{"report_id":"00609c5e-d1ef-4b9f-ac92-63e63a564cab","version":0,"status":"done","tags":[],"date":"2026-06-24T13:59:26Z","url":{"schema":"https","addr":"apps-legder.com/","fqdn":"apps-legder.com","domain":"apps-legder.com","tld":"com"},"ip":{"addr":"148.251.53.209","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"apps-legder.com/","fqdn":"apps-legder.com","domain":"apps-legder.com","tld":"com"},"title":"Ledger Wallet (formerly Ledger Live): The all-in-one crypto wallet app to do more, securely | Ledger","dom":{"size":2012461,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (65242)","md5":"8d33d5292a2e5a6ad66031d2fd950cf8","sha1":"b031d0f87ed41730255000b98c2f2feb64b32f5e","sha256":"2ca1c39e34b841aabd1eba8cb886cae60efde1d6310073ea089da0dbe02d4214","sha512":"5aaed6f2beaa0b45ba58c60fa5dcd474acdc8931ccf00140232ee53df565a44d092883a198fbf92908aa4258d126e66f2967e63333adfff8f83ab6a841ebcf51","ssdeep":"24576:FHE/BU7dikEwppgj5meXOvLqB3nVZWdu64n1doNTNKGrelwIVYkfdFDj9VBqeP:SISTevJIdot6B3","tlshash":"929501f83228673dac4e43f54297aaffb8835e31cb01a184ebe0550b979df685e09945","dom_hash":"domhashebea67b8818466ccf7e7ebbd5f1d1c3e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"apps-legder.com/","fqdn":"apps-legder.com","domain":"apps-legder.com","tld":"com"},"ip":{"addr":"148.251.53.209","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-29T13:59:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"apps-legder.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"apps-legder.com","ip":{"addr":"148.251.53.175","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":4,"request_count":4,"received_data":3663800,"sent_data":1964,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"apps-legder.com/img/preview-1.mp4","fqdn":"apps-legder.com","domain":"apps-legder.com","tld":"com"},"ip":{"addr":"148.251.53.175","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://apps-legder.com/","date":"2026-06-24T13:59:00.791Z","timestamp":1782309540791,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.apps-legder.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 15:03:11 GMT","end":"Thu, 27 Aug 2026 15:03:10 GMT"},"fingerprint":{"sha1":"86:8B:5E:2A:8A:E5:8B:8C:BA:7E:7D:EA:4A:B2:98:A6:42:C9:1D:9D","sha256":"63:43:E4:96:E0:15:07:EA:0D:58:3C:1C:01:A7:98:23:60:EE:74:34:9D:B5:70:03:4C:33:2B:CA:EA:00:8F:59"}}},"request":{"raw":"GET /img/preview-1.mp4 HTTP/1.1\r\nHost: apps-legder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=32768-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\ncontent-type: video/mp4\r\nlast-modified: Thu, 21 May 2026 01:30:10 GMT\r\netag: \"18d66f-6a0e6022-ba3c7d5aa17389fc;;;\"\r\ncontent-range: bytes 32768-1627758/1627759\r\ncontent-length: 1594991\r\ndate: Wed, 24 Jun 2026 13:59:00 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1594991,"size_decoded":1595265,"mime_type":"video/mp4","magic":"data","md5":"38c4b36fc56e31038d331942ef94aeea","sha1":"528edfe785ab806fd3c6d3633f1b824a76e74864","sha256":"c8d6b85283f10d639138294ed4aa211deeb833308c2cb8f7d3dd571370abb86d","sha512":"cc88dd50709b9da4de62b1984b6cfe1741ca9ed54e5c30e7a01ecb8da34b796c95c0c1b1135dd6d149f7a2b62447170a3dffbaa4b7849ff929cd9591a54d644c","ssdeep":"24576:psyN9fu2ZwMSlm5LxpHNd6lIJVqLKbFMO3:psc9fukwMxD6gqexd3","tlshash":"0e253385d0a562f1b6363bfd7032aeb46afc5d4dc3cb5edd74e14a9805944e02a828cf","first_seen":"2026-06-24T13:27:24.931917Z","last_seen":"2026-06-24T14:00:08.78516Z","times_seen":4,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":165,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"apps-legder.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apps-legder.com/","fqdn":"apps-legder.com","domain":"apps-legder.com","tld":"com"},"ip":{"addr":"148.251.53.175","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T13:58:59.802Z","timestamp":1782309539802,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.apps-legder.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 15:03:11 GMT","end":"Thu, 27 Aug 2026 15:03:10 GMT"},"fingerprint":{"sha1":"86:8B:5E:2A:8A:E5:8B:8C:BA:7E:7D:EA:4A:B2:98:A6:42:C9:1D:9D","sha256":"63:43:E4:96:E0:15:07:EA:0D:58:3C:1C:01:A7:98:23:60:EE:74:34:9D:B5:70:03:4C:33:2B:CA:EA:00:8F:59"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: apps-legder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Fri, 29 May 2026 17:04:20 GMT\r\netag: \"1eb039-6a19c714-c2c10730709adb9e;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 1344998\r\ndate: Wed, 24 Jun 2026 13:59:00 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2011193,"size_decoded":1345486,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (64143)","md5":"0abfe9dfb2a31ca1c1294325530bb8d1","sha1":"601c01ceebb31cd5707c7751c65cebcd8af5252d","sha256":"5ef63de7a1b8609820c052f3b188a08bcfa00f3bfd572d5628fb7f4738afb588","sha512":"997fcdacf49d33c9c1060af1956856024bc0f2b1ab7a179e63d6dd6b699ff2a261ccaaae6adca140f0d8c979086acd1602a15ee3c77e6d6ee986e88f33ea8a8d","ssdeep":"12288:Q9pEGuBCj7tP8Z4zvOlb0VB2qgdH3YsikqYPaWGJ0xpDYj6w7soqxMN88EaOUW4v:QHE/BU7KikqYZxYjxUezdvvUBs","tlshash":"1c25e1f43228633eac4f43f642966abeb9835f71cf01a1c4dbe1554bd79cb684e08685","first_seen":"2026-06-24T13:59:31.680913Z","last_seen":"2026-06-24T14:00:08.782434Z","times_seen":2,"resource_available":true,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":154,"connect":34,"send":0,"wait":34,"receive":206,"ssl":81},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"apps-legder.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apps-legder.com/img/preview-1.mp4","fqdn":"apps-legder.com","domain":"apps-legder.com","tld":"com"},"ip":{"addr":"148.251.53.175","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://apps-legder.com/","date":"2026-06-24T13:59:00.732Z","timestamp":1782309540732,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.apps-legder.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 15:03:11 GMT","end":"Thu, 27 Aug 2026 15:03:10 GMT"},"fingerprint":{"sha1":"86:8B:5E:2A:8A:E5:8B:8C:BA:7E:7D:EA:4A:B2:98:A6:42:C9:1D:9D","sha256":"63:43:E4:96:E0:15:07:EA:0D:58:3C:1C:01:A7:98:23:60:EE:74:34:9D:B5:70:03:4C:33:2B:CA:EA:00:8F:59"}}},"request":{"raw":"GET /img/preview-1.mp4 HTTP/1.1\r\nHost: apps-legder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=1605632-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\ncontent-type: video/mp4\r\nlast-modified: Thu, 21 May 2026 01:30:10 GMT\r\netag: \"18d66f-6a0e6022-ba3c7d5aa17389fc;;;\"\r\ncontent-range: bytes 1605632-1627758/1627759\r\ncontent-length: 22127\r\ndate: Wed, 24 Jun 2026 13:59:00 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":22127,"size_decoded":22401,"mime_type":"video/mp4","magic":"data","md5":"c42811e538acbff6dcedf5e8adb9f679","sha1":"0b535e2af30b9734933b727c4a93ce6eff9e2e50","sha256":"00b799ed75119bdbe65fdf5d6d4d05b1a91d78cab84ae0b709399e5b3263602e","sha512":"3ce2f490cd6ba1b9b2abe00d343e9ead830799b2c7a5fd96435067d57c1551461e4297e159869aafcfdf75fe65c8be804835ecd143711289f6f4ce7114480a31","ssdeep":"384:jzeeGaQP9/g8xDwC6j25teJ6H7cLGaYQpvfbos/1R+kzYakHSbEa2QfmZ8wKowvi:jzNGaQP9/pxESbc9Y6f8Y1R+MdqSYva0","tlshash":"3aa29e4923c56e4bca27aff1d0b2c3149ae6e52914ec930351d2c395ed4f6d34ddc8aa","first_seen":"2025-11-10T06:00:39.218023Z","last_seen":"2026-06-24T14:00:08.783592Z","times_seen":14,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"apps-legder.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apps-legder.com/img/preview-1.mp4","fqdn":"apps-legder.com","domain":"apps-legder.com","tld":"com"},"ip":{"addr":"148.251.53.175","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://apps-legder.com/","date":"2026-06-24T13:59:00.689Z","timestamp":1782309540689,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.apps-legder.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Fri, 29 May 2026 15:03:11 GMT","end":"Thu, 27 Aug 2026 15:03:10 GMT"},"fingerprint":{"sha1":"86:8B:5E:2A:8A:E5:8B:8C:BA:7E:7D:EA:4A:B2:98:A6:42:C9:1D:9D","sha256":"63:43:E4:96:E0:15:07:EA:0D:58:3C:1C:01:A7:98:23:60:EE:74:34:9D:B5:70:03:4C:33:2B:CA:EA:00:8F:59"}}},"request":{"raw":"GET /img/preview-1.mp4 HTTP/1.1\r\nHost: apps-legder.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\ncontent-type: video/mp4\r\nlast-modified: Thu, 21 May 2026 01:30:10 GMT\r\netag: \"18d66f-6a0e6022-ba3c7d5aa17389fc;;;\"\r\ncontent-range: bytes 0-1627758/1627759\r\ncontent-length: 1627759\r\ndate: Wed, 24 Jun 2026 13:59:00 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":34005,"size_decoded":34453,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"067e7f84baa7c965a85dfdc180765734","sha1":"70c139431d75a68628c99a4bdda5b668fd425d4a","sha256":"9fc3ba38fbeb7b93e2045ed48edca60d6b603823d832f516c3fbb4fa1daa4446","sha512":"4952a679697d0ff4dd153a13e2b8a57a0f031bcfc5f649a42ae90e5492276daf39011d93d82b22f18dd88b44d6556456064a1d19e534e814872d5228084350a5","ssdeep":"768:Kp/+LAPbJMfTQ9oQWWMWbJeBa6Hi8Jfj9NcoXcQ:K1+5QWrVacVfmQ","tlshash":"cde2f10f4513d88cea06a328944c9b0e5bdddb4db94635ccf483936aecc5dd0ea54ee1","first_seen":"2026-06-24T13:59:31.684987Z","last_seen":"2026-06-24T13:59:31.684987Z","times_seen":1,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"apps-legder.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}