kraken15.com
Open in
urlscan Pro
2606:4700:3034::ac43:9965
Malicious Activity!
Public Scan
Effective URL: https://kraken15.com/
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On December 18 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by GTS CA 1P5 on December 9th 2023. Valid for: 3 months.
This is the only time kraken15.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3032::ac43:d419 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3034::6815:55ec | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 7 | 2606:4700:303... 2606:4700:3034::ac43:9965 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 7 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
1 | 80.239.201.62 80.239.201.62 | 1299 (TWELVE99 ...) (TWELVE99 Arelion) | |
19 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 4182 |
77 KB |
7 |
kraken15.com
1 redirects
kraken15.com |
14 KB |
2 |
kraken3y.com
1 redirects
kraken3y.com |
2 KB |
1 |
ymetrica1.com
ymetrica1.com — Cisco Umbrella Rank: 19234 |
590 B |
0 |
yandexmetrica.com
Failed
yandexmetrica.com Failed |
|
19 | 5 |
Domain | Requested by | |
---|---|---|
7 | mc.yandex.ru |
1 redirects
kraken15.com
mc.yandex.ru |
7 | kraken15.com |
1 redirects
kraken3y.com
kraken15.com |
2 | kraken3y.com | 1 redirects |
1 | ymetrica1.com |
mc.yandex.ru
|
0 | yandexmetrica.com Failed |
mc.yandex.ru
|
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
kraken3y.com GTS CA 1P5 |
2023-12-09 - 2024-03-08 |
3 months | crt.sh |
kraken15.com GTS CA 1P5 |
2023-12-09 - 2024-03-08 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-08-14 - 2024-01-24 |
5 months | crt.sh |
ymetrica.com GlobalSign ECC OV SSL CA 2018 |
2023-11-09 - 2024-05-02 |
6 months | crt.sh |
This page contains 1 frames:
Frame:
https://kraken15.com/
Frame ID: 1CC6141D297ABB210CF14D2018C6248E
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://kraken3y.com/?shiny
HTTP 301
https://kraken3y.com/?shiny Page URL
- https://kraken15.com/ Page URL
-
https://kraken15.com/cdn-cgi/phish-bypass?atok=kYwKNnR2oNZ3vpNFDrI08OQvHDOWH1kTob4MlZE7Sds-170294...
HTTP 301
https://kraken15.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://kraken3y.com/?shiny
HTTP 301
https://kraken3y.com/?shiny Page URL
- https://kraken15.com/ Page URL
-
https://kraken15.com/cdn-cgi/phish-bypass?atok=kYwKNnR2oNZ3vpNFDrI08OQvHDOWH1kTob4MlZE7Sds-1702940439-0-%2F
HTTP 301
https://kraken15.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://kraken3y.com/?shiny HTTP 301
- https://kraken3y.com/?shiny
- https://mc.yandex.ru/watch/95569303?wmode=7&page-url=https%3A%2F%2Fkraken15.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1481479612125%3Ahid%3A152427497%3Az%3A540%3Ai%3A20231219080048%3Aet%3A1702940448%3Ac%3A1%3Arn%3A30298465%3Arqn%3A1%3Au%3A1702940448100823164%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1120%2C3%2C5%2C5%2C1%2C972%2C0%2C3064%2C%2C%2C2100%3Aco%3A0%3Acpf%3A1%3Ans%3A1702940444897%3Afip%3Ad016179f98a107575108abf9eda4267c-7c13c1602140ddc5f7d57a8fa9ca1835-a81f3b9bcdd80a361c14af38dc09b309-7950ec0297c12322859860922e071362-9230c6148b308eff52b2603a42c19482-19396ffc3fc57f3ee254fd03b5a8991c-f0eaeb6e92f429938c122a827688e814-01a9a22cefa196b3bf31ced1f54219f0-a81f3b9bcdd80a361c14af38dc09b309-dde46cea954502e0477d424d60d1b8df-0215267af34257564ab5d7a61af4806e%3Arqnl%3A1%3Ast%3A1702940448%3At%3AKRAKEN%20DARKNET%20MARKET&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)fip(1)ti(1) HTTP 302
- https://mc.yandex.ru/watch/95569303/1?wmode=7&page-url=https%3A%2F%2Fkraken15.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1481479612125%3Ahid%3A152427497%3Az%3A540%3Ai%3A20231219080048%3Aet%3A1702940448%3Ac%3A1%3Arn%3A30298465%3Arqn%3A1%3Au%3A1702940448100823164%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1120%2C3%2C5%2C5%2C1%2C972%2C0%2C3064%2C%2C%2C2100%3Aco%3A0%3Acpf%3A1%3Ans%3A1702940444897%3Afip%3Ad016179f98a107575108abf9eda4267c-7c13c1602140ddc5f7d57a8fa9ca1835-a81f3b9bcdd80a361c14af38dc09b309-7950ec0297c12322859860922e071362-9230c6148b308eff52b2603a42c19482-19396ffc3fc57f3ee254fd03b5a8991c-f0eaeb6e92f429938c122a827688e814-01a9a22cefa196b3bf31ced1f54219f0-a81f3b9bcdd80a361c14af38dc09b309-dde46cea954502e0477d424d60d1b8df-0215267af34257564ab5d7a61af4806e%3Arqnl%3A1%3Ast%3A1702940448%3At%3AKRAKEN%20DARKNET%20MARKET&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29fip%281%29ti%281%29&redirnss=1
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
kraken3y.com/ Redirect Chain
|
587 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
kraken15.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf.errors.css
kraken15.com/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-exclamation.png
kraken15.com/cdn-cgi/images/ |
452 B 541 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
kraken15.com/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
connect.min.js
kraken15.com/js/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
216 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
take_server.php
kraken15.com/modules/onion_servers/ |
5 B 533 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
kraken15.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 498 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.ru/watch/95569303/ Redirect Chain
|
415 B 498 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
ymetrica1.com/watch/3/ |
43 B 590 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p
yandexmetrica.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p
yandexmetrica.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
i
yandexmetrica.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
i
yandexmetrica.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user_storage_set
mc.yandex.ru/ |
0 144 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
95569303
mc.yandex.ru/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
95569303
mc.yandex.ru/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- kraken15.com
- URL
- https://kraken15.com/
- Domain
- yandexmetrica.com
- URL
- https://yandexmetrica.com:30103/p?t=UV%7CL7%2C!%22T%5Brwe%26D_%3EZIb%5CaW%2398Y.PC6k
- Domain
- yandexmetrica.com
- URL
- https://yandexmetrica.com:29010/p?t=UV%7CL7%2C!%22T%5Brwe%26D_%3EZIb%5CaW%2398Y.PC6k
- Domain
- yandexmetrica.com
- URL
- https://yandexmetrica.com:30103/i?t=UV%7CL7%2C!%22T%5Brwe%26D_%3EZIb%5CaW%2398Y.PC6k&a=Jkr%2Bm8oq9TvLnKug1OQi%2B5TnlMS251iOruc%2BrJnjfVQ%3D&b=QgwdJGmdH%2FOwj693usaZW6u8h5pbCDo0MzUMRcZVtHQ%3D&c=95569303&force-urlencoded=1
- Domain
- yandexmetrica.com
- URL
- https://yandexmetrica.com:29010/i?t=UV%7CL7%2C!%22T%5Brwe%26D_%3EZIb%5CaW%2398Y.PC6k&a=Jkr%2Bm8oq9TvLnKug1OQi%2B5TnlMS251iOruc%2BrJnjfVQ%3D&b=QgwdJGmdH%2FOwj693usaZW6u8h5pbCDo0MzUMRcZVtHQ%3D&c=95569303&force-urlencoded=1
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
kraken3y.com/ | Name: PHPSESSID Value: qmotd278baio6e2jjc62f1tlk6 |
|
.kraken3y.com/ | Name: _subid Value: 10e5sih42efke |
|
.kraken3y.com/ | Name: 965eb Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4NFwiOjE3MDI5NDA0MzksXCIxODlcIjoxNzAyOTQwNDM5fSxcImNhbXBhaWduc1wiOntcIjM1XCI6MTcwMjk0MDQzOSxcIjM2XCI6MTcwMjk0MDQzOX0sXCJ0aW1lXCI6MTcwMjk0MDQzOX0ifQ.AGR5l0M5SRAo5ghOFuPjT1BAkH2dX_kFg0fxpoayi_0 |
|
.kraken15.com/ | Name: __cf_mw_byp Value: kYwKNnR2oNZ3vpNFDrI08OQvHDOWH1kTob4MlZE7Sds-1702940439-0-/ |
|
kraken15.com/ | Name: tor_scheme_id Value: 1703437870 |
|
kraken15.com/ | Name: tor_port Value: 9146 |
|
kraken15.com/ | Name: session_id Value: a2249d841ebdcd55032f5378ebc47a05 |
|
kraken15.com/ | Name: connecting_hash Value: b2fb99b18c3bd3671b5be6f8af6f2f89 |
|
kraken15.com/ | Name: onion_server_id Value: 4 |
|
.kraken15.com/ | Name: _ym_uid Value: 1702940448100823164 |
|
.kraken15.com/ | Name: _ym_d Value: 1702940448 |
|
.kraken15.com/ | Name: _ym_isad Value: 2 |
|
.kraken15.com/ | Name: _ym_visorc Value: w |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kraken15.com
kraken3y.com
mc.yandex.ru
yandexmetrica.com
ymetrica1.com
kraken15.com
yandexmetrica.com
2606:4700:3032::ac43:d419
2606:4700:3034::6815:55ec
2606:4700:3034::ac43:9965
2a02:6b8::1:119
80.239.201.62
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
6ce0e5c79ba891a6f28d85b0718549033c2fac03746f757711ef277371148c57
6ece5ec330e1079cc93ba74784911f92ab4d5413e40c9c3410e1488f5850fb3a
9fa0fd5b129cc1062500cf31c6be66f6617d829c3e4ccf0dc7cdba46f992632e
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016