{"report_id":"d9414e02-54f1-4a8a-ae35-1597ea960fa4","version":0,"status":"done","tags":[],"date":"2026-06-28T10:12:26Z","url":{"schema":"http","addr":"krakenn.com.cn","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":0,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"krakenn.com.cn/","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"title":"Kraken官方下载中心 - 超过1000万用户的共同选择，平台累计交易额超2万亿","dom":{"size":27187,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"dab7aca3048b10357d08e3948ec94d3b","sha1":"8fd20333a76bc5e79bb2cf52d34c75d8139cc424","sha256":"526f97b2e06e51d4eb704b8834586fd279bf43fa738d0e75e2173f5c065cf439","sha512":"5139c2e8bdc84b18d4939b674364065e7c91ee5c6fbba5876e8d11fbc35be376cb1be111c24fd8146e5f4827860f296fc81cdeda793adb14e8ba762e248aadf7","ssdeep":"384:Sv+GLWinwM0IAUD5W3LwR4c7lsRctxQI0BuLARvvNWzqJmnI:qLWinwMFAUD5W3Lg4c5ectOVJk+JmnI","tlshash":"26c2c72631b160775813a29877a79b4e7364f203c50bce257add16848fcefe88dd3a49","dom_hash":"domhash2ca3acad02260a2439b77478c2bb2c41","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"krakenn.com.cn","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":0,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T10:12:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"krakenn.com.cn","ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2026-06-26","domain_rank":0,"first_seen":"2026-06-28T10:12:27.17802Z","last_seen":"2026-06-28T10:12:27.17802Z","alert_count":10,"request_count":10,"received_data":1274670,"sent_data":6256,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"collect-v6.51.la","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2005-01-17","domain_rank":348646,"first_seen":"2021-03-08T16:03:54Z","last_seen":"2026-06-22T17:54:50.377972Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":511,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"krakenn.com.cn/static/js/js-sdk-pro.min.js","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fc0b01d35300e8398d6e957987c01e7","sha1":"f1eb32c75b8d8e4b0555ebc2a5f5d1d60296f41e","sha256":"b164aafa0bb83dfe511912ca2ca475880bfffac8d8f098c947fd3d4af440d3a4","sha512":"fab84d067e724d45f35821d8f37c0cd4f608af2975de48a61b905dba89189ca8778b04b4d507e6417a4187193a3da2d0a8939c02bf2d39adb9733cffd2358401","ssdeep":"768:Xzz9qAO+a/y1jaKUiQU5enEU9GMXB0XXQVEXB3CNSPf:Xzz9qnT/c+KUc5enEU9GMXB/EXB3LPf","tlshash":"55f22d9577c0717cc3c782e9361b401ae1a69e810099a8acf345f594bd74e66a33ffa8","size":34329,"data":"","first_seen":"2023-04-05T07:31:50Z","last_seen":"2026-06-28T21:57:56.930207Z","times_seen":10100,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"d233ba1b9ec637a36c8bd0c73d6b2bbe","sha1":"8773c7c3e12fdd109c03c2a7eeb0f7b85056adc9","sha256":"cf0ab33373f6e1d21ef46a2187efefccfe5526078c0a4e569f2b7bb83dfb647f","sha512":"6a3150d5561952a310b38d2fe8971ce35f2888d63c5d3f8ea311c503b98df2c2e298e9c62ad606c1767ef232d6aef3a488250dbd49e3fda1841f0a02152c95d1","ssdeep":"","tlshash":"6c900200e443043da20c0002211a11431a71c642205b58062404c0cec07c802e8cd201","size":54,"data":"","first_seen":"2025-07-18T05:41:19.557877Z","last_seen":"2026-06-28T10:12:37.249822Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"2f469f0590adc4d67c4d37cf103edccc","sha1":"3566acd96e7f5ac75590b26ca446fc52b6771bb8","sha256":"392e175a273f7b215dde561f13c8168011f9649e907dd0fab633ae953b9a7ed1","sha512":"eb197d5e0ff7a3806545c182dc8efaaaa5ca682217962dc89f00b1dce0b5350fc65b6db5d9eca3bebed5a7ba6632e422f80bb1a6f28d8e02d63f62031f263018","ssdeep":"","tlshash":"2021d32e16b5603a007753ded38797d6712520cbb043dc453e9c49492f80ae24df19d6","size":1113,"data":"","first_seen":"2026-06-24T10:28:08.721884Z","last_seen":"2026-06-28T10:12:37.250597Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"krakenn.com.cn/static/picture/favicon.ico","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:12:00.060Z","timestamp":1782641520060,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/picture/favicon.ico HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/\r\nCookie: __vtins__3JCi3nUbtthN7oRx=%7B%22sid%22%3A%20%222c52c204-b35f-52e0-bb2b-2d3029204d74%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201782643319472%2C%20%22ct%22%3A%201782641519472%7D; __51uvsct__3JCi3nUbtthN7oRx=1; __51vcke__3JCi3nUbtthN7oRx=2426ef21-c60b-507f-b32b-d6fe97a51d86; __51vuft__3JCi3nUbtthN7oRx=1782641519479\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:12:00 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 15406\r\nlast-modified: Thu, 25 Jun 2026 13:25:29 GMT\r\netag: \"6a3d2c49-3c2e\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15406,"size_decoded":15680,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"ed1772b6d6961564bd5d17634c3f1290","sha1":"48cd4d28eeef891b7776bd6ee33ea9071339481b","sha256":"f9e29d5188a53d9220e162146f48d9a03166d9265ab53b4ecc56f70d9f521cb6","sha512":"3e6ff3db69e3b1cacf35a3b3e36aa4dd52a3445680b96a1708c885ff3ceadeaef2be63ba82ae63000aa9ffc851b68ee31a9cf5c0bd8de5fe4f3c81f883b9f2cd","ssdeep":"96:Am3RhJtsixnEp5dxdxdzQ8KnniASVNr4nmU:Am3JGiE/dxdxdzQd9hm","tlshash":"1262b9c397430200d16c273990afec198aab3f2063183826f732b6457bf76cb507a536","first_seen":"2025-03-04T09:36:51.435116Z","last_seen":"2026-06-28T10:12:37.233912Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1973,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1665,"receive":308,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T10:11:53.781Z","timestamp":1782641513781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:58 GMT\r\ncontent-type: text/html\r\nlast-modified: Fri, 26 Jun 2026 19:00:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3ecc39-6a9d\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27293,"size_decoded":7780,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"0f287eaa9960a098a4f93ce1e2ec8b30","sha1":"ea04dde386d52146002f9e30039b7baed5083c11","sha256":"66766e181e2cd6e88e6d09152496be3abb2b31b2c739cb9b1512b1c481701ec7","sha512":"4ddf552adfefc88a1dc38a2df1e5a6974a62bf576f7dd0d788ffd89d510e7172ea7ff70d7d8310ddb235c340a0e135b448141337cdeced72a758785c088cf613","ssdeep":"384:s7LWinw30IAUD5W3LwR4c7lsRctxQI0BuLlFEvNWzqJmnm:qLWinw3FAUD5W3Lg4c5ectOI4k+Jmnm","tlshash":"93c2d82631b160775813a29877a79b4e7364f203c50bce257add16448fcefe88dd3a49","first_seen":"2026-06-28T10:12:37.234894Z","last_seen":"2026-06-28T10:12:37.234894Z","times_seen":1,"resource_available":true,"data":null}},"time_used":4762,"timings":{"blocked":-1,"dns":3612,"connect":285,"send":0,"wait":290,"receive":0,"ssl":575},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/static/css/all.min.css","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:58.852Z","timestamp":1782641518852,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/css/all.min.css HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:58 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 25 Jun 2026 13:19:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3d2aea-19042\"\r\nexpires: Sun, 28 Jun 2026 22:11:58 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102466,"size_decoded":23137,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"8a06f5ef88753b401348d8014813a7aa","sha1":"d6c4ca4f22a0194d4c6d534bfc035a96bbb9ab7b","sha256":"172028341bf73bfda588ebef4c21dda2997e4756610659ae165429f0451b59dd","sha512":"8b02aafad1ff8c70234b95023121d4b02eecc51e3e37314a5aa6b8321f7c7b57ac7f0a53c5e94dd241409e8e57ac5e17d6148771ac9210d0ad2c44368d6bbdbe","ssdeep":"1536:vwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9rpgmLCa:P709gMGFiyPG9rimLCa","tlshash":"26a3b7f8e44c15d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2025-08-29T00:10:38.756039Z","last_seen":"2026-06-28T10:12:37.236608Z","times_seen":53,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/static/js/js-sdk-pro.min.js","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:58.886Z","timestamp":1782641518886,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/js/js-sdk-pro.min.js HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:59 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 25 Jun 2026 13:19:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a3d2aed-861a\"\r\nexpires: Sun, 28 Jun 2026 22:11:59 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34330,"size_decoded":13211,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (34109)","md5":"8fc0b01d35300e8398d6e957987c01e7","sha1":"f1eb32c75b8d8e4b0555ebc2a5f5d1d60296f41e","sha256":"b164aafa0bb83dfe511912ca2ca475880bfffac8d8f098c947fd3d4af440d3a4","sha512":"fab84d067e724d45f35821d8f37c0cd4f608af2975de48a61b905dba89189ca8778b04b4d507e6417a4187193a3da2d0a8939c02bf2d39adb9733cffd2358401","ssdeep":"768:Xzz9qAO+a/y1jaKUiQU5enEU9GMXB0XXQVEXB3CNSPf:Xzz9qnT/c+KUc5enEU9GMXB/EXB3LPf","tlshash":"55f22d9577c0717cc3c782e9361b401ae1a69e810099a8acf345f594bd74e66a33ffa8","first_seen":"2023-04-05T07:31:50Z","last_seen":"2026-06-28T21:57:56.930207Z","times_seen":10100,"resource_available":true,"data":null}},"time_used":557,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/static/picture/69f2c176814cfb335-327x56.webp","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:58.894Z","timestamp":1782641518894,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/picture/69f2c176814cfb335-327x56.webp HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1712\r\nlast-modified: Thu, 25 Jun 2026 13:19:41 GMT\r\netag: \"6a3d2aed-6b0\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1712,"size_decoded":1982,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2cfb374a5d2609e7091f70a8425bb99b","sha1":"16f1fd97d78cea9e2091e3a042b45ea4f42eb5d7","sha256":"dbcf219cf70c97fbc569c983e15569ecc734c597bbc74eabb376096129d454e7","sha512":"6b6597a07fae7d7e42e4a6aed57a7b88020499c29ec1279c5ea47d29586570bd9f56878a1dad9d00acb88be5bc6b005304c5a82e9ebdaabb3dcaea52917b6b1c","ssdeep":"","tlshash":"3031fa2d5bb45394812cac6996309c52e2d9d1432df0c772ace1325df9d3c19a0f0273","first_seen":"2026-06-24T10:28:08.705588Z","last_seen":"2026-06-28T10:12:37.241445Z","times_seen":6,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/static/picture/6eed12ecb89bee4eb23ddc692a354f34400f0f62-2531x1300.webp","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:58.896Z","timestamp":1782641518896,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/picture/6eed12ecb89bee4eb23ddc692a354f34400f0f62-2531x1300.webp HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 362316\r\nlast-modified: Thu, 25 Jun 2026 13:19:41 GMT\r\netag: \"6a3d2aed-5874c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":362316,"size_decoded":362590,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"48e9b91104bd6301f064e4d092688e1f","sha1":"192d4b5521d63dd813cec87c77f949d49570216e","sha256":"e8f861d9e76666740ce535962efe000f9fc5fbde767f2fd3f2caa165d7bff64e","sha512":"e1c9e465479a283cc9144cb7d4c6018b5cdbf3d261c46aae3f5c1eb04484158ae01ea25b91e6364cd61127dd274cc682de3a04572518fc26a08fdd02b35cc353","ssdeep":"6144:h+z55QlaiW9H9xt+wIdsfig6tD0HvJHT6YYgpw0faFH5xYlc/BSbysBMneFHm3Wy:hI5iKXvIHge0H5T6fgpwrfWyGQ3214","tlshash":"d37423d6b7cf2b598ef37b78ea44ca2dbf6536d220d285248d4295c882d7e328cdd150","first_seen":"2026-06-24T10:28:08.717202Z","last_seen":"2026-06-28T10:12:37.242442Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3764,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":874,"receive":2890,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"collect-v6.51.la/v6/collect?dt=4","fqdn":"collect-v6.51.la","domain":"51.la","tld":"la"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:59.489Z","timestamp":1782641519489,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /v6/collect?dt=4 HTTP/1.1\r\nHost: collect-v6.51.la\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nContent-Length: 388\r\nOrigin: https://krakenn.com.cn\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-28T22:32:17.700922Z","times_seen":16806438,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/static/fonts/fa-solid-900.woff2","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:59.552Z","timestamp":1782641519552,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/fonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/static/css/all.min.css\r\nCookie: __vtins__3JCi3nUbtthN7oRx=%7B%22sid%22%3A%20%222c52c204-b35f-52e0-bb2b-2d3029204d74%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201782643319472%2C%20%22ct%22%3A%201782641519472%7D; __51uvsct__3JCi3nUbtthN7oRx=1; __51vcke__3JCi3nUbtthN7oRx=2426ef21-c60b-507f-b32b-d6fe97a51d86; __51vuft__3JCi3nUbtthN7oRx=1782641519479\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 156532\r\nlast-modified: Thu, 25 Jun 2026 13:19:40 GMT\r\netag: \"6a3d2aec-26374\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":156532,"size_decoded":156806,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 156532, version 773.256","md5":"d465bccb9edf0873f021f66d4b09d89c","sha1":"214f3c71de28c682602aecd39e9ad2bba15f1b0c","sha256":"f4c5a5b297e623bc159679563a4d1eb16e409ca3b57698fbc00fd2c907dadae0","sha512":"35d7523f48386e89b1cad6a47df65d64415ab9c45e6425bb4ab25ac9510f6d2e9de3d7cad79c2491660e885d7a38d3ffa9e93eb50ae045fbd072deaf114e10b8","ssdeep":"1536:HrPC5zUBeCGcReONEpKZZbwEPvdThY0E2eXOtr9pVhw+J3E6gbzlPAzJ+Zn+PMY6:TC5oNnZbwC9Wie+B9pVSeE6dMZnaBi","tlshash":"00e313b58f11a1c781b12217db1a54f8da785eec5e3f968cc5a07786214dd4f93dcca0","first_seen":"2024-01-04T18:36:36Z","last_seen":"2026-06-28T22:03:09.155231Z","times_seen":8302,"resource_available":false,"data":null}},"time_used":2800,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1610,"receive":1190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/static/picture/fb335-327x56.webp","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:58.892Z","timestamp":1782641518892,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/picture/fb335-327x56.webp HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 870\r\nlast-modified: Thu, 25 Jun 2026 13:19:42 GMT\r\netag: \"6a3d2aee-366\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":870,"size_decoded":1139,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e6b81fb5943ecae9e4e95e4e64dc9b7c","sha1":"fbd717a5cbe09dcfe1fed6e20ff34b0171e49aa3","sha256":"545612cff2cd5927569e7c569e364b5317dde0549c01b7eed75a8f29b617dd47","sha512":"314efe6a43279138de3cf3c15f7d6638621fb9156fcbde24762c929c413da078aaf9ede7d5e4d75a372e0b63c6eeff79d5ebdec3d1dea2ab1da0d361f61b0f0a","ssdeep":"","tlshash":"25116535d5161206c5c6cd304708839990a998bda78e446f3cdabdb380ce146e71e349","first_seen":"2026-06-24T10:28:08.712848Z","last_seen":"2026-06-28T10:12:37.246895Z","times_seen":6,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/static/picture/ee9293217b1dcec8bd29b5e90013e91901634793-3083x1464.webp","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:58.895Z","timestamp":1782641518895,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/picture/ee9293217b1dcec8bd29b5e90013e91901634793-3083x1464.webp HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:59 GMT\r\ncontent-type: image/webp\r\ncontent-length: 454186\r\nlast-modified: Thu, 25 Jun 2026 13:19:42 GMT\r\netag: \"6a3d2aee-6ee2a\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":454186,"size_decoded":454460,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a0c490b82944aac8a3deaf0a4027a8df","sha1":"d7600dc7daff0be5400a3614fe32a7f95a3be8e6","sha256":"b979f2bd66b729f688b4f064cc4d9d109a322ab99358117e2621e94d6b179d46","sha512":"46c9db32e7c8c0a1ace98587cfc2b96c21c604f8bf0b9ec89b9a767dc12d1978c428a61ccabdce4b9fb30df12e8129e81835882fe4f0eb2272c8fa0e0d4ee5d0","ssdeep":"12288:wCYobQhfYBz8suc+GEidZSOi5Rgg27u3Hr2:SVYBYsdFd9i5eg27R","tlshash":"c2a42379571cbd687f8f21afe138e9f8508b5bc01c013a66f850a90725a4c7afd32d99","first_seen":"2026-06-24T10:28:08.708538Z","last_seen":"2026-06-28T10:12:37.248138Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3406,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":572,"receive":2834,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"krakenn.com.cn/static/fonts/fa-brands-400.woff2","fqdn":"krakenn.com.cn","domain":"krakenn.com.cn","tld":"com.cn"},"ip":{"addr":"103.149.200.229","port":443,"asn":142032,"as":"High Family Technology Co., Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://krakenn.com.cn/","date":"2026-06-28T10:11:59.554Z","timestamp":1782641519554,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"krakenn.com.cn","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Fri, 26 Jun 2026 15:00:00 GMT","end":"Thu, 24 Sep 2026 14:59:59 GMT"},"fingerprint":{"sha1":"5F:5C:D7:48:88:54:D6:10:6B:D7:FC:79:F1:33:10:8D:CF:EC:D5:D2","sha256":"52:84:61:89:8E:63:E4:69:33:D2:D7:90:28:9A:5A:D6:47:FD:A4:0A:AB:77:16:B4:4E:75:A4:DF:DD:B0:CD:63"}}},"request":{"raw":"GET /static/fonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: krakenn.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://krakenn.com.cn/static/css/all.min.css\r\nCookie: __vtins__3JCi3nUbtthN7oRx=%7B%22sid%22%3A%20%222c52c204-b35f-52e0-bb2b-2d3029204d74%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201782643319472%2C%20%22ct%22%3A%201782641519472%7D; __51uvsct__3JCi3nUbtthN7oRx=1; __51vcke__3JCi3nUbtthN7oRx=2426ef21-c60b-507f-b32b-d6fe97a51d86; __51vuft__3JCi3nUbtthN7oRx=1782641519479\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 10:11:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 116672\r\nlast-modified: Thu, 25 Jun 2026 13:19:39 GMT\r\netag: \"6a3d2aeb-1c7c0\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116672,"size_decoded":116946,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 116672, version 773.256","md5":"0474ccd4d3ec29857f1e7f8b9c56df8b","sha1":"3e8f0f46b2949dcc309f65fff1372b9a05e8f480","sha256":"b66b3da5ff7b2db79b6cb5a22c3e762e2bf16958a11987e69eeb1980bbbcdfb0","sha512":"2ab61a54ee830519d0aacba1e12f1ad920aedddea8e682cebe51bec78ecd7bbc403343f8e00b45afe804a954a52eb5dcc70983bb01239c36422f8e6f18e0bb5e","ssdeep":"3072:y+cQdfEX4HdgCsxZhk8minCk+uU254aiRt3kLVzLm/j+G01Z:KQdfjIiib+uUe1EK66G4","tlshash":"0fb313cfd4276bdf0a65cf3fc2034e4f3b586c1254b9bcc540b3617826a6862274aa5c","first_seen":"2024-01-04T18:36:36Z","last_seen":"2026-06-28T21:59:08.931685Z","times_seen":3634,"resource_available":false,"data":null}},"time_used":2461,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1607,"receive":854,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"krakenn.com.cn","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}