9a6c4584dbce5e14301b","ssdeep":"","tlshash":"df31d787fa40aaa11109ef4125f28522dd778c94f9d0be20d4d768570970afb8c1b7e7","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-06-18T21:00:52.753683Z","times_seen":120,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/common/icon_gesture_avera_dark.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/icon_gesture_avera_dark.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-315e\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 168 x 168, 8-bit/color RGBA, non-interlaced","md5":"f5b2864919dd2ff0b2ddef076a5e47d0","sha1":"01683748192e622c2345e9bff81aab3485567fa3","sha256":"c6fac2bdcac5ed71bc1582e59814b4522b09763139300ff3326104850f7593aa","sha512":"da88985a9a6a61ffe4d70aa67a79fe2562be2b3bd5082cfa68c736ed6e1c1d179642068656db75a718908019e42d0347932031a478afd52bf267fd55be90197d","ssdeep":"384:856+z0KN7HyHYFvUgmTXMH/hOUmjk76xI6f:856Q2RSH/Cjk2S6f","tlshash":"9242d064e3258495cf5d66f4057bd143e5f2cd05b48ab0a1802bd0ee5b303bb9a09de5","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-06-18T21:00:52.819896Z","times_seen":118,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"111.231.169.247","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:38.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Mon, 09 Feb 2026 15:45:39 GMT\r\ncache-control: max-age=64800\r\nset-cookie: __uni__uid=rBEQUmmJBAOzXLBbA0uiAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-24T07:27:15.457858Z","times_seen":16621,"resource_available":false,"data":null}},"time_used":1570,"timings":{"blocked":664,"dns":41,"connect":240,"send":0,"wait":241,"receive":1,"ssl":380},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/api/set/lang","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"POST /api/set/lang HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nContent-Length: 7\r\nOrigin: https://krakens-pro.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":7,"data":"lang=en"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9; expires=Sun, 08-Feb-2026 23:45:37 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"de77c954ce23f7e01edfa6f76a2e6452","sha1":"f2450906f5e98943b791712210b3a3ca3c305268","sha256":"0cf3b547c4dd0ecb23ac59da7e2466310875fda77f2e3c378706d316512dc0ed","sha512":"92aff4f04548dca9cbf0f7003be4a6d9be259fe110c2f08367aeb5055fc0988314418307430413fd188deb3a95f118017fd74a6eb7be080c3943f1825ee78992","ssdeep":"","tlshash":"eaa022082e302c2e2f2023803ef03808030c008be28a2a00c880a02acf3f0a8303ae38","first_seen":"2026-02-08T21:46:03.531364Z","last_seen":"2026-02-08T21:46:03.531364Z","times_seen":1,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":320,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/tabbar/tabbar-assets-dark.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-assets-dark.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-558\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1368,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit colormap, non-interlaced","md5":"b7d1ed286ef7dd75235d11960ea94094","sha1":"45a5a2c2eea7315ff1f48656dfe0a904383798f3","sha256":"3b4efde762d54f9ae461a20ca983e8a53db301efb7efec686792791066c845c9","sha512":"561254d5e93e984b40a462e8bc7932a1e1120075ad5587e254e1cdc9b6da7ad28c76732a834f13271fb104ddee215c3c1a77d67c885808e2deed3e7a3173eea5","ssdeep":"","tlshash":"a2212672378eb9c45f31b62d5318f1d2d29389b91b21f9a768c98b26b00096559adb02","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-05-04T13:31:01.692769Z","times_seen":25,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/common/bg_dark.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/bg_dark.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-12c39\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76857,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 458 x 238, 8-bit/color RGBA, non-interlaced","md5":"83a93ef276bd4d559bd024bef0f84dd5","sha1":"1a2e3e4675b4fe09899f741b389f3fdb51c4bc40","sha256":"cbb3606ea77f33898c90df41f20bd06a1c4fb22898e22c26e9f34b8f3dc137f0","sha512":"70bb3a4aa3249bad4d1dc0ef0a374b55e676061ad16faa7b68154c45143d865cd9eb4bab5b5926f82dcdca25b234ce213e8e06a4434658cc4af803ff85d5eb5f","ssdeep":"1536:sm52a2JRQSf7ZjZ1I5CvKWZHU+0Gi/HtH0ahddb0+07IJQ0OXMUpOxhUERH:/2au1I5C7RU+0GiPl0aBot7IJCe","tlshash":"e97302552ee1fa4d2578d060b2c9cf3799062d2366e857a8f365c2970fe8e801491bce","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-06-18T21:00:52.792858Z","times_seen":122,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/tabbar/tabbar-finance-dark.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-finance-dark.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\ncontent-length: 653\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\netag: \"6988bed6-28d\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":653,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"f798761c5fb8237cbd55580ca61ff63c","sha1":"f641a6d1ec908cec4be77bb7bdbac2f72edde897","sha256":"c8b501a0ef50e691c5d929e9a9f9d14c2e72316ad78241878c155092f7329f95","sha512":"9fc0e1ae53b342e3408e29aea510fb68ebe187ead93ba09c963ce4a6c5630d9e569af591e97dadbb9ecb0382a028c742beaf5b4364faeb4c8185581943840fe6","ssdeep":"","tlshash":"52f083ed82f034369091892d081f17a298ff75ccac3181bc041ca39e3e2d4203184d8b","first_seen":"2024-08-19T13:46:59.008445Z","last_seen":"2026-04-29T03:04:13.979281Z","times_seen":7,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/pages-assets-deposit-charge~pages-assets-index~pages-assets-record~pages-assets-tradeAccount~pages-a~827c4946.b37c8cac.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/pages-assets-deposit-charge~pages-assets-index~pages-assets-record~pages-assets-tradeAccount~pages-a~827c4946.b37c8cac.js HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-d852\"\r\nexpires: Mon, 09 Feb 2026 09:45:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55378,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55262), with no line terminators","md5":"57464dd77acd6b7465c9b03b528be0c3","sha1":"be81d53242bb0c99bfcc63e5db88ca7307bcbea4","sha256":"b5a53722025030cb68040544dc19ff2c53d9ae708779d299fffb5112d306faf9","sha512":"b4de85842ba99b7e64a83b020e4d0374a91cb44aaedc4ebd1e6c83aa680cb30e0577beb4284ac8fa250415f8c803419df3eec5dc7369b582e2a2bc0745c6eeac","ssdeep":"1536:dFTsYId0FHoMqu7NdEAaM2Ol51hwJX2RcJZHYpN7xCIx/+eJF4cL3nnisGQaOmvd:ddsp0NVr7fnaMj51hwJX2RcJZHYpN7xy","tlshash":"4343fbe6e10c0cd17f7bcc8f6240235f6549ff62d9968dd8f126264c8de23a021a977a","first_seen":"2026-02-08T19:14:18.83858Z","last_seen":"2026-02-09T10:35:46.494588Z","times_seen":5,"resource_available":true,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/js/pages-index-index.43ff5783.js","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/pages-index-index.43ff5783.js HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-136fd\"\r\nexpires: Mon, 09 Feb 2026 09:45:37 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79613,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65254), with no line terminators","md5":"898448c9bd5e8d6ef53d315cdea827fc","sha1":"351c0e7929224c35a0b55761bc2d9b2b6a7dbeb4","sha256":"b06a5a40ae3f3b0f70ac218f985a5dbe7e846bb07f77660bfd8c3b17642170b1","sha512":"0d4daf94ffa06d6201eaccafbfa85e680c5845f3919a2ada9f58e0bf9da7b175d56e667309565a31e193f4c4fb8be7b62a366cf5d9b5a28cde61ec2be5d052c2","ssdeep":"1536:U+sXKZn6K3elKbhoBlqWo8kjW3DVf8zYONE:pephkjiR","tlshash":"80732a14f08bf02fa85bd024206f6a1450362f65d115bfacf376a5d88eee6de2163b5c","first_seen":"2026-02-08T19:14:18.843454Z","last_seen":"2026-02-09T10:35:46.473923Z","times_seen":5,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/tabbar/tabbar-home-select-dark.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-home-select-dark.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-110b\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4363,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit/color RGBA, non-interlaced","md5":"6519b08ffb830e5e0e027d7c91fb4dae","sha1":"b398320d36b04db10e573fb18cb72240f5e1a7d1","sha256":"c8331a8559b6f16ddca760f79ac5116462b0932954854746baa7d0ffd58cbe86","sha512":"ef469d8bd18e93a352d9ad9093d91d791a4d80e43ca1150449511aadfe87f6eb05ab60b722e6fcd76882f721fc97b0256349e9a0b2ed2303031bbcb5becbe0f1","ssdeep":"96:P8exwoo8HqTsOXXKadTa8atoUWIocxcvwXRDkUR/L+uqlTN9Og503Rd:PtOodUsAXKn8aYIocioBDkUR/iHhNQOi","tlshash":"1a918f51617d514aaccc8fec9b3918c8bde404e70cfcd5c2193309ab9e4d55c0834729","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-05-04T13:31:01.676119Z","times_seen":26,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/static/images/home-qihuo.png","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-qihuo.png HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6ImExalhCc24zMjF1WHNFMnYyS0hWeVE9PSIsInZhbHVlIjoiV3ZjWDBWUVVWYVhyR2k5UURRXC9MSjRYNUJaZDd1MVI5eXN0bzRTNWlxOTJvQ3A1RDJCOEhOVEVuQWN1Z1NicjhQMTNqNHhORjdjWmliT01KZmN5MHpFVGlEdVJSdnJsTFQ0U3dqd1pMSjkwRVlRa3ptaEVwMWhienhINkZQR2Z2IiwibWFjIjoiMzhiYTlmZTc3MTBkZjlmZmMxY2IzYmExZGJiMDI2NGQwN2NlODNiMzYxMTg0MmEzMGUzZDg1MWQyYzliOGQwMiJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-19cf\"\r\nexpires: Tue, 10 Mar 2026 21:45:37 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6607,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 71 x 71, 8-bit/color RGB, non-interlaced","md5":"9e4d1c0231b504eaafadf5d71ad000d1","sha1":"9640064fda209f1eb5ca039cb3f65bca9f0cf2d8","sha256":"ba914ebaf47e8ca3f4a2cd0a0e453363a9a8e80a5a8781129badcb309bf7b8c3","sha512":"e3b487533b2d01434170a94dfd6d7cba812fdab016c85423448ec6b8a5d2e391d879cfdd86b0ac4ac105f60edf23d17432182ae0b7666a66983985190ef16d47","ssdeep":"96:BMYR2UV0qso6ZVz/7S+uAqozm1VsWpjWuWsYO2FbTLZHik9fcr4tuuCrQMjW:B9YNvzh4dWDsErH7uuIo","tlshash":"49d19dd9e873ab964fa8d26722dac80605a21695a3a3b052b57dd80fc3c45f6c52e0cc","first_seen":"2023-07-07T09:47:56Z","last_seen":"2026-04-29T03:04:13.963352Z","times_seen":11,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-pro.com/upload/20260201033738/176993505898356.jpg","fqdn":"krakens-pro.com","domain":"krakens-pro.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-pro.com/","date":"2026-02-08T21:45:37.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033738/176993505898356.jpg HTTP/1.1\r\nHost: krakens-pro.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-pro.com/\r\nCookie: angela_session=eyJpdiI6IjVMc1IxMGh2WVF6MG9tdDM2R3V6UUE9PSIsInZhbHVlIjoiaW1sYjNNUUVBZ1B1XC9qUmJjbTdBTkRGV3U2SVgyempGNDI5bnJTdVVWZEhFTzJvVWRNcGRhOGpFMjNWMDFSVWFoenVyc3hnVEVFUlExUG15OCttZFh2RTFHSzg3KzlRc2N2bzkxRkpjRVVpbTFBV3UwUmxwUjNiUzFEcm5YQk9xIiwibWFjIjoiZTRkYzkzNWRmYjE4MjZmNTcyN2M4ZmEwMTQwNzgxNGUzNThmYWZjYTZkMGFhMTEzNTdhNjUwNWIyNDg5ZTEwNyJ9\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 21:45:38 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:37:38 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f10d2-8ebe\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36542,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 662x300, components 3","md5":"6b4d349ce9f8b6b7da02a04e717235b0","sha1":"14a20a3237cce29c4c063d2bca9829fb3322e10f","sha256":"7890222957ceb677bebceada8d89bea15f07aea54ff138523f924d4dc31c5adc","sha512":"6a04db546dc14915349d75ba7a72f2d38f27ba91d84254429d83408a8358b7413d9609df41ec9c32bc533baa78c47e5f7a19c2276d9ee1ace8b3b03b327dffe6","ssdeep":"768:f7C4+GxA4pTQ87V0jMsbd0c4gCpBQgEmHVRSIp49u/v1:DCfL4XV8MsbdX4gCpKgEmHbSIpV1","tlshash":"67f2c01e4a44cfe674dc6b7042e38b933a8bdc77891794423503a52b26d77fda92703a","first_seen":"2026-02-08T19:14:18.79657Z","last_seen":"2026-04-29T03:04:13.994354Z","times_seen":6,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-pro.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}