{"report_id":"b041ed22-17fa-4cfb-a30d-87781e2474e7","version":6,"status":"done","tags":[],"date":"2026-02-08T22:57:40Z","url":{"schema":"http","addr":"krakens-vip.com","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":0,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"krakens-vip.com/#/","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"title":"Kraken","dom":{"size":203340,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (40058)","md5":"d53933514ad298819f73d1748ec94393","sha1":"7e19a1b431810c1361bbc3d07cfba92bb56382d5","sha256":"c55b2850edfd248bfbe5e364f4530dc770a02575698f05a6b2e1aea14113440a","sha512":"17533ec0ddc83d6cc8d212650ffd8402aad639b1d04583633fb308accb1ecb5cc2caf0fc8938bad08865a0a95b2701a0e66a2144a9ef4318549e2b25065c1f31","ssdeep":"3072:lsp0NVr7fnaM/51fuPlIHGvXNWPf1f4yH9sUnbauJ9BxEuMa8Qc1tblK1mklU5QC:9rr7fnFvw2XcP","tlshash":"7b14c761b689241ee93bc984e0997b78b56f6e71c30a9fd6f72137248fc29d3211131d","dom_hash":"domhashd537b225f22d5d2bc462c1df2ebe7a5a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"krakens-vip.com","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":0,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-15T22:57:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"krakens-vip.com","ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":176,"request_count":44,"received_data":2800902,"sent_data":31672,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.krakexnsstrong.com","ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-08T19:14:13.741099Z","last_seen":"2026-02-08T19:14:13.741099Z","alert_count":0,"request_count":1,"received_data":227,"sent_data":597,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.dcloud.net.cn","ip":{"addr":"106.54.228.253","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"domain_registered":"2013-07-17","domain_rank":296858,"first_seen":"2018-09-15T09:18:08Z","last_seen":"2026-02-04T15:02:37.513902Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":446,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"krakens-vip.com/static/js/pages-index-index.43ff5783.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"898448c9bd5e8d6ef53d315cdea827fc","sha1":"351c0e7929224c35a0b55761bc2d9b2b6a7dbeb4","sha256":"b06a5a40ae3f3b0f70ac218f985a5dbe7e846bb07f77660bfd8c3b17642170b1","sha512":"0d4daf94ffa06d6201eaccafbfa85e680c5845f3919a2ada9f58e0bf9da7b175d56e667309565a31e193f4c4fb8be7b62a366cf5d9b5a28cde61ec2be5d052c2","ssdeep":"1536:U+sXKZn6K3elKbhoBlqWo8kjW3DVf8zYONE:pephkjiR","tlshash":"80732a14f08bf02fa85bd024206f6a1450362f65d115bfacf376a5d88eee6de2163b5c","size":79613,"data":"","first_seen":"2026-02-08T19:14:18.843454Z","last_seen":"2026-02-09T10:35:46.473923Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/pages-index-index~pages-publication-details.3baea1c0.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c1f69c00f0ba2389a87a0b8a6f80049","sha1":"0147446a71c4dba7718589ef0ff2e6af05fcd87e","sha256":"293679e8fd5878681f8de40e0ef66d4c1aab8db604527d580feda0124560a383","sha512":"d163d050b31aec9940af0027b8e337f995625291adde574aec872b8d9efb99a42ae7ead58ccbbb5d941c3d1a7a4c6c3b270add8bf4ca1a8f468d3fcb5a385e20","ssdeep":"384:tA5CFlqPQgnXl0HqVs5jxUvYYRFkGbscGTsZa:tA5C3qh8VUvLRFkGbKaa","tlshash":"7572f98cf0c6b415069761b2803f6705013aa985b1179b9cb7baeaf14e6998c3363f7d","size":17048,"data":"","first_seen":"2026-02-08T19:14:18.817351Z","last_seen":"2026-02-09T10:35:46.480091Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/pages-assets-deposit-charge~pages-assets-index~pages-assets-record~pages-assets-tradeAccount~pages-a~827c4946.b37c8cac.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"57464dd77acd6b7465c9b03b528be0c3","sha1":"be81d53242bb0c99bfcc63e5db88ca7307bcbea4","sha256":"b5a53722025030cb68040544dc19ff2c53d9ae708779d299fffb5112d306faf9","sha512":"b4de85842ba99b7e64a83b020e4d0374a91cb44aaedc4ebd1e6c83aa680cb30e0577beb4284ac8fa250415f8c803419df3eec5dc7369b582e2a2bc0745c6eeac","ssdeep":"1536:dFTsYId0FHoMqu7NdEAaM2Ol51hwJX2RcJZHYpN7xCIx/+eJF4cL3nnisGQaOmvd:ddsp0NVr7fnaMj51hwJX2RcJZHYpN7xy","tlshash":"4343fbe6e10c0cd17f7bcc8f6240235f6549ff62d9968dd8f126264c8de23a021a977a","size":55378,"data":"","first_seen":"2026-02-08T19:14:18.83858Z","last_seen":"2026-02-09T10:35:46.494588Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"93368157fb131b56a45d6f60f8b40342","sha1":"ea2a25edb7b00c3e0a06650f02fded5bd87dfa20","sha256":"c48d4859bc082aa591168f7d7230bef438ecc2b3074e707c83864e11ec1a891f","sha512":"366c90d022f7fd6718d76460de51a154cf6cf8bf8e3aefa2e0e736cbba24ec53506485331abd3c3c2a7e6ae00c9a3b957a9aa675ecdd389afca7863ad8365908","ssdeep":"","tlshash":"c8e068c260a6294c02208016304ac1031bb608729ec149613c4c67a58fb9f4bc46e859","size":352,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-06T08:33:41.656561Z","times_seen":4001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/chunk-vendors.8e1fb2cc.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8705018cd82756eb1f3927a1afc0f6b8","sha1":"317159b388153441cb2c0ff9ca88c077bfceebbc","sha256":"dff16b4ab8a9abe33907d71fc5575a715065b4b3f680e41daaf55d5b2a60cc3f","sha512":"6b8f772d6612a6a83716d3d6fa3fa608a8f3d0d0348a38c1624704d0135bed0b5d4b070ed92487c6b8d1b6e81b3c87c7f030c2d8d2a874e4419064050a448a59","ssdeep":"24576:SUXfInMVZWDUp1FfdOR66YAsIfvzJHBzehfmjzGA:SUXfInMVZWDUp1FfdOR66YAsEZ4mjSA","tlshash":"f9552a8df186b0b147e720b5403f260bb23b6a69b40e8495f665e4d1ac78d8e5237f7c","size":1393351,"data":"","first_seen":"2026-02-08T19:14:18.850664Z","last_seen":"2026-02-09T10:35:46.514974Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/index.9e8dad38.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b3a11a9bce9b0b2ea7abed6bf6e1280","sha1":"abbc97d3632fe96fca279f4294b107f04fcfea1c","sha256":"b4590e0d67bef174a7a1fdb700da410db1d814194f9658941be2f7c22c6e1de5","sha512":"dd70c5c0e1d77a97064dfd19d0593455a3ce5dc65650932dfec8a7689e3db139a843578111ea3a567705655eb5d4fe9e81ad0d89d02a20a5eda635b132133eea","ssdeep":"12288:358Xy5PauVWdFmK+Gld4k8D9emBaVr/PiHkBDsxGnScF4uwW8uwgoZqcQ+A9hNJi:J8OhVWdFm2VDsxGnScCfTA9c","tlshash":"54b47e9b7bcc725c09497a4af04fbebee5bb1cf1a356e0c141e82b2127e0e95c216574","size":512122,"data":"","first_seen":"2026-02-08T19:14:18.84849Z","last_seen":"2026-02-09T10:35:46.516127Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/pages-assets-index~pages-help-center-center~pages-index-index~pages-my-my~pages-template-index~pages~b3704ff9.b773dd6a.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f859d14fe39edcb03812712f505c2761","sha1":"2815db46a64e229fab8d72208800c560298b5d03","sha256":"15c2e11c7ac1efa736c851cb64b91986498b9ae2fee6e48387f61c453cbe5d36","sha512":"48ab6a5b5bc9f8ea9270c4791df535b091fc970b02cf953786f113671c12c6337b73190e624922ecaaa20beea5bc3a8e19e705f7a9c6d5f8da11a62a2352c2d3","ssdeep":"384:aHLKgcjwyIUpH1BGtfb+3j9ytmyKHIPquJOHhrGq0V:YypG1Y9wqKOHhrGq0V","tlshash":"5662c778b0cab0371a87d12520af3a04512b7995c418eff4f7b5f0e54bf91cd226ab5a","size":15053,"data":"","first_seen":"2026-02-08T19:14:18.793712Z","last_seen":"2026-02-09T10:35:46.495855Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"3d5272693eb411e5b8b13a243f76c720","sha1":"6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c","sha256":"9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8","sha512":"03fc5614f48fc9a2e3c4a30626fdbacde74c1fda09ffa9d1cde0393d31cd5fe1588e270c241f4cedb473c6e5cc224ff16c141468a29519ea6159accf3e3a18f1","ssdeep":"","tlshash":"a4c08c8350e2080c8210861b848880050b8808b04f9308a22cd85b7ecc9ae88c8f804c","size":148,"data":"","first_seen":"2023-03-07T01:10:06Z","last_seen":"2026-06-06T08:33:41.657268Z","times_seen":15869,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"krakens-vip.com/api/currency/quotation_new","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:34.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6IkRoU1lUeDY0Tkxmcisyb0lON09iNXc9PSIsInZhbHVlIjoiR2FhRDZhbG5uZjZEYUs5U3NaUEZ4RVZVMm05bUdcL000QUdLMlhnN0tOVFcwRWdlVFVPSWhhTzlZOXBMVUxQXC9USzNMVWNjSFVkWXNiRjA5dWF5dXFcL24xWFwvTEFCSDFQSFhoSEJLamxRR0cwd1U2YVJFd1E3Vk1FcERwdENRa2k4IiwibWFjIjoiNWE1NzExYmIxMTExY2RlMmU0MjQ3MTdhYzdjYjk4ZjNmZTRlYzU2NGU5MTEzNTRlZTc5MThlYWY3YzYyZjRkNyJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:34 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6ImwwWVVzUUtxcEVcLzMrZHdwOFwvMVlxQT09IiwidmFsdWUiOiJhYTRpbEgzcUY0NDNCZnBZUzFwczV1blwvWitvRmRDQ3I2M0MzSUVlNm9VYU1mUUQ2b0NvMHVvNE00NVpTMFNVOHI0ZXF0am8ybXFjYWl2dTcwbUZcLzNhXC8wcHJrNzAwZ25oUFMxODRYdGN2XC9LWVdpanVncVdXXC9GM3BLSWs0dmpnIiwibWFjIjoiYmQ1NmE4ODlkNjUyYjEwYWM2ZDViODk3NjAzOGM4MzlhY2NmZmYzMzYxNmY0MGUyN2FhMjgzOTcyYWRjNjFhZiJ9; expires=Mon, 09-Feb-2026 00:57:34 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14886,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c9b62e3efe06110ac8b2205b3aa63a89","sha1":"ac9b18fad6331efdb2ecac4545f72a3ec1710e2a","sha256":"32ad5cfe02ab3cf61ef7a70649b49fd7c2e65dc4d9296bcfbca9cbb3023d8f62","sha512":"dc2cc9c3ca2fbc7c6ac34fa7fb70ea9b051e78214f560423016d220e71bc170e07b3f5f8e1602bb2a46d07d16d9d05f25643220585a0da4affb38659a0824940","ssdeep":"384:Ei8Raybsrjp7X3h9iVHHcsJOZ/zC4VJoIG1AmNA:Ei8IKs/p7X3LiVn5JOZ/zC4VJoIG1AmG","tlshash":"6e627f9d362c8a78c6f66ec1dedf32aa3554b10badc24f41c3ed5f8c029556be20b512","first_seen":"2026-02-08T22:57:46.415853Z","last_seen":"2026-02-08T22:57:46.415853Z","times_seen":1,"resource_available":false,"data":null}},"time_used":436,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/tabbar/tabbar-finance-dark.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.818Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-finance-dark.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 653\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\netag: \"6988bed6-28d\"\r\nexpires: Tue, 10 Mar 2026 22:57:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":653,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced","md5":"f798761c5fb8237cbd55580ca61ff63c","sha1":"f641a6d1ec908cec4be77bb7bdbac2f72edde897","sha256":"c8b501a0ef50e691c5d929e9a9f9d14c2e72316ad78241878c155092f7329f95","sha512":"9fc0e1ae53b342e3408e29aea510fb68ebe187ead93ba09c963ce4a6c5630d9e569af591e97dadbb9ecb0382a028c742beaf5b4364faeb4c8185581943840fe6","ssdeep":"","tlshash":"52f083ed82f034369091892d081f17a298ff75ccac3181bc041ca39e3e2d4203184d8b","first_seen":"2024-08-19T13:46:59.008445Z","last_seen":"2026-04-29T03:04:13.979281Z","times_seen":7,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/set/lang","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"POST /api/set/lang HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nContent-Length: 7\r\nOrigin: https://krakens-vip.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":7,"data":"lang=en"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D; expires=Mon, 09-Feb-2026 00:57:21 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"45858e040a13fb04cc2d7dcf9f2f9aeb","sha1":"8eb885ae3f8b947acb84c1b1553bf0cbb9990971","sha256":"5aa24612d0cc99680e489f282a172e9121d27446610462c31948b9eb6a54ab77","sha512":"95e528d90eded92de4937eff8bd75d5df8da427d0406142094f2e57f31a37247ddef5932fe45a942a10413c0186f4aacf74928c14c58c795a9450ea15e46f786","ssdeep":"","tlshash":"70a0244100404f003f0141c1347f5400c101d5c1cfc7301007004115510d4707131d57","first_seen":"2026-02-08T22:57:46.417441Z","last_seen":"2026-02-08T22:57:46.417441Z","times_seen":1,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/tabbar/tabbar-home-select-dark.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-home-select-dark.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-110b\"\r\nexpires: Tue, 10 Mar 2026 22:57:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4363,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit/color RGBA, non-interlaced","md5":"6519b08ffb830e5e0e027d7c91fb4dae","sha1":"b398320d36b04db10e573fb18cb72240f5e1a7d1","sha256":"c8331a8559b6f16ddca760f79ac5116462b0932954854746baa7d0ffd58cbe86","sha512":"ef469d8bd18e93a352d9ad9093d91d791a4d80e43ca1150449511aadfe87f6eb05ab60b722e6fcd76882f721fc97b0256349e9a0b2ed2303031bbcb5becbe0f1","ssdeep":"96:P8exwoo8HqTsOXXKadTa8atoUWIocxcvwXRDkUR/L+uqlTN9Og503Rd:PtOodUsAXKn8aYIocioBDkUR/iHhNQOi","tlshash":"1a918f51617d514aaccc8fec9b3918c8bde404e70cfcd5c2193309ab9e4d55c0834729","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-05-04T13:31:01.676119Z","times_seen":26,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"www.krakexnsstrong.com/socket.io/?EIO=3\u0026transport=websocket","fqdn":"www.krakexnsstrong.com","domain":"krakexnsstrong.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /socket.io/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: www.krakexnsstrong.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://krakens-vip.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: Pvq3AgqEAoShS/klagb3ng==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Sun, 08 Feb 2026 22:57:23 GMT\r\nContent-Length: 0\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Version: 13\r\nSec-WebSocket-Accept: ENH18xt+5/OzUbBw++76Qrq5d0U=\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T09:09:45.894417Z","times_seen":16172309,"resource_available":true,"data":null}},"time_used":1866,"timings":{"blocked":0,"dns":547,"connect":801,"send":0,"wait":256,"receive":0,"ssl":795},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/home-fy.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-fy.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-80e\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2062,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 42, 8-bit/color RGBA, non-interlaced","md5":"7f4389b86c6586fc59ad24fe6052822e","sha1":"d90a2027b503b1c8926902f538e96ccc0d5b88d9","sha256":"e42537bb60fff52f74c0557c146a2ca86977e0b135bd0359b7de6ee68654f73d","sha512":"041a332809b464e22f4856196d67abfb6f803652aed24b81179bbd7422e9ca75c379a645d91acb03737410a66beb6d225df2b1a9647f291da7fb02e0cc2df94f","ssdeep":"","tlshash":"6b41da45a4a00d41d4e6a5c100f39427e3238f40e9e4f4966bdfd81a0af21a578709c7","first_seen":"2023-10-24T23:07:08Z","last_seen":"2026-04-29T03:04:13.971642Z","times_seen":13,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/pages-assets-deposit-charge~pages-assets-index~pages-assets-record~pages-assets-tradeAccount~pages-a~827c4946.b37c8cac.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/pages-assets-deposit-charge~pages-assets-index~pages-assets-record~pages-assets-tradeAccount~pages-a~827c4946.b37c8cac.js HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-d852\"\r\nexpires: Mon, 09 Feb 2026 10:57:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":55378,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55262), with no line terminators","md5":"57464dd77acd6b7465c9b03b528be0c3","sha1":"be81d53242bb0c99bfcc63e5db88ca7307bcbea4","sha256":"b5a53722025030cb68040544dc19ff2c53d9ae708779d299fffb5112d306faf9","sha512":"b4de85842ba99b7e64a83b020e4d0374a91cb44aaedc4ebd1e6c83aa680cb30e0577beb4284ac8fa250415f8c803419df3eec5dc7369b582e2a2bc0745c6eeac","ssdeep":"1536:dFTsYId0FHoMqu7NdEAaM2Ol51hwJX2RcJZHYpN7xCIx/+eJF4cL3nnisGQaOmvd:ddsp0NVr7fnaMj51hwJX2RcJZHYpN7xy","tlshash":"4343fbe6e10c0cd17f7bcc8f6240235f6549ff62d9968dd8f126264c8de23a021a977a","first_seen":"2026-02-08T19:14:18.83858Z","last_seen":"2026-02-09T10:35:46.494588Z","times_seen":5,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/lh/send/get_recommend","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/lh/send/get_recommend HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nx-ratelimit-limit: 60\r\nx-ratelimit-remaining: 58\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"216383716d804488f71f7837d92db335","sha1":"03caf07e94db10bd3fcd9357a229782d8d11781d","sha256":"94d3e19eef51b52f43d0695296c9622a2c507ebb696e5c130703a6f46437583f","sha512":"63c2f0245e090fd11dba5daad1b6e90a8fb1f8f0e817f67e37742bc4bfdaf57212424c48365042c83592a180c93ab0c999a95e8462b9f40209555de5f8959ffb","ssdeep":"","tlshash":"5c80040035145c1c470515c134443c40414d1143c04115110c44dd14c35d470313173d","first_seen":"2024-08-19T18:56:08.011824Z","last_seen":"2026-05-20T05:31:39.764342Z","times_seen":106,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/currency/quotation_new","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:29.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6IjRHNHpIMUlNeDJadUJwUlYyb1NxUXc9PSIsInZhbHVlIjoiQUdETlNPUmhsT3NBbFwvOEZZbFwvRzJwNmdtRVp1OE1UakFRYjNiQnRpbEc3WUtCVmlORkZIQll1UlhYa1M1Z3czajdjZmFINkFmalJtOURTXC9aVkpFQjdQcGxHYXFpbEUxQTRDbkJEekVKYUtyWVVMMW5cL3VSQU9xb1UzRnZ5RTB6IiwibWFjIjoiMTk5YTBiOGYyYTc5OWE2NTdkY2Y4NzFiYTA0MzRiOTIxYTFkNjEzMDZkZDhiYjM0YjhhZTJkNWVkZDIzNTczMSJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:29 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6Ijl2eVFlSU0wdmRkTWlCVXBjaXNhM1E9PSIsInZhbHVlIjoiVmdFa0NkY0lBRzMxRk9JSkMxWjJPNnppQmYzS0lZMW5PTlJJa0VpK0pOXC82cHBicHhVRHhhdnliMXI3dmhpckNjTkpjQndWcVoxYTBxS0MwdXNUdE5LQ2RqNmNzRlJ5Z1RUUng3dyt0TlN6eFFUSEtsWWNhcUo3MlU2anN1YUk1IiwibWFjIjoiZWQyMjQ2MzNiM2Q4ZGIzZjgwNTJmMzczYmQ1MDdhM2NmNzJlYmI0NmUxMTgxMjk5OWZhMDhlMWRiNzI2NjYwMSJ9; expires=Mon, 09-Feb-2026 00:57:29 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14886,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ff480d32bc515dd4b659c82f0a828632","sha1":"5200a7006422f710e4ce30a5f41896fefdd78081","sha256":"ca71867412b16f1c433933bcc9e231f9004b27b42525f88f08de280238ad4c8d","sha512":"5d5ca123d1ff12f32e450f15b68ec6798a0a51457ef8b84b0e3c955fa8ed8e0afa4851286bd6287181ab7abc847cd168e1d939c3f34bb7a1b21e1e98e172bb22","ssdeep":"384:Ei8Ratbsrjp7X3Y94VHHcsJOZ/zC4VMoCG1AmNA:Ei8IZs/p7X3g4Vn5JOZ/zC4VMoCG1AmG","tlshash":"5e627e9d362c9a78c6f66ec1dedf32aa3554b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T22:57:46.421007Z","last_seen":"2026-02-08T22:57:46.421007Z","times_seen":1,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/upload/20260201033214/1769934734399578.jpg","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033214/1769934734399578.jpg HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImlwSUJISTZjSERDdmRDaVZpWHNzQ3c9PSIsInZhbHVlIjoiSTdvYTZYSU9DVmcyUEp2d1RGN2JLS2pZVU9qQmdsbW51WDBoMk1yWTMrM0hZT0pmQVZqUk9SeEo5Wk5tbjlRR2QwK1VaSTR4RnM2UUhTM2ZLSithUythanFYQm4rQkMwc2lEXC9aVUU0dlFuYk1vZzBBQ1wvcGEzVzcrUE9rVlBaRyIsIm1hYyI6ImY4YmVhNzJkNGJkM2I5Zjg0M2JiZWQ0OTc2MDYzODE5N2RiOTRhMTA4ZTk5OTI2MGExNDVhNGMzYWEzMTM1ODIifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:32:14 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f0f8e-1a229\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":107049,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 745x300, components 3","md5":"9cd55711f4f589d9cbf7b6e751368683","sha1":"b3900dd622ac6662da1d5a91a420a03ed6aad94a","sha256":"60ef29d62edf9eb513b9657ae8bd6731934d46b9031db1402c7c867bb89c51a6","sha512":"9146037c3f153a9dad1c4563c6c201fc67050cf60d6bf8bd2f895094211cfcf9b4afc9bdac2d599e0fa487d3112cae83bb7309dcb38b3cd0cbac2bdfcf3c4297","ssdeep":"3072:Rk+xKvXX7+5nDdfa6GFPh0nnEHSzwFIa5Mi31:fMHMRaFPynb8FT5V31","tlshash":"11a312cf8a7e863bc01934ba621070ffd6b6baa68d12187ff5d54d4ce622e1f1901d85","first_seen":"2026-02-08T19:14:18.778488Z","last_seen":"2026-04-29T03:04:13.960952Z","times_seen":6,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/chunk-vendors.8e1fb2cc.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:19.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/chunk-vendors.8e1fb2cc.js HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:19 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-1542c7\"\r\nexpires: Mon, 09 Feb 2026 10:57:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1393351,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (20052)","md5":"e6af54a230932814e602578c3f27703e","sha1":"f7e8565bbf642bc15d3ed44e0c5ca656f6924f99","sha256":"36080d491456dff6ee718b092c082432aef9ea37f8587fcc5e5926b8e38ab6c2","sha512":"8bc093d2a632a80c425d536ee80c76e51e96721f0914ba8b16c4042dfca1296661531bd59a3e7b82694a4c90e7c6b560ad6052348dc448090d93aa7a5516b095","ssdeep":"24576:SUXfInMVZWDUp1FfdOR66YAsIfvzJHBz+:SUXfInMVZWDUp1FfdOR66YAsEZM","tlshash":"e235198db186b07147e720b5403f220bb23b6969b40e8499f675e4e5ad78d8d123bf7c","first_seen":"2026-02-08T19:14:18.816001Z","last_seen":"2026-02-08T22:57:46.422331Z","times_seen":4,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/common/lm_6.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_6.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-6c7\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1735,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced","md5":"fb7c1ab1476b2b6be4d49a6cb35fb25b","sha1":"986fbfc4d865ce4e0043049603073670161ed6ed","sha256":"57d4a342ec3e59be5d2fad45490700adeccd84a0b3cb16c94f788dbe8b7718a2","sha512":"4ed1530275ce8eb6963dd15c89d38b443fdf4938282927e3dc4233296efa4cc53edde8ed364e457fb766a4e1e2b22dc419a694842a1a5294a05e98d5fa67d7af","ssdeep":"","tlshash":"e931850eb551ba4252ede68129f7417ada079c408bd4b0a174cfd06299223b4856b3cb","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-05-12T23:43:20.854007Z","times_seen":131,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/fonts/DIN-Regular-2.otf","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/fonts/DIN-Regular-2.otf HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 20676\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\netag: \"6988bed5-50c4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20676,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"cefc4e9f0d6e7416521f230e0bd690cb","sha1":"503f919cbd521f8a417d82eb90c680874c2ed666","sha256":"a8ac9cfacec43dd23fe2dd61e2ca64f62e9635c47b43915a6f534e5993bc5cc2","sha512":"36e0a692e16f6940714dbe5d18dbbad48bed2215e6eef718e36f2e56f868799830bfcb4b175489561ce14821257864a842d3fabde69b95d5ca8d684410926e21","ssdeep":"384:siBLb1kb+bmaXoAdekq0dtjtI66/WbQVWmT7RfiSKHW:siBv6a3skq0tjtXUVxTcSd","tlshash":"0f928e5b9c941b08c5afb33302226244d6b0a8b893faf4d7dd4422fb34ad9575d7ca93","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-05-12T23:43:20.869663Z","times_seen":149,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/currency/quotation_new","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:31.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6Ijl2eVFlSU0wdmRkTWlCVXBjaXNhM1E9PSIsInZhbHVlIjoiVmdFa0NkY0lBRzMxRk9JSkMxWjJPNnppQmYzS0lZMW5PTlJJa0VpK0pOXC82cHBicHhVRHhhdnliMXI3dmhpckNjTkpjQndWcVoxYTBxS0MwdXNUdE5LQ2RqNmNzRlJ5Z1RUUng3dyt0TlN6eFFUSEtsWWNhcUo3MlU2anN1YUk1IiwibWFjIjoiZWQyMjQ2MzNiM2Q4ZGIzZjgwNTJmMzczYmQ1MDdhM2NmNzJlYmI0NmUxMTgxMjk5OWZhMDhlMWRiNzI2NjYwMSJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:32 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IkRoU1lUeDY0Tkxmcisyb0lON09iNXc9PSIsInZhbHVlIjoiR2FhRDZhbG5uZjZEYUs5U3NaUEZ4RVZVMm05bUdcL000QUdLMlhnN0tOVFcwRWdlVFVPSWhhTzlZOXBMVUxQXC9USzNMVWNjSFVkWXNiRjA5dWF5dXFcL24xWFwvTEFCSDFQSFhoSEJLamxRR0cwd1U2YVJFd1E3Vk1FcERwdENRa2k4IiwibWFjIjoiNWE1NzExYmIxMTExY2RlMmU0MjQ3MTdhYzdjYjk4ZjNmZTRlYzU2NGU5MTEzNTRlZTc5MThlYWY3YzYyZjRkNyJ9; expires=Mon, 09-Feb-2026 00:57:32 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14886,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"de33bc673d6a8e0f2730e72233d8ae36","sha1":"78b2e0cae7f4c383189d9f56275c761aaa82937c","sha256":"4070abf07a2b190df1a475134ea783721c9de851df70dfd854d33031f05ae087","sha512":"5fde22db605a024d39ec586a79fc9b5723d9501d4da58803659f346d237adc111b6659492864849f42cd05053e07119dc3be78911cce5c21a5612a9e3c3e2bc2","ssdeep":"384:Ei8Rambsrjp7X3h9iVHHcsJOZ/zC4VkoCG1AmNA:Ei8I+s/p7X3LiVn5JOZ/zC4VkoCG1AmG","tlshash":"1a627e9d362c8a78c6f66ec1dedf32aa3555b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T22:57:46.424253Z","last_seen":"2026-02-08T22:57:46.424253Z","times_seen":1,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":457,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/common/lm_2.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_2.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-5a5\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1445,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 29 x 29, 8-bit/color RGBA, non-interlaced","md5":"06a43db0d552cb5a405ca74704a65705","sha1":"cc0890640d6c246c219ef4a93aedf0724a14f71c","sha256":"d857a8c315937da20836c04d2b4cedad4154c9e98726bd89ed00360ca9fd3fe4","sha512":"9bc8169a49a4fa5df08cbbb68af4dcd4372dfb6af0281c2d21e4f05c5a4c690f1cc7f8c148f0e36faead384049c910a36945fc3cc5ad3e2b695231d196ccfc44","ssdeep":"","tlshash":"8b3196dee94114c152ccad9311eb2023e5920c848eb5ba61f4cdd80b5e316f2016b9ef","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-05-12T23:43:20.858205Z","times_seen":129,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/upload/20260201033637/1769934997966502.jpg","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033637/1769934997966502.jpg HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImlwSUJISTZjSERDdmRDaVZpWHNzQ3c9PSIsInZhbHVlIjoiSTdvYTZYSU9DVmcyUEp2d1RGN2JLS2pZVU9qQmdsbW51WDBoMk1yWTMrM0hZT0pmQVZqUk9SeEo5Wk5tbjlRR2QwK1VaSTR4RnM2UUhTM2ZLSithUythanFYQm4rQkMwc2lEXC9aVUU0dlFuYk1vZzBBQ1wvcGEzVzcrUE9rVlBaRyIsIm1hYyI6ImY4YmVhNzJkNGJkM2I5Zjg0M2JiZWQ0OTc2MDYzODE5N2RiOTRhMTA4ZTk5OTI2MGExNDVhNGMzYWEzMTM1ODIifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:36:37 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f1095-10843\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67651,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x300, components 3","md5":"93e20a2a035535b2d3b7c64d60ffde5d","sha1":"36939500b110095a28f3673e189fa33a481da10a","sha256":"08acebf4c9747bd782a245a8fcec1daba468fa13a7a4e3eaa2c4739ddae9d449","sha512":"f63165887ff10ed652aa1cc02890966c249d2a8034359929e4793b2c493663fb1989529688854afcb1b7decbaae73a6c08430e45e879ae58ddddd1ed4a670256","ssdeep":"1536:qnTtgeHT6w6HU137Lku4QpmDlG7APIiExckvP9tGs3:qTvOkLJ4Qp3fzxrUs3","tlshash":"396302f0d1d662a7f223a4b57ae20dd0d34a070682c15929c5af3379d63e91d9e7c30a","first_seen":"2026-02-08T19:14:18.787403Z","last_seen":"2026-04-29T03:04:13.976404Z","times_seen":6,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.dcloud.net.cn/img/shadow-grey.png","fqdn":"cdn.dcloud.net.cn","domain":"dcloud.net.cn","tld":"net.cn"},"ip":{"addr":"106.54.228.253","port":443,"asn":45090,"as":"Shenzhen Tencent Computer Systems Company Limited","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:23.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dcloud.net.cn","organization":""},"issuer":{"commonName":"Certum Domain Validation CA SHA2","organization":"Unizeto Technologies S.A."},"validity":{"start":"Tue, 26 Aug 2025 11:47:17 GMT","end":"Fri, 25 Sep 2026 11:47:16 GMT"},"fingerprint":{"sha1":"47:A7:6C:09:6B:1D:CA:2D:7D:39:2E:C1:7F:15:DE:5D:F2:C4:0F:77","sha256":"EA:73:37:83:D0:38:44:D9:3C:0B:26:F0:DD:D1:22:2F:36:F7:F2:86:A1:B0:58:52:DE:4E:0A:21:D6:89:E7:3E"}}},"request":{"raw":"GET /img/shadow-grey.png HTTP/1.1\r\nHost: cdn.dcloud.net.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:24 GMT\r\ncontent-type: image/png\r\ncontent-length: 136\r\nlast-modified: Thu, 06 Jun 2019 06:42:07 GMT\r\netag: \"5cf8b5bf-88\"\r\nexpires: Mon, 09 Feb 2026 15:57:24 GMT\r\ncache-control: max-age=61200\r\nset-cookie: __uni__uid=rBEQg2mJFNS4vldqA2kFAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 6, 4-bit colormap, non-interlaced","md5":"5a962adf74d92ae702467b3f47976547","sha1":"36f74049375584e3fa69b5ef87e9572336ff9e7a","sha256":"ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f","sha512":"4ace23fe7ec6c7271710030fd423aace13eafac68ac3e76366ce4ce9bdc702caf71c9bdc2fb6a32c8e9791546098617cc0259decd8bb8489afdbce43e1b53a73","ssdeep":"","tlshash":"47c09bf3a615dc754a0d153b42e98271f429511e07046d0e5a13c216741e3448d56793","first_seen":"2023-04-15T10:50:30Z","last_seen":"2026-06-06T08:33:41.645733Z","times_seen":16176,"resource_available":false,"data":null}},"time_used":1599,"timings":{"blocked":664,"dns":35,"connect":270,"send":0,"wait":269,"receive":1,"ssl":358},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-08T22:57:18.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:19 GMT\r\ncontent-type: text/html\r\ncontent-length: 781\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\netag: \"6988bed5-30d\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":781,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (500)","md5":"037d0cc3dab778d5de8293d264e6f80d","sha1":"ee8bd35bd300d31472f23bc19e680ac29bd69ddd","sha256":"1c8f9db995ec1f8a78f5a561efbe46907a14e351aa4e5e7a358cfe956c811e79","sha512":"f10f89c4dec5782f6fcd1dd24ace80c913a04760b07412ff1589d389b54409577373aa5deb2668652b4c293b235f250c49778fa5ad03250ea6666cea4299d439","ssdeep":"","tlshash":"6901f1c31c10e94d0720865160b7e51e89e64af8699098503cdc6afc8be0b8ece7f814","first_seen":"2026-02-08T19:14:18.83651Z","last_seen":"2026-02-09T10:35:46.505762Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1475,"timings":{"blocked":592,"dns":1,"connect":290,"send":0,"wait":291,"receive":0,"ssl":298},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/pages-assets-index~pages-help-center-center~pages-index-index~pages-my-my~pages-template-index~pages~b3704ff9.b773dd6a.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/pages-assets-index~pages-help-center-center~pages-index-index~pages-my-my~pages-template-index~pages~b3704ff9.b773dd6a.js HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-3acd\"\r\nexpires: Mon, 09 Feb 2026 10:57:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15053,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14993), with no line terminators","md5":"f859d14fe39edcb03812712f505c2761","sha1":"2815db46a64e229fab8d72208800c560298b5d03","sha256":"15c2e11c7ac1efa736c851cb64b91986498b9ae2fee6e48387f61c453cbe5d36","sha512":"48ab6a5b5bc9f8ea9270c4791df535b091fc970b02cf953786f113671c12c6337b73190e624922ecaaa20beea5bc3a8e19e705f7a9c6d5f8da11a62a2352c2d3","ssdeep":"384:aHLKgcjwyIUpH1BGtfb+3j9ytmyKHIPquJOHhrGq0V:YypG1Y9wqKOHhrGq0V","tlshash":"5662c778b0cab0371a87d12520af3a04512b7995c418eff4f7b5f0e54bf91cd226ab5a","first_seen":"2026-02-08T19:14:18.793712Z","last_seen":"2026-02-09T10:35:46.495855Z","times_seen":5,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/common/lm_1.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_1.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-924\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2340,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced","md5":"61f8ea6fbd16fc43bc0c6494dd5497b2","sha1":"e74dc56ebf8db750c596e04ff4869095f92759b0","sha256":"d7f415acd4fcc86908ae1b87639a54b4b435817926f44f89cbd2943bc993c277","sha512":"3861cc97c99d9b09b536b1f46a93e31c92a95c0c5439700883d40eab47f14b898521d765478cc738cf4371c6ae6d297a63c46a4cabfeab28be4a06aee6e1e1ae","ssdeep":"","tlshash":"95411a49ef40580293aabc8036e50801f90b4400a761e0b377cec4675de17f868259e7","first_seen":"2023-09-28T10:38:08Z","last_seen":"2026-04-29T03:04:13.964689Z","times_seen":8,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/upload/20260201033138/1769934698439598.jpg","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033138/1769934698439598.jpg HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImlwSUJISTZjSERDdmRDaVZpWHNzQ3c9PSIsInZhbHVlIjoiSTdvYTZYSU9DVmcyUEp2d1RGN2JLS2pZVU9qQmdsbW51WDBoMk1yWTMrM0hZT0pmQVZqUk9SeEo5Wk5tbjlRR2QwK1VaSTR4RnM2UUhTM2ZLSithUythanFYQm4rQkMwc2lEXC9aVUU0dlFuYk1vZzBBQ1wvcGEzVzcrUE9rVlBaRyIsIm1hYyI6ImY4YmVhNzJkNGJkM2I5Zjg0M2JiZWQ0OTc2MDYzODE5N2RiOTRhMTA4ZTk5OTI2MGExNDVhNGMzYWEzMTM1ODIifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:31:38 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f0f6a-14f2e\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85806,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 745x300, components 3","md5":"dd1156d1210d00cc170acacf6c8f480a","sha1":"24f2beddbe4d5f2ec2de535468cef10df069d076","sha256":"2cba7dfcd132dc991279ba74288f87cafdf4ceda3aa9b4bacd9c4e8d7fd3b6da","sha512":"a86aa4eddc716c878289ea0b6916acb4d0f7ea2bfce9facd1734f255dbce25b6a8771c9ca1af772b631e289df63db8a6fcd10ff588af77c813da134ba8812e21","ssdeep":"1536:nYt3f1ipp6deQk8TYbd8BgUZywn3HnaPPWLREYLegZ5nA6mvNBv5snPqyMA:Yt30P2bk8Ubd4ws3HnaPPW+4ZDmPv5sN","tlshash":"63831267e9c4723766b3567da53f3e0639dc3e64e4aad9cd08e908012d24acc6f41c6e","first_seen":"2026-02-08T19:14:18.84086Z","last_seen":"2026-04-29T03:04:13.992313Z","times_seen":6,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":335,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/tabbar/ic_tab5_nor.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/ic_tab5_nor.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-67f\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1663,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit/color RGBA, non-interlaced","md5":"587b6a1c8e6f1734750ab3404cd98b87","sha1":"103f46253058408cdcfb1b723b25963872f18f3b","sha256":"4849b92fd70888cad93fda975d3fb17601bc47745917fd59a001e5d621685546","sha512":"b246872ad09de24564fa0fd6f88fba1700abd5d49807fe2f50f41b967bd1a556b7b63d08d6f2eacc4ab68005fe1e92d37fdfffab88b38dd530c72fc1835a267a","ssdeep":"","tlshash":"eb311a474d080ecc44ee162238bb9ca3e96ba07a14137c1d8dc15c37ba7a20e4481233","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-05-04T13:31:01.629805Z","times_seen":26,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/favicon.ico","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.858Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImFcLzBaSjBtNUVDVngwbWVMVzkrYldRPT0iLCJ2YWx1ZSI6Im8reng3OTZsRWNTbEdxWjFRM0NKditweFNISjIwSEtRZUhpWEdCRTNnSnFzUFZcL21XYUpZQkZUaG95VUFHVHZtbUdnVEJLcEVxOWpWcWg5dzRXVzJlXC9rbkxhWU1HWWhrSDkwOUpwenRlYWNpT3ZxZ3BLcmRlMnNldm4yWmRRejAiLCJtYWMiOiIzNTk5MTI1ZGQ1NWQzMzRmNmM0ZmNhMjMyNGRlYjE2MWEzY2VkZWM4ODkyNjQ3ODZjOTJlNDg0NDhkMWY2NjEzIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 13952\r\nlast-modified: Sat, 31 Jan 2026 22:49:36 GMT\r\netag: \"697e8700-3680\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13952,"size_decoded":0,"mime_type":"image/x-icon","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, progressive, precision 8, 459x465, components 3","md5":"748f25583b6fae1a370dfbf5132bd953","sha1":"0f88963e0d6a0c80eba389c70d34931572cee7d4","sha256":"c034a7daaca915341227171303e08c9a0051e9488850dfb4170a0c11a375f287","sha512":"9544136947c4e979cbe1fe9f70cde195995c0d1d733e72260be40b6902b462a21f283ef29b85515208f59e0aa9c3ee1d6ebe53a5ccb140a83ee65fcce9b9ace8","ssdeep":"192:KgGN39OVyn6OtqjEhZNqNkGDx3j4CGyNd3kc31NndrDTPybIOVMxw0giFA+BOUG8:x1sBqQkx0WHFHDTPE50g0A+BOHowsjx","tlshash":"1e52bf866265aad5eabe0a3fc23c4cb20f2ba15c2d08c1ef551045e6fe1e7246e46d25","first_seen":"2026-02-07T12:28:02.09111Z","last_seen":"2026-02-11T10:37:47.484641Z","times_seen":9,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":291,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/index.9e8dad38.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:19.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/index.9e8dad38.js HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:19 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-7d07a\"\r\nexpires: Mon, 09 Feb 2026 10:57:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":512122,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (56913), with no line terminators","md5":"859767a18ef25a4614d6e64b7a0c00f1","sha1":"36ec808ed778ab9ee2ed4a321cbcfd5cc4eda83b","sha256":"4ce5c09a10580e4e91c38df8fce0cda5d62eabace28e3919aa2bac58187b4646","sha512":"2a5c85034f5c78105125be629ccb4dfadff51be6a4a8dc7ec2587dadb133b99a4ba9b2bfa783e1a94553bbab4c4de2040c3b058c7e56efab320ab6f76ec06c16","ssdeep":"12288:358Xy5PauVWdFYtSmBaVr/PiHkBBSB+BGykdz3ueE3vQ522HoAKbL1olCw5hOwWx:J8OhVWdFYgBSBCBolC0dfTA99","tlshash":"a8c42949e6cb634c0dda30c5784b7bfa7bbb4cf1934adc9f82b8eb1016fa9a09155450","first_seen":"2026-02-08T22:57:46.429757Z","last_seen":"2026-02-08T22:57:46.429757Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/upload/20260201033547/1769934947478145.jpg","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033547/1769934947478145.jpg HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImlwSUJISTZjSERDdmRDaVZpWHNzQ3c9PSIsInZhbHVlIjoiSTdvYTZYSU9DVmcyUEp2d1RGN2JLS2pZVU9qQmdsbW51WDBoMk1yWTMrM0hZT0pmQVZqUk9SeEo5Wk5tbjlRR2QwK1VaSTR4RnM2UUhTM2ZLSithUythanFYQm4rQkMwc2lEXC9aVUU0dlFuYk1vZzBBQ1wvcGEzVzcrUE9rVlBaRyIsIm1hYyI6ImY4YmVhNzJkNGJkM2I5Zjg0M2JiZWQ0OTc2MDYzODE5N2RiOTRhMTA4ZTk5OTI2MGExNDVhNGMzYWEzMTM1ODIifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:35:47 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f1063-5a60\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23136,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 533x300, components 3","md5":"a5d8ed3b0d05c7d82af332161b46f12a","sha1":"2c5328e30a73d1d9829239d5404a750f92b616b5","sha256":"66c1a7fbb57d632b10f0bf2b53fdf9f22d0bddfd130e9e922c090e3b11fd63a3","sha512":"1fb4c102aec3df290096596f22b42d220f4895e51ff785e2424b3f79e978cce076734ac0d3850cb7077aafe26003c457421c6d07285a18959951be519bda4c55","ssdeep":"384:qYNg7ldMgGMVSWBZ6zgaBUTjNwLBPuHY8uX0JTp8/IjcnQpI/ZS5:qYy5dMg9VLDxTKLBWHYLIT/2QI/W","tlshash":"3fa2be19f60a8675d8adf7bd2c6e3b5233e5b1b6a330e152b90f8ce2d3940234b49056","first_seen":"2026-02-08T19:14:18.806754Z","last_seen":"2026-04-29T03:04:13.995169Z","times_seen":6,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/currency/quotation_new","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:36.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImwwWVVzUUtxcEVcLzMrZHdwOFwvMVlxQT09IiwidmFsdWUiOiJhYTRpbEgzcUY0NDNCZnBZUzFwczV1blwvWitvRmRDQ3I2M0MzSUVlNm9VYU1mUUQ2b0NvMHVvNE00NVpTMFNVOHI0ZXF0am8ybXFjYWl2dTcwbUZcLzNhXC8wcHJrNzAwZ25oUFMxODRYdGN2XC9LWVdpanVncVdXXC9GM3BLSWs0dmpnIiwibWFjIjoiYmQ1NmE4ODlkNjUyYjEwYWM2ZDViODk3NjAzOGM4MzlhY2NmZmYzMzYxNmY0MGUyN2FhMjgzOTcyYWRjNjFhZiJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:37 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6InRxQVVMNHhyS1JiZFUycm5SbEhvNmc9PSIsInZhbHVlIjoiXC9wc0NXcnQ0STMzRWFtMTZ1MjIrZjRJR1Foc0tcLzR1anNtbHhFUEEzUzVuV1NUeWIxMG9KZlA2c0ZSd2NadjIxbVp4bFJVMytnbmx5dGxJRCs3RkVpOVRydUp2bzJoQnVsWHU1RzZLOFhZMzdRQkl6YW12OGFSNVZ0bkJOMWlmMSIsIm1hYyI6ImQ1YTg4MTM1MGQxZDgzZWZjMDY3ZjdhMzNkZWMyODMyNDVhN2RmMGJlZDUyNWI4ZTUxZDRhOWJhN2JkNjE1NzUifQ%3D%3D; expires=Mon, 09-Feb-2026 00:57:37 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14886,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b814fe36547b601c22a0d7760c32b4dc","sha1":"26de2aa7cfcb427157d64585b0f3a9133a644d8a","sha256":"37c33406d535c4b75db61a0c352a3915141231b4ad574b8e99cacf4d889bae62","sha512":"e949465edf3f811b9ee2d47a5c1d16c4e7e1decfd9c1926688bf6f9a07c1cf4887fe30d15c39f8529fefb03a896d6d05d1641f0e67a3853e7fa0a00772b0fc26","ssdeep":"384:Ei8RaybBrjp7X3h94VHHcsKOZ/zC4Vyo6G1AmNA:Ei8IKB/p7X3L4Vn5KOZ/zC4Vyo6G1AmG","tlshash":"a7627f9d361c8a78c6f6aec1dedf32aa3554b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T22:57:46.431031Z","last_seen":"2026-02-08T22:57:46.431031Z","times_seen":1,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":464,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/home-help.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-help.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-e4f\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3663,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 71 x 71, 8-bit/color RGB, non-interlaced","md5":"7846338ba84cff5f06fdd7508450bbf0","sha1":"5af7c1b7502af3c0396c951d0e1447f4b5a15ace","sha256":"131b50606f648276be3eaf571f44b39071a8933acda4520c9198bc78bf02c11a","sha512":"e9c691fa1180b69957127324f00ce67c60125f635e2576d601d221f46fc2b6d34ab46cac0a8bd274d461b2e0e86db66603f64745adfd10a70227f9b7269e55e2","ssdeep":"","tlshash":"0f715dd3fc4099a46e30649a90f544dbea425f48cfd0f45aab96d81a02583f8b4c96ff","first_seen":"2023-10-24T23:07:08Z","last_seen":"2026-04-29T03:04:13.972537Z","times_seen":11,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/common/lm_5.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_5.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-615\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1557,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 23 x 29, 8-bit/color RGBA, non-interlaced","md5":"7045dfb26a5920ae530b250d26167e2e","sha1":"924eaa15ece9d75817c3008a9deb198871a85f38","sha256":"96e893a98d7c621f83902a037ebba8d22e3e8e920af91aae576dbfe60d2b9223","sha512":"b6e7fbe774e3e5ff27a5eb20f88b4e5d8e39df8886ae40f3567626621245b5109be59a886ddb25dd33ca938ddc5f09c904cda921d90a9a6c4584dbce5e14301b","ssdeep":"","tlshash":"df31d787fa40aaa11109ef4125f28522dd778c94f9d0be20d4d768570970afb8c1b7e7","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-05-12T23:43:20.860071Z","times_seen":118,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/upload/20260201033738/176993505898356.jpg","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /upload/20260201033738/176993505898356.jpg HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImlwSUJISTZjSERDdmRDaVZpWHNzQ3c9PSIsInZhbHVlIjoiSTdvYTZYSU9DVmcyUEp2d1RGN2JLS2pZVU9qQmdsbW51WDBoMk1yWTMrM0hZT0pmQVZqUk9SeEo5Wk5tbjlRR2QwK1VaSTR4RnM2UUhTM2ZLSithUythanFYQm4rQkMwc2lEXC9aVUU0dlFuYk1vZzBBQ1wvcGEzVzcrUE9rVlBaRyIsIm1hYyI6ImY4YmVhNzJkNGJkM2I5Zjg0M2JiZWQ0OTc2MDYzODE5N2RiOTRhMTA4ZTk5OTI2MGExNDVhNGMzYWEzMTM1ODIifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sun, 01 Feb 2026 08:37:38 GMT\r\nvary: Accept-Encoding, Accept-Encoding\r\netag: W/\"697f10d2-8ebe\"\r\nexpires: Mon, 09 Mar 2026 08:38:41 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":36542,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 662x300, components 3","md5":"6b4d349ce9f8b6b7da02a04e717235b0","sha1":"14a20a3237cce29c4c063d2bca9829fb3322e10f","sha256":"7890222957ceb677bebceada8d89bea15f07aea54ff138523f924d4dc31c5adc","sha512":"6a04db546dc14915349d75ba7a72f2d38f27ba91d84254429d83408a8358b7413d9609df41ec9c32bc533baa78c47e5f7a19c2276d9ee1ace8b3b03b327dffe6","ssdeep":"768:f7C4+GxA4pTQ87V0jMsbd0c4gCpBQgEmHVRSIp49u/v1:DCfL4XV8MsbdX4gCpKgEmHbSIpV1","tlshash":"67f2c01e4a44cfe674dc6b7042e38b933a8bdc77891794423503a52b26d77fda92703a","first_seen":"2026-02-08T19:14:18.79657Z","last_seen":"2026-04-29T03:04:13.994354Z","times_seen":6,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/currency/quotation_new","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:27.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6IlVmTEtrQTBtR09BT1wvN3hZNk9vc21nPT0iLCJ2YWx1ZSI6Im5RR3hoSVZ2TlVlbGRhMHF2S0o1TlRPem9kN3JNdkdDRFZ5NktKZjZsUk1pbUtpK1MwbjhDQWxjRWhXVFBpYk4yYVFMNTBPOUM2Q1U0MlJ4WVVMdTIzaWVwWGJOOXlMT0lUVDZrdDN1eEZMK3VvNWp5QkZEY2x2MEcwQVZ3am80IiwibWFjIjoiMWMxNmQ1ODVjMTRmMDg3ZGI1NmNhZDJmY2FkMTQxZjJhNTQwZDZjOGIyYzczNzM4YWM5NzhjMjk3OTYyMmIyYyJ9\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:27 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IjRHNHpIMUlNeDJadUJwUlYyb1NxUXc9PSIsInZhbHVlIjoiQUdETlNPUmhsT3NBbFwvOEZZbFwvRzJwNmdtRVp1OE1UakFRYjNiQnRpbEc3WUtCVmlORkZIQll1UlhYa1M1Z3czajdjZmFINkFmalJtOURTXC9aVkpFQjdQcGxHYXFpbEUxQTRDbkJEekVKYUtyWVVMMW5cL3VSQU9xb1UzRnZ5RTB6IiwibWFjIjoiMTk5YTBiOGYyYTc5OWE2NTdkY2Y4NzFiYTA0MzRiOTIxYTFkNjEzMDZkZDhiYjM0YjhhZTJkNWVkZDIzNTczMSJ9; expires=Mon, 09-Feb-2026 00:57:27 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14886,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4092d610f99c0d4fa92157ebd88fcac7","sha1":"6a1256273ee21a45d39d1f36ec9c0223522ce278","sha256":"9de145932a7a8eeae0bac6728852653f7053bb9eaaea507350125b958f812bbb","sha512":"b9e94f33a552b74dd2dfb98cfb81196b5f1a232b90eedf96c7c75fe79128acef4101c8fd2126405a9a80699742698103108c9a50ee56a34a89b771f3451e1368","ssdeep":"384:Ei8Ratb2rjp7X3Y9NVHHcsJOZ/zC4VToCG1AmNA:Ei8IZ2/p7X3gNVn5JOZ/zC4VToCG1AmG","tlshash":"f3628e9d362c8a78c6f66ec1dedf32aa3555b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T22:57:46.433453Z","last_seen":"2026-02-08T22:57:46.433453Z","times_seen":1,"resource_available":false,"data":null}},"time_used":428,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/pages-index-index~pages-publication-details.3baea1c0.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/pages-index-index~pages-publication-details.3baea1c0.js HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-4298\"\r\nexpires: Mon, 09 Feb 2026 10:57:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17048,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16970), with no line terminators","md5":"6c1f69c00f0ba2389a87a0b8a6f80049","sha1":"0147446a71c4dba7718589ef0ff2e6af05fcd87e","sha256":"293679e8fd5878681f8de40e0ef66d4c1aab8db604527d580feda0124560a383","sha512":"d163d050b31aec9940af0027b8e337f995625291adde574aec872b8d9efb99a42ae7ead58ccbbb5d941c3d1a7a4c6c3b270add8bf4ca1a8f468d3fcb5a385e20","ssdeep":"384:tA5CFlqPQgnXl0HqVs5jxUvYYRFkGbscGTsZa:tA5C3qh8VUvLRFkGbKaa","tlshash":"7572f98cf0c6b415069761b2803f6705013aa985b1179b9cb7baeaf14e6998c3363f7d","first_seen":"2026-02-08T19:14:18.817351Z","last_seen":"2026-02-09T10:35:46.480091Z","times_seen":5,"resource_available":true,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/news/list","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"POST /api/news/list HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nContent-Length: 14\r\nOrigin: https://krakens-vip.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":14,"data":"c_id=5\u0026lang=en"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6ImlwSUJISTZjSERDdmRDaVZpWHNzQ3c9PSIsInZhbHVlIjoiSTdvYTZYSU9DVmcyUEp2d1RGN2JLS2pZVU9qQmdsbW51WDBoMk1yWTMrM0hZT0pmQVZqUk9SeEo5Wk5tbjlRR2QwK1VaSTR4RnM2UUhTM2ZLSithUythanFYQm4rQkMwc2lEXC9aVUU0dlFuYk1vZzBBQ1wvcGEzVzcrUE9rVlBaRyIsIm1hYyI6ImY4YmVhNzJkNGJkM2I5Zjg0M2JiZWQ0OTc2MDYzODE5N2RiOTRhMTA4ZTk5OTI2MGExNDVhNGMzYWEzMTM1ODIifQ%3D%3D; expires=Mon, 09-Feb-2026 00:57:22 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1023,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cf47ba2e8775779243fb29b22d3b97b5","sha1":"93b5ebc165cbe033135342c41bd3ebacc98ab3de","sha256":"9c807e552ffb8f498cf071f84643e65a13ccf9a872897203d2a8113b2f784a4c","sha512":"0f732a5973d726f0e2336d26a9acc6c36fa89bae5d00209a25867cfe22bd70b37e7ba10a276c5e18941bcb38f4608785adc22ddc3054c81f7cd0a792f797bc21","ssdeep":"","tlshash":"381157be09c6c77fe0940dc2d4e7a16c32ed8913ab22196537c55cc8ce2c2a59c2bc57","first_seen":"2026-02-08T19:14:18.832482Z","last_seen":"2026-04-29T03:04:13.988838Z","times_seen":6,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/common/bg_dark.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/bg_dark.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-12c39\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76857,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 458 x 238, 8-bit/color RGBA, non-interlaced","md5":"83a93ef276bd4d559bd024bef0f84dd5","sha1":"1a2e3e4675b4fe09899f741b389f3fdb51c4bc40","sha256":"cbb3606ea77f33898c90df41f20bd06a1c4fb22898e22c26e9f34b8f3dc137f0","sha512":"70bb3a4aa3249bad4d1dc0ef0a374b55e676061ad16faa7b68154c45143d865cd9eb4bab5b5926f82dcdca25b234ce213e8e06a4434658cc4af803ff85d5eb5f","ssdeep":"1536:sm52a2JRQSf7ZjZ1I5CvKWZHU+0Gi/HtH0ahddb0+07IJQ0OXMUpOxhUERH:/2au1I5C7RU+0GiPl0aBot7IJCe","tlshash":"e97302552ee1fa4d2578d060b2c9cf3799062d2366e857a8f365c2970fe8e801491bce","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-05-12T23:43:20.852635Z","times_seen":120,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/tabbar/tabbar-assets-dark.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-assets-dark.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-558\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1368,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit colormap, non-interlaced","md5":"b7d1ed286ef7dd75235d11960ea94094","sha1":"45a5a2c2eea7315ff1f48656dfe0a904383798f3","sha256":"3b4efde762d54f9ae461a20ca983e8a53db301efb7efec686792791066c845c9","sha512":"561254d5e93e984b40a462e8bc7932a1e1120075ad5587e254e1cdc9b6da7ad28c76732a834f13271fb104ddee215c3c1a77d67c885808e2deed3e7a3173eea5","ssdeep":"","tlshash":"a2212672378eb9c45f31b62d5318f1d2d29389b91b21f9a768c98b26b00096559adb02","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-05-04T13:31:01.692769Z","times_seen":25,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":554,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/tabbar/tabbar-option-dark.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-option-dark.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-dd4\"\r\nexpires: Tue, 10 Mar 2026 22:57:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3540,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit/color RGBA, non-interlaced","md5":"d883d0fcd09ffb995d282ad715119fac","sha1":"48206a2fd5f5127745c8a77c4f39a71bfc10995a","sha256":"8e3ea2da53fe58d88068b19b25420b74416eee2ffa10563331dd842cd377a4a5","sha512":"128d59e13722357285b7e367c9fda7f3fb305fd3124d77cff7cb1f2c915ed551c7a4de6a8cc4832f22e47a67fc1000e711806e27d80de15636f470c749e64f3e","ssdeep":"","tlshash":"4d716cea4160722dc2803114cab2f754682cab042ed7eb4031edf7493cdb490d24923b","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-04-29T03:04:13.981111Z","times_seen":13,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/currency/quotation_new","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6ImFcLzBaSjBtNUVDVngwbWVMVzkrYldRPT0iLCJ2YWx1ZSI6Im8reng3OTZsRWNTbEdxWjFRM0NKditweFNISjIwSEtRZUhpWEdCRTNnSnFzUFZcL21XYUpZQkZUaG95VUFHVHZtbUdnVEJLcEVxOWpWcWg5dzRXVzJlXC9rbkxhWU1HWWhrSDkwOUpwenRlYWNpT3ZxZ3BLcmRlMnNldm4yWmRRejAiLCJtYWMiOiIzNTk5MTI1ZGQ1NWQzMzRmNmM0ZmNhMjMyNGRlYjE2MWEzY2VkZWM4ODkyNjQ3ODZjOTJlNDg0NDhkMWY2NjEzIn0%3D; expires=Mon, 09-Feb-2026 00:57:22 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14886,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9167954b2458322ded696d95b7361771","sha1":"eab9a5a52d603661dcaac49f4c608cc06be9f9ad","sha256":"852b8436abf7199d175ca76ad493f1834d307e073fc013066338dfe6184e14c3","sha512":"dbbf5779a37a24dd10299b6d2b6b577ab755d6faf17a1b82628bff6b95e5928e3340bca99b866c25d077c8d8478273b6e6c869b263e1eb14c366da836becc4ab","ssdeep":"384:Ei8BWahb2rjp7X3Y9lVHHcsGOZ/zC4VmoWG1AmNA:Ei8F92/p7X3glVn5GOZ/zC4VmoWG1AmG","tlshash":"27627e8d362c8a78c6f66ec1dedf32aa3555b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T22:57:46.437169Z","last_seen":"2026-02-08T22:57:46.437169Z","times_seen":1,"resource_available":false,"data":null}},"time_used":436,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":436,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/news/list","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"POST /api/news/list HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nContent-Length: 14\r\nOrigin: https://krakens-vip.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":14,"data":"c_id=4\u0026lang=en"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6ImZtMjljQ0x5Y1IrblpxZ2NkYzNFZ3c9PSIsInZhbHVlIjoiZnlIUlJaajF4aHFXSUxiTXZFNlZKV2s2R2Z4dGQzSU9kMDZoc2JJSHI0QTI2RlBuU3FycDFxNHhFd1wvWlJYc1NMbFVzYkJWZnVXbVFUZGFqd2ZrZEtSU21Pc1ZJTnBHU0FsVml4c1ZaeFh3TnJWaUQxbVAyYWJiYWxXUzNlM05tIiwibWFjIjoiMjQzYjllMWNjMmNiMjRkMzc3YTFmZDg0YTJmMGU1NGI4ZTdhMDJmMTcxZTk0NDkwOTc0NWQzNmJhZmExN2E1MiJ9; expires=Mon, 09-Feb-2026 00:57:22 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"bace47e4713844c973de88e19678c6e0","sha1":"570e51227d00a907a45f9f546ffb472fa5f0f7da","sha256":"42692ab1be49a1606270fb6a6e639cb4eb95db75580cd4645b64d8ed88b3073e","sha512":"461b0fc2193876a9e6cf68eb09d070c01736b653b92c47690ab586575fcbc894ce6e14a941aa224ab2602100c055516a006cd9444b582fa40b658211720e97f1","ssdeep":"","tlshash":"1ba0222020000cba8b0a22e2300b30a2888c20808f0383000ac0a00cc38c0ac2822a3f","first_seen":"2023-08-27T03:45:08Z","last_seen":"2026-05-20T05:31:39.733355Z","times_seen":136,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/home-kefu.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-kefu.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-80a\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2058,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 39 x 43, 8-bit/color RGBA, non-interlaced","md5":"4d15c9ce96267ef3b00850ed58bd1908","sha1":"2bf8620e820d6afe4844e47da3dcf0fee5e011fd","sha256":"aa1b5f16b69804fb738086b60976974cb10d7c12c27930e9c858297ebe4fd36d","sha512":"b5f28e43c0972b844fa3deb78e5726673e166f9728b6c6c8ff1fee6b15da0efbb73b01dfcd74e9f27c5edc0076d3f07bc3363b527d55325f30c4ee8b12ef59b4","ssdeep":"","tlshash":"07410a5eff617c10c486a6ca2cfb5842ed4a85487a50906b3adbc85e1e706f209485ca","first_seen":"2023-07-07T09:47:56Z","last_seen":"2026-04-29T03:04:13.986532Z","times_seen":17,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/tabbar/tabbar-trade-dark.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/tabbar/tabbar-trade-dark.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-a33\"\r\nexpires: Tue, 10 Mar 2026 22:57:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2611,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 69 x 69, 8-bit/color RGBA, non-interlaced","md5":"7111f84eded0b3ea2dc4ca9a7c616b7e","sha1":"1ad33b1e551c0ea721ce5b01a24b34d26ae4b3ba","sha256":"e8a3f96249ec55f58f1834b64afaf1177984cdb4d363d5b06fe635d8384cb0e5","sha512":"dfbb1fe04fe1de4ef2aca236e0631aa2c0c853ee5b7e8457e15740ab5879159ad1bb6d4e57bcdf95a8976aec6526a2a67a4bcd9d23fb1d547234f5bdf92bb3c4","ssdeep":"","tlshash":"97513a47c27107b9ebeb833be7040808d945101d4c5689587aa62948ee6b3f82bcd37e","first_seen":"2023-05-04T09:53:33Z","last_seen":"2026-05-04T13:31:01.67919Z","times_seen":26,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/home-cz.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-cz.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-335c\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13148,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 181 x 129, 8-bit/color RGB, non-interlaced","md5":"7bf7730bab7a67b1d3e0635468112a86","sha1":"782d7882cdfda025faa2fce0de47f66c61cef028","sha256":"9880930b8b34f51e546637e091c76a968beb0b507faa8edfec49ec971295c811","sha512":"f74e38c5c6fece18b1107751abc06588555d9e3fde6a5ac234e80e461699925ea2cdb59458c2f44d7cc43faff24e609a399e4056278082d7b38586a159f209bd","ssdeep":"384:b5dfJJIoAGyrG8pnNLtCOgHjfAcBEr2YU:5hAGyK8NNLPgDfVX7","tlshash":"d942d0475e658ca034d470a219ebd47c6cefeaa8ffa19c7b1859d05bb30d4a32042ccb","first_seen":"2023-07-07T09:47:56Z","last_seen":"2026-04-29T03:04:13.956773Z","times_seen":15,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/common/icon_gesture_avera_dark.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/icon_gesture_avera_dark.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-315e\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12638,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 168 x 168, 8-bit/color RGBA, non-interlaced","md5":"f5b2864919dd2ff0b2ddef076a5e47d0","sha1":"01683748192e622c2345e9bff81aab3485567fa3","sha256":"c6fac2bdcac5ed71bc1582e59814b4522b09763139300ff3326104850f7593aa","sha512":"da88985a9a6a61ffe4d70aa67a79fe2562be2b3bd5082cfa68c736ed6e1c1d179642068656db75a718908019e42d0347932031a478afd52bf267fd55be90197d","ssdeep":"384:856+z0KN7HyHYFvUgmTXMH/hOUmjk76xI6f:856Q2RSH/Cjk2S6f","tlshash":"9242d064e3258495cf5d66f4057bd143e5f2cd05b48ab0a1802bd0ee5b303bb9a09de5","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-05-12T23:43:20.866171Z","times_seen":116,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/js/pages-index-index.43ff5783.js","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:21.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/js/pages-index-index.43ff5783.js HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-136fd\"\r\nexpires: Mon, 09 Feb 2026 10:57:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79613,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65254), with no line terminators","md5":"898448c9bd5e8d6ef53d315cdea827fc","sha1":"351c0e7929224c35a0b55761bc2d9b2b6a7dbeb4","sha256":"b06a5a40ae3f3b0f70ac218f985a5dbe7e846bb07f77660bfd8c3b17642170b1","sha512":"0d4daf94ffa06d6201eaccafbfa85e680c5845f3919a2ada9f58e0bf9da7b175d56e667309565a31e193f4c4fb8be7b62a366cf5d9b5a28cde61ec2be5d052c2","ssdeep":"1536:U+sXKZn6K3elKbhoBlqWo8kjW3DVf8zYONE:pephkjiR","tlshash":"80732a14f08bf02fa85bd024206f6a1450362f65d115bfacf376a5d88eee6de2163b5c","first_seen":"2026-02-08T19:14:18.843454Z","last_seen":"2026-02-09T10:35:46.473923Z","times_seen":5,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/home-qihuo.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/home-qihuo.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-19cf\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6607,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 71 x 71, 8-bit/color RGB, non-interlaced","md5":"9e4d1c0231b504eaafadf5d71ad000d1","sha1":"9640064fda209f1eb5ca039cb3f65bca9f0cf2d8","sha256":"ba914ebaf47e8ca3f4a2cd0a0e453363a9a8e80a5a8781129badcb309bf7b8c3","sha512":"e3b487533b2d01434170a94dfd6d7cba812fdab016c85423448ec6b8a5d2e391d879cfdd86b0ac4ac105f60edf23d17432182ae0b7666a66983985190ef16d47","ssdeep":"96:BMYR2UV0qso6ZVz/7S+uAqozm1VsWpjWuWsYO2FbTLZHik9fcr4tuuCrQMjW:B9YNvzh4dWDsErH7uuIo","tlshash":"49d19dd9e873ab964fa8d26722dac80605a21695a3a3b052b57dd80fc3c45f6c52e0cc","first_seen":"2023-07-07T09:47:56Z","last_seen":"2026-04-29T03:04:13.963352Z","times_seen":11,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/images/common/lm_3.png","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:22.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/images/common/lm_3.png HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImhDUE03WjQxNWk1cjhJQ1lWY0FSNWc9PSIsInZhbHVlIjoiUXdGdkZLdU9tZ3d0VVwvOUNNZGRIeG1JTU5zTGhJWEI5SXc3MjFmVGtrWmlJcGlzQjJIQnREMnlYc3B5NW9ibFlUdHRvQ2RhYVZJOUhMWEU5eEpmUW9xRkY4VnJJaFB1REFxMUFKSmhyWXo2VTFtOVR6UVRIQ3QwY09KUG1cL0hjdyIsIm1hYyI6IjlmMjc0NmJjODhiY2IzM2JmNTY2MzM5ZmYyMGQxYmM0NjZkOGFlYmM3ZDBhYmZmOTFhODM1YjJjZmNjYThlZDAifQ%3D%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 08 Feb 2026 16:50:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed6-631\"\r\nexpires: Tue, 10 Mar 2026 22:57:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1585,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 29 x 26, 8-bit/color RGBA, non-interlaced","md5":"7e5274c84ee7d974cdba7500c76a1b2e","sha1":"4d0760d8ec261e132cec3dc399724d24e7d28a38","sha256":"79303baa446dcbd527ac1ff610fabd8f92c50daf5ff54bbe847ec90582cc5e44","sha512":"d0b462d43ad57f0e1ff22a4a50f12d2fea626cc840b38b18ab0b9c3700087e140b8c1515954f22ad9f50f0a3fa5ce3b8c8937c978ce60d396c65458a3db36581","ssdeep":"","tlshash":"1e31e7d8f623c481cacdb9e118fa8117b50b8c91669aa45d29cbc0291821af708748ef","first_seen":"2023-05-25T05:38:33Z","last_seen":"2026-05-12T23:43:20.862566Z","times_seen":128,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/static/index.883130ca.css","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:19.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /static/index.883130ca.css HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:19 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 08 Feb 2026 16:50:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6988bed5-1793e\"\r\nexpires: Mon, 09 Feb 2026 10:57:19 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96574,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"2de2f2d3943b4b382a28a439daff5939","sha1":"70d04e1c3567cb4f248b29046b98386f215a4d38","sha256":"8a35934d019c2b120a31ae6c51c75b2327f22637824b2a2c2faf4ce17ae9d4d8","sha512":"eba9271e30d6e4b21954078e3ccd839a55e1dcc8212fa375c18dce42104d19a92655c2f289401525b0c9565971a31573b928666515a3ca89b1801bbd48c1de95","ssdeep":"1536:OlIApuK7hmVmb2RS1Wu3xdynGJ7eh/nrhlvbc:VApuK7hmVrS1Wu3iG41nrPI","tlshash":"f393f73719012e39e52bcd26b6c1ab5a1e61c033e15307adfba47628cbcf9c9167b345","first_seen":"2025-07-20T12:48:29.443135Z","last_seen":"2026-06-06T06:55:10.667863Z","times_seen":2627,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakens-vip.com/api/currency/quotation_new","fqdn":"krakens-vip.com","domain":"krakens-vip.com","tld":"com"},"ip":{"addr":"141.140.14.45","port":443,"asn":53356,"as":"FREE RANGE CLOUD","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakens-vip.com/","date":"2026-02-08T22:57:24.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakens-pro.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Feb 2026 08:11:33 GMT","end":"Sat, 09 May 2026 08:11:32 GMT"},"fingerprint":{"sha1":"6E:32:AD:96:DD:12:FA:38:BA:46:ED:E7:0E:95:EE:2B:0C:9C:2F:0B","sha256":"4B:F6:6D:1B:0B:EB:FF:56:07:8B:DD:7A:68:80:C0:50:16:86:FB:69:B4:D0:17:16:9F:C4:6B:3E:52:58:0E:F2"}}},"request":{"raw":"GET /api/currency/quotation_new HTTP/1.1\r\nHost: krakens-vip.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/x-www-form-urlencoded; charset=UTF-8\r\nlanguage-mark: \r\nAuthorization: \r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakens-vip.com/\r\nCookie: angela_session=eyJpdiI6ImFcLzBaSjBtNUVDVngwbWVMVzkrYldRPT0iLCJ2YWx1ZSI6Im8reng3OTZsRWNTbEdxWjFRM0NKditweFNISjIwSEtRZUhpWEdCRTNnSnFzUFZcL21XYUpZQkZUaG95VUFHVHZtbUdnVEJLcEVxOWpWcWg5dzRXVzJlXC9rbkxhWU1HWWhrSDkwOUpwenRlYWNpT3ZxZ3BLcmRlMnNldm4yWmRRejAiLCJtYWMiOiIzNTk5MTI1ZGQ1NWQzMzRmNmM0ZmNhMjMyNGRlYjE2MWEzY2VkZWM4ODkyNjQ3ODZjOTJlNDg0NDhkMWY2NjEzIn0%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Feb 2026 22:57:24 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS,DELETE\r\naccess-control-allow-headers: x-requested-with,content-type,Authorization\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: angela_session=eyJpdiI6IlVmTEtrQTBtR09BT1wvN3hZNk9vc21nPT0iLCJ2YWx1ZSI6Im5RR3hoSVZ2TlVlbGRhMHF2S0o1TlRPem9kN3JNdkdDRFZ5NktKZjZsUk1pbUtpK1MwbjhDQWxjRWhXVFBpYk4yYVFMNTBPOUM2Q1U0MlJ4WVVMdTIzaWVwWGJOOXlMT0lUVDZrdDN1eEZMK3VvNWp5QkZEY2x2MEcwQVZ3am80IiwibWFjIjoiMWMxNmQ1ODVjMTRmMDg3ZGI1NmNhZDJmY2FkMTQxZjJhNTQwZDZjOGIyYzczNzM4YWM5NzhjMjk3OTYyMmIyYyJ9; expires=Mon, 09-Feb-2026 00:57:24 GMT; Max-Age=7200; path=/; httponly\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\", quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14886,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b5ca32a6506c87d6595753c37f6b577a","sha1":"40502495991f80dbcc8e2bfabfd120be54b0af26","sha256":"937424bc1c02549c9e42faa96068ebf5f1cfe9d07f08864feaf19df4759bb7e7","sha512":"0c2181fd96cb89ce3f2beca1ab0d12280168c018abebec6075af06fb5b915e50510fb070f880828685bbface2e89b1067ec91533117bfb06d88cec349aef89f8","ssdeep":"384:Ei8BWahb2rjp7X3Y9GGVHHcs4OZ/zC4VGocG1AmNA:Ei8F92/p7X3gGGVn54OZ/zC4VGocG1Ad","tlshash":"7f628e8d362c9a78c6f66ec1dedf32aa3555b10badc24f41c3ed5f8c028556be20b512","first_seen":"2026-02-08T22:57:46.442732Z","last_seen":"2026-02-08T22:57:46.442732Z","times_seen":1,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-08","alert":"Phishing Block","trigger":"krakens-vip.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-08","alert":"Sinkholed","trigger":"krakens-vip.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}