urlscan.io logo urlscan.io
SecurityTrails logo

kraken15.com Open in urlscan Pro
2606:4700:3034::ac43:9965  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kraken3y.com/?shiny
Effective URL: https://kraken15.com/
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On December 18 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3034::ac43:9965, located in United States and belongs to CLOUDFLARENET, US. The main domain is kraken15.com.
TLS certificate: Issued by GTS CA 1P5 on December 9th 2023. Valid for: 3 months.
This is the only time kraken15.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 7 2a02:6b8::1:119 13238 (YANDEX)
1 80.239.201.62 1299 (TWELVE99 ...)
19 5
1    2606:4700:3032::ac43:d419 (United States)

ASN13335 (CLOUDFLARENET, US)
kraken3y.com
1    2606:4700:3034::6815:55ec (United States)

ASN13335 (CLOUDFLARENET, US)
kraken3y.com
7    2606:4700:3034::ac43:9965 (United States)

ASN13335 (CLOUDFLARENET, US)
kraken15.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    80.239.201.62 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
ymetrica1.com
Apex Domain
Subdomains		 Transfer
7 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4182
77 KB
7 kraken15.com
kraken15.com
14 KB
2 kraken3y.com
kraken3y.com
2 KB
1 ymetrica1.com
ymetrica1.com — Cisco Umbrella Rank: 19234
590 B
0 yandexmetrica.com Failed
yandexmetrica.com Failed
19 5
Domain Requested by
7 mc.yandex.ru 1 redirects kraken15.com
mc.yandex.ru
7 kraken15.com 1 redirects kraken3y.com
kraken15.com
2 kraken3y.com 1 redirects
1 ymetrica1.com mc.yandex.ru
0 yandexmetrica.com Failed mc.yandex.ru
19 5

This site contains no links.

Subject Issuer Validity Valid
kraken3y.com
GTS CA 1P5		 2023-12-09 -
2024-03-08		 3 months crt.sh
kraken15.com
GTS CA 1P5		 2023-12-09 -
2024-03-08		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
ymetrica.com
GlobalSign ECC OV SSL CA 2018		 2023-11-09 -
2024-05-02		 6 months crt.sh

This page contains 1 frames:

Frame: https://kraken15.com/
Frame ID: 1CC6141D297ABB210CF14D2018C6248E
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kraken3y.com/?shiny HTTP 301
    https://kraken3y.com/?shiny Page URL
  2. https://kraken15.com/ Page URL
  3. https://kraken15.com/cdn-cgi/phish-bypass?atok=kYwKNnR2oNZ3vpNFDrI08OQvHDOWH1kTob4MlZE7Sds-170294... HTTP 301
    https://kraken15.com/ Page URL

Page Statistics

19
Requests

68 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

92 kB
Transfer

265 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kraken3y.com/?shiny HTTP 301
    https://kraken3y.com/?shiny Page URL
  2. https://kraken15.com/ Page URL
  3. https://kraken15.com/cdn-cgi/phish-bypass?atok=kYwKNnR2oNZ3vpNFDrI08OQvHDOWH1kTob4MlZE7Sds-1702940439-0-%2F HTTP 301
    https://kraken15.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kraken3y.com/?shiny HTTP 301
  • https://kraken3y.com/?shiny
Request Chain 9
  • https://mc.yandex.ru/watch/95569303?wmode=7&page-url=https%3A%2F%2Fkraken15.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1481479612125%3Ahid%3A152427497%3Az%3A540%3Ai%3A20231219080048%3Aet%3A1702940448%3Ac%3A1%3Arn%3A30298465%3Arqn%3A1%3Au%3A1702940448100823164%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1120%2C3%2C5%2C5%2C1%2C972%2C0%2C3064%2C%2C%2C2100%3Aco%3A0%3Acpf%3A1%3Ans%3A1702940444897%3Afip%3Ad016179f98a107575108abf9eda4267c-7c13c1602140ddc5f7d57a8fa9ca1835-a81f3b9bcdd80a361c14af38dc09b309-7950ec0297c12322859860922e071362-9230c6148b308eff52b2603a42c19482-19396ffc3fc57f3ee254fd03b5a8991c-f0eaeb6e92f429938c122a827688e814-01a9a22cefa196b3bf31ced1f54219f0-a81f3b9bcdd80a361c14af38dc09b309-dde46cea954502e0477d424d60d1b8df-0215267af34257564ab5d7a61af4806e%3Arqnl%3A1%3Ast%3A1702940448%3At%3AKRAKEN%20DARKNET%20MARKET&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)fip(1)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/95569303/1?wmode=7&page-url=https%3A%2F%2Fkraken15.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1481479612125%3Ahid%3A152427497%3Az%3A540%3Ai%3A20231219080048%3Aet%3A1702940448%3Ac%3A1%3Arn%3A30298465%3Arqn%3A1%3Au%3A1702940448100823164%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1120%2C3%2C5%2C5%2C1%2C972%2C0%2C3064%2C%2C%2C2100%3Aco%3A0%3Acpf%3A1%3Ans%3A1702940444897%3Afip%3Ad016179f98a107575108abf9eda4267c-7c13c1602140ddc5f7d57a8fa9ca1835-a81f3b9bcdd80a361c14af38dc09b309-7950ec0297c12322859860922e071362-9230c6148b308eff52b2603a42c19482-19396ffc3fc57f3ee254fd03b5a8991c-f0eaeb6e92f429938c122a827688e814-01a9a22cefa196b3bf31ced1f54219f0-a81f3b9bcdd80a361c14af38dc09b309-dde46cea954502e0477d424d60d1b8df-0215267af34257564ab5d7a61af4806e%3Arqnl%3A1%3Ast%3A1702940448%3At%3AKRAKEN%20DARKNET%20MARKET&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29fip%281%29ti%281%29&redirnss=1

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kraken3y.com/
Redirect Chain
  • http://kraken3y.com/?shiny
  • https://kraken3y.com/?shiny
587 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kraken3y.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:55ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
837b05ef2efb8a9f-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 23:00:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=em%2BBrLkMUQmVvukLHptJnXalVaxeBiG8Oy%2FoQUwI3ic%2BBIq0hlWnBmv3sC0BySXIlZtQ9dc%2FuFbi6%2FgFhsRLg1xcf0nZQeUq2VSFS6iff5ShtpaYuaeQc%2Bmnhp3SqQTsW476jigmS%2FPwnjQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
837b05ef0dbfe3a7-NRT
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 18 Dec 2023 23:00:38 GMT
Expires
Tue, 19 Dec 2023 00:00:38 GMT
Location
https://kraken3y.com/?shiny
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0USsob0DECtt3j9GQN0afQIYiSS9ApW3ke01RucfZWdOI0W%2FA%2BT2C%2Bji2XufFf13UqlOLcQwz73E5P3XI85JPZnJweZ%2FCfIhgQMvTQEVhO3YzCXh8%2FhMFpwdVBjGEWUSckZRWKdlD3EqhM0%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
/
kraken15.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kraken15.com/
Requested by
Host: kraken3y.com
URL: https://kraken3y.com/?shiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ece5ec330e1079cc93ba74784911f92ab4d5413e40c9c3410e1488f5850fb3a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://kraken3y.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

cf-ray
837b05f4dc25f6b5-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 23:00:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIUaiiGN4NreETyjbKymSMNE5ijmUaMXVPJAGk19NEATjJ9OajqPUnA9EUkx%2B6A2ajwefZiAezv%2BMjQhtjHTLjYBzI3pF9KjcbFX9JvQlyZ4wrjkfyjMDtTYiEKDCJs5H%2BJU9xMbuuBeybU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
kraken15.com/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kraken15.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: kraken15.com
URL: https://kraken15.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kraken15.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 18 Dec 2023 23:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Dec 2023 17:59:00 GMT
server
cloudflare
etag
W/"65735964-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
837b05f4ec32f6b5-NRT
expires
Tue, 19 Dec 2023 01:00:39 GMT
icon-exclamation.png
kraken15.com/cdn-cgi/images/ 		452 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken15.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: kraken15.com
URL: https://kraken15.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kraken15.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 18 Dec 2023 23:00:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Dec 2023 17:59:00 GMT
server
cloudflare
etag
"65735964-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
837b05f50c5bf6b5-NRT
content-length
452
expires
Tue, 19 Dec 2023 01:00:39 GMT
Primary Request /
kraken15.com/
Redirect Chain
  • https://kraken15.com/cdn-cgi/phish-bypass?atok=kYwKNnR2oNZ3vpNFDrI08OQvHDOWH1kTob4MlZE7Sds-1702940439-0-%2F
  • https://kraken15.com/
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kraken15.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce0e5c79ba891a6f28d85b0718549033c2fac03746f757711ef277371148c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://kraken15.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
837b06149d3ef6b5-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Dec 2023 23:00:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51gPqzGvZKjh76CfgJqpWyRO83ub84fI%2B1vp2GWVPC3dEEVH0Gmx0SjymfV%2FA7dlHzNZCXhHwUpIritI82USH4ty5RScuz3GGrKD68jc0C%2BJKbkbVthjcWAzg6IDmUkPfrV96p8l7oZhong%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000;
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache
cf-ray
837b06149d37f6b5-NRT
content-length
167
content-type
text/html
date
Mon, 18 Dec 2023 23:00:44 GMT
location
https://kraken15.com/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
connect.min.js
kraken15.com/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kraken15.com/js/connect.min.js?1
Requested by
Host: kraken15.com
URL: https://kraken15.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa0fd5b129cc1062500cf31c6be66f6617d829c3e4ccf0dc7cdba46f992632e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://kraken15.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 18 Dec 2023 23:00:46 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 10:24:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6527c94a-2c0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPAZtSY%2FQj3kAYWxUG0FV8QZrCX%2F4SF5p806Lu7MZ2fcs4JnQT4ovQ7qEYEK3O9ljjyEgyPMxFLH7%2BN8nTGCpAB9oXFx%2FWgH9K2E9pH0zcGajLAxkDDQCj7nNAKhbW9AnzGqqUsJrjvfUM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
837b061bbb44f6b5-NRT
alt-svc
h3=":443"; ma=86400
expires
Tue, 19 Dec 2023 23:00:46 GMT
tag.js
mc.yandex.ru/metrika/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: kraken15.com
URL: https://kraken15.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 18 Dec 2023 23:00:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Dec 2023 08:38:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65781bea-127c2"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75714
expires
Tue, 19 Dec 2023 00:00:47 GMT
take_server.php
kraken15.com/modules/onion_servers/ 		5 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken15.com/modules/onion_servers/take_server.php
Requested by
Host: kraken15.com
URL: https://kraken15.com/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:9965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 18 Dec 2023 23:00:47 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXOJq5wzAb2Gs0nO0AxfSNtTI1qFNyUtFW7nrk9Stro9HeD9d2wNoTLKhSBVd3Y0EFYVPxet1NHV4dObujt%2BHc%2BcQkqgs7MVoX9trhRFamMc3svw0taVimM%2F%2F4KFRgLnB7iyQ7mXGr8Xa50%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
837b0621bb6725ed-NRT
alt-svc
h3=":443"; ma=86400
/
kraken15.com/ 		0
0
advert.gif
mc.yandex.ru/metrika/ 		43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 18 Dec 2023 23:00:48 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Dec 2023 08:38:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65781bea-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 19 Dec 2023 00:00:48 GMT
1
mc.yandex.ru/watch/95569303/
Redirect Chain
  • https://mc.yandex.ru/watch/95569303?wmode=7&page-url=https%3A%2F%2Fkraken15.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-U...
  • https://mc.yandex.ru/watch/95569303/1?wmode=7&page-url=https%3A%2F%2Fkraken15.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen...
415 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/95569303/1?wmode=7&page-url=https%3A%2F%2Fkraken15.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1481479612125%3Ahid%3A152427497%3Az%3A540%3Ai%3A20231219080048%3Aet%3A1702940448%3Ac%3A1%3Arn%3A30298465%3Arqn%3A1%3Au%3A1702940448100823164%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1120%2C3%2C5%2C5%2C1%2C972%2C0%2C3064%2C%2C%2C2100%3Aco%3A0%3Acpf%3A1%3Ans%3A1702940444897%3Afip%3Ad016179f98a107575108abf9eda4267c-7c13c1602140ddc5f7d57a8fa9ca1835-a81f3b9bcdd80a361c14af38dc09b309-7950ec0297c12322859860922e071362-9230c6148b308eff52b2603a42c19482-19396ffc3fc57f3ee254fd03b5a8991c-f0eaeb6e92f429938c122a827688e814-01a9a22cefa196b3bf31ced1f54219f0-a81f3b9bcdd80a361c14af38dc09b309-dde46cea954502e0477d424d60d1b8df-0215267af34257564ab5d7a61af4806e%3Arqnl%3A1%3Ast%3A1702940448%3At%3AKRAKEN%20DARKNET%20MARKET&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29fip%281%29ti%281%29&redirnss=1
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 23:00:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 18-Dec-2023 23:00:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kraken15.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
415
x-xss-protection
1; mode=block
expires
Mon, 18-Dec-2023 23:00:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Dec 2023 23:00:48 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 18-Dec-2023 23:00:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/95569303/1?wmode=7&page-url=https%3A%2F%2Fkraken15.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A1481479612125%3Ahid%3A152427497%3Az%3A540%3Ai%3A20231219080048%3Aet%3A1702940448%3Ac%3A1%3Arn%3A30298465%3Arqn%3A1%3Au%3A1702940448100823164%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C1120%2C3%2C5%2C5%2C1%2C972%2C0%2C3064%2C%2C%2C2100%3Aco%3A0%3Acpf%3A1%3Ans%3A1702940444897%3Afip%3Ad016179f98a107575108abf9eda4267c-7c13c1602140ddc5f7d57a8fa9ca1835-a81f3b9bcdd80a361c14af38dc09b309-7950ec0297c12322859860922e071362-9230c6148b308eff52b2603a42c19482-19396ffc3fc57f3ee254fd03b5a8991c-f0eaeb6e92f429938c122a827688e814-01a9a22cefa196b3bf31ced1f54219f0-a81f3b9bcdd80a361c14af38dc09b309-dde46cea954502e0477d424d60d1b8df-0215267af34257564ab5d7a61af4806e%3Arqnl%3A1%3Ast%3A1702940448%3At%3AKRAKEN%20DARKNET%20MARKET&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29fip%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://kraken15.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 18-Dec-2023 23:00:48 GMT
1
ymetrica1.com/watch/3/ 		43 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ymetrica1.com/watch/3/1?
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.239.201.62 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 23:00:49 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 18-Dec-2023 23:00:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://kraken15.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 18-Dec-2023 23:00:49 GMT
p
yandexmetrica.com/ 		0
0
p
yandexmetrica.com/ 		0
0
i
yandexmetrica.com/ 		0
0
i
yandexmetrica.com/ 		0
0
user_storage_set
mc.yandex.ru/ 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/user_storage_set?key=cs&value=28382340
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 18 Dec 2023 23:00:50 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
content-type
text/html
95569303
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/95569303?wv-part=1&wv-type=7&wmode=0&wv-hit=152427497&page-url=https%3A%2F%2Fkraken15.com%2F&rn=184997188&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1702940451%3Aw%3A1600x1200%3Av%3A1190%3Az%3A540%3Ai%3A20231219080051%3Au%3A1702940448100823164%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Ast%3A1702940451&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 23:00:51 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 18-Dec-2023 23:00:51 GMT
content-type
image/gif
access-control-allow-origin
https://kraken15.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 18-Dec-2023 23:00:51 GMT
95569303
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/95569303?wv-part=1&wv-type=7&wmode=0&wv-hit=152427497&page-url=https%3A%2F%2Fkraken15.com%2F&rn=75718865&browser-info=we%3A1%3Aet%3A1702940452%3Aw%3A1600x1200%3Av%3A1190%3Az%3A540%3Ai%3A20231219080051%3Au%3A1702940448100823164%3Avf%3A3bfl5e3f9efni0jnvjn9zz6n%3Ast%3A1702940452&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Dec 2023 23:00:51 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 18-Dec-2023 23:00:51 GMT
content-type
image/gif
access-control-allow-origin
https://kraken15.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 18-Dec-2023 23:00:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kraken15.com
URL
https://kraken15.com/
Domain
yandexmetrica.com
URL
https://yandexmetrica.com:30103/p?t=UV%7CL7%2C!%22T%5Brwe%26D_%3EZIb%5CaW%2398Y.PC6k
Domain
yandexmetrica.com
URL
https://yandexmetrica.com:29010/p?t=UV%7CL7%2C!%22T%5Brwe%26D_%3EZIb%5CaW%2398Y.PC6k
Domain
yandexmetrica.com
URL
https://yandexmetrica.com:30103/i?t=UV%7CL7%2C!%22T%5Brwe%26D_%3EZIb%5CaW%2398Y.PC6k&a=Jkr%2Bm8oq9TvLnKug1OQi%2B5TnlMS251iOruc%2BrJnjfVQ%3D&b=QgwdJGmdH%2FOwj693usaZW6u8h5pbCDo0MzUMRcZVtHQ%3D&c=95569303&force-urlencoded=1
Domain
yandexmetrica.com
URL
https://yandexmetrica.com:29010/i?t=UV%7CL7%2C!%22T%5Brwe%26D_%3EZIb%5CaW%2398Y.PC6k&a=Jkr%2Bm8oq9TvLnKug1OQi%2B5TnlMS251iOruc%2BrJnjfVQ%3D&b=QgwdJGmdH%2FOwj693usaZW6u8h5pbCDo0MzUMRcZVtHQ%3D&c=95569303&force-urlencoded=1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Domain/Path Name / Value
kraken3y.com/ Name: PHPSESSID
Value: qmotd278baio6e2jjc62f1tlk6
.kraken3y.com/ Name: _subid
Value: 10e5sih42efke
.kraken3y.com/ Name: 965eb
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4NFwiOjE3MDI5NDA0MzksXCIxODlcIjoxNzAyOTQwNDM5fSxcImNhbXBhaWduc1wiOntcIjM1XCI6MTcwMjk0MDQzOSxcIjM2XCI6MTcwMjk0MDQzOX0sXCJ0aW1lXCI6MTcwMjk0MDQzOX0ifQ.AGR5l0M5SRAo5ghOFuPjT1BAkH2dX_kFg0fxpoayi_0
.kraken15.com/ Name: __cf_mw_byp
Value: kYwKNnR2oNZ3vpNFDrI08OQvHDOWH1kTob4MlZE7Sds-1702940439-0-/
kraken15.com/ Name: tor_scheme_id
Value: 1703437870
kraken15.com/ Name: tor_port
Value: 9146
kraken15.com/ Name: session_id
Value: a2249d841ebdcd55032f5378ebc47a05
kraken15.com/ Name: connecting_hash
Value: b2fb99b18c3bd3671b5be6f8af6f2f89
kraken15.com/ Name: onion_server_id
Value: 4
.kraken15.com/ Name: _ym_uid
Value: 1702940448100823164
.kraken15.com/ Name: _ym_d
Value: 1702940448
.kraken15.com/ Name: _ym_isad
Value: 2
.kraken15.com/ Name: _ym_visorc
Value: w