{"report_id":"d2ee25f8-ec99-4907-99c5-9a011598877b","version":6,"status":"done","tags":[],"date":"2026-02-18T13:19:06Z","url":{"schema":"http","addr":"krakexn8.vip","fqdn":"krakexn8.vip","domain":"krakexn8.vip","tld":"vip"},"ip":{"addr":"104.21.8.232","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"krakexn8.vip/","fqdn":"krakexn8.vip","domain":"krakexn8.vip","tld":"vip"},"title":"krakexn8.vip/","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"krakexn8.vip","fqdn":"krakexn8.vip","domain":"krakexn8.vip","tld":"vip"},"ip":{"addr":"104.21.8.232","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-25T13:19:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"krakexn8.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"krakexn8.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"krakexn8.vip","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-27","domain_rank":0,"first_seen":"2026-02-18T13:19:06.414024Z","last_seen":"2026-02-18T13:19:06.414024Z","alert_count":6,"request_count":3,"received_data":17824,"sent_data":1434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"krakexn8.vip/","fqdn":"krakexn8.vip","domain":"krakexn8.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"99f627175d32deced3144853ae54119f","sha1":"b9c761a937e659864b4f04fbf3d132c8d5c72e98","sha256":"85765635423c64ae5bcad7124ca3f875207202eab7339219f772abb11944e1e1","sha512":"ca22ddbf642440e4f4ad9cf8446737931589848bb2d0acd04419299905cf6336a380389f0eb417a68e6f53c4c9bda61489bbf641448f26129d68ca92ae95d2d1","ssdeep":"96:mq9hafUCzCSDKCfhpq+hqqGtdMVZI3o5R3w3fo8C+Nqn0Si:d9hafUCzCSDKCfhpq+hqqGtd2ZI45RgT","tlshash":"a7913e67b0e3005845a37a644baf732c393b600b3a0adde47d5e1b609f57f625482bce","size":4453,"data":"","first_seen":"2025-11-24T21:16:20.877428Z","last_seen":"2026-05-31T17:09:56.37932Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"krakexn8.vip/","fqdn":"krakexn8.vip","domain":"krakexn8.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-18T13:18:45.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakexn8.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 12:22:51 GMT","end":"Mon, 27 Apr 2026 13:19:26 GMT"},"fingerprint":{"sha1":"42:24:43:8F:E0:D1:EF:22:36:5D:22:59:39:4C:17:E0:07:A7:37:CB","sha256":"6F:67:AD:20:45:75:8B:50:D4:7A:20:6C:B5:A2:21:AD:B4:2F:BB:82:BD:86:CD:0C:7A:8B:38:EC:80:76:CC:C9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: krakexn8.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Feb 2026 13:18:45 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Thu, 29 Jan 2026 20:46:37 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LdJ4TlIYoCT8iNdGHP7B4burvBAenS4l6zoyCz%2B673qdcAlQO4QPzuZDdWk4WsK4V7wBgw47hMdBGNhsSp29wS7NmKN09QS5jHktxg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9cfdcfebed2c6e70-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10790,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"a94cf09d11d3bcab3ca6d961167e5d42","sha1":"05038eeab9c8fe632402cdd0617983a80092750f","sha256":"f575362fb161a660ee78538b8fccc9bf7b459f5b36d7ba87ad2c6db2537d6188","sha512":"13130ff2cbf4d2da55dec18421908fc0c0b1ee5d6b992c133e0a206b44c8f4acb9e60fcd3a325650f9bbfeea8c7548f8f814d8dd827ee02ce6d5b1496b42b486","ssdeep":"192:vS6WuJz9Cc5T+KeP5VPkLrhkohUxSPNS6J1Dg6VEHnhZBt9HLtm9hafUCzCSDKCB:vS6DT28HJtUdrtmja8ItTEaIARgvY/","tlshash":"b1225367a8e300596457a2641ffb332d3635900b7746cda83f9d2ba48f83f858453bd9","first_seen":"2025-11-24T21:16:20.874299Z","last_seen":"2026-06-16T17:48:31.622955Z","times_seen":35,"resource_available":true,"data":null}},"time_used":415,"timings":{"blocked":37,"dns":1,"connect":8,"send":0,"wait":340,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"krakexn8.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"krakexn8.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakexn8.vip/favicon.ico","fqdn":"krakexn8.vip","domain":"krakexn8.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakexn8.vip/","date":"2026-02-18T13:18:45.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakexn8.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 12:22:51 GMT","end":"Mon, 27 Apr 2026 13:19:26 GMT"},"fingerprint":{"sha1":"42:24:43:8F:E0:D1:EF:22:36:5D:22:59:39:4C:17:E0:07:A7:37:CB","sha256":"6F:67:AD:20:45:75:8B:50:D4:7A:20:6C:B5:A2:21:AD:B4:2F:BB:82:BD:86:CD:0C:7A:8B:38:EC:80:76:CC:C9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: krakexn8.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakexn8.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 18 Feb 2026 13:18:46 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XYTDnVPG65FLXoHd5KQmSGg3MkYoUsKUcR5ZKG6%2BomPezj9TC4A%2Biu8YzrLLCwJn9tkjN4Kd%2BdlRxcRQH4AFnP6WyYustIpqA1qmsQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9cfdcfef88974435-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-06-17T07:16:25.156621Z","times_seen":527724,"resource_available":true,"data":null}},"time_used":367,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":367,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"krakexn8.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"krakexn8.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakexn8.vip/index.html","fqdn":"krakexn8.vip","domain":"krakexn8.vip","tld":"vip"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://krakexn8.vip/","date":"2026-02-18T13:18:45.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakexn8.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 27 Jan 2026 12:22:51 GMT","end":"Mon, 27 Apr 2026 13:19:26 GMT"},"fingerprint":{"sha1":"42:24:43:8F:E0:D1:EF:22:36:5D:22:59:39:4C:17:E0:07:A7:37:CB","sha256":"6F:67:AD:20:45:75:8B:50:D4:7A:20:6C:B5:A2:21:AD:B4:2F:BB:82:BD:86:CD:0C:7A:8B:38:EC:80:76:CC:C9"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: krakexn8.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://krakexn8.vip/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ndate: Wed, 18 Feb 2026 13:18:45 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LY6axqPFf4jnP4Ib5BiN3SLNNbqMPwXRt9jIO64H4PJ%2B0%2Fp2cn6dtID9v798gmeoSA3xU1VQ776LQhQlypPcohKwNy2oqQmtTefpsw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9cfdcfef98ad4435-ARN\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5002,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (396)","md5":"5688cf1b105de25fa6c7151c58a61800","sha1":"fee7968482e76d5ca4b894151de63454761d52fe","sha256":"f12be4a6fc1240a0d53e1a42fa45dcd01944c1dabe8b4f3bb40167564fef955e","sha512":"0d14c2b99c06fffae94395f9f463deb7bb4eb586bf543a4da030f00a97e566e3c0e16f1f976c13541e89abaef0a8c4dc4ce0b6f29548cf9dbfd2b35bf85ef294","ssdeep":"96:fjFj7jOjEHDK/D5DMFGzLeiO/t8GbGLGqZNeBu17RLlvaQxvbzM:fjFj7jOjEjK/VounOVLjqZyu171lCejI","tlshash":"fda18572f9bd047f20d34172a1bdb70a79a5c147cb9a08907abcc2751f8af55aa132c5","first_seen":"2026-02-18T13:19:08.198488Z","last_seen":"2026-02-18T13:19:08.198488Z","times_seen":1,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"krakexn8.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-18","alert":"Sinkholed","trigger":"krakexn8.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}