{"report_id":"07831323-9966-4499-a5aa-88e572b0fd45","version":6,"status":"done","tags":[],"date":"2026-03-16T12:36:40Z","url":{"schema":"http","addr":"4875ledger.com","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":0,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"4875ledger.com/LE/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"title":"Ledger Live","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"4875ledger.com","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":0,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-20T12:36:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-16T12:36:17Z","timestamp":1773664577,"ip_dst":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50730,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-03-16T12:36:17.850231+0000\",\"flow_id\":1950082542972122,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.17\",\"src_port\":50730,\"dest_ip\":\"172.67.74.152\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":3510,\"start\":\"2026-03-16T12:36:17.830682+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-03-15T22:30:49.343058Z","alert_count":0,"request_count":2,"received_data":613091,"sent_data":898,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"css-style.com","ip":{"addr":"104.168.140.156","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"domain_registered":"2025-02-17","domain_rank":0,"first_seen":"2025-07-16T23:33:34.959146Z","last_seen":"2026-03-14T14:49:41.842004Z","alert_count":0,"request_count":1,"received_data":363,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"4875ledger.com","ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-03-15","domain_rank":0,"first_seen":"2026-03-16T12:36:42.076971Z","last_seen":"2026-03-16T12:36:42.076971Z","alert_count":52,"request_count":13,"received_data":11499273,"sent_data":6015,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"raw.githubusercontent.com","ip":{"addr":"185.199.111.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":22021,"first_seen":"2014-03-01T07:08:08Z","last_seen":"2026-03-11T17:32:07.6312Z","alert_count":0,"request_count":1,"received_data":14030,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-03-16T11:13:37.707576Z","alert_count":0,"request_count":1,"received_data":269,"sent_data":441,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ipapi.co","ip":{"addr":"172.67.69.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2026-03-11T14:27:37.490585Z","alert_count":0,"request_count":1,"received_data":2477,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"4875ledger.com/LE/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"11f01d9ea38ce8b2a5d87fb72a322cdd","sha1":"4f0d7c5d9a3e79eaf110270c212c31e96bdd93b4","sha256":"d3677d53419a21e17a146b780783a73d5284698baf24f998386416244d818e9d","sha512":"8fd4942afee01c4cc24caeabf8e4acea497fbfcece7fdf41eeeac4e9c5ef2a10c1865e171533d631c922deb2bfa3043307aba089f73761b6c0132804080f4be0","ssdeep":"","tlshash":"0fb012cfb9fb01549bcaa03510b7074d3738f1183f00174a3c3a05600a26dc8302ace5","size":111,"data":"","first_seen":"2025-09-29T19:36:32.631872Z","last_seen":"2026-04-01T02:18:18.066623Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"002b567284a078ad6982c4acdcfea08b","sha1":"1d965a1c2ab4a967c311abddb5a8f770b9b3486c","sha256":"710a69b039861e96db4a6ebb8373f59a6a43c7ccea25281f893bf35ae22867a6","sha512":"5e630f9e6febd5971b482468319b5297a19c319d93f80fc7c1b2246bb09ad27e6d0167fdf488afe854dd6931cf2390a266e97d18272977b910cef2f14ad91f42","ssdeep":"","tlshash":"ba41246d71b72d34527bb3e7574b62c57031104b3400ed6a7e2c8b442fb9a045aa76ed","size":1981,"data":"","first_seen":"2026-03-16T12:36:49.091331Z","last_seen":"2026-04-01T02:18:18.067235Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/Track.js","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a0280f3afc46a7cd904c18c059268ea1","sha1":"f2461b4a3a54bda16695d7c96e5cdfd0f3db99c7","sha256":"3104a7c6448c401fe77fa8672072b158af956bedb7932b3c8cbabd871e8fae7d","sha512":"2d590aee5af704b541f333a512b5ed838b480ae720ac637257ac9243f3894e26aa70feb5397908f6c6a37640867678f7d6bf53cee3457eb077e8cf8b19cbbd7e","ssdeep":"","tlshash":"0081323804232a1b69bba16e5e67610af163d01f2541cb367bfc8708af74a3c4695f8c","size":3923,"data":"","first_seen":"2026-03-16T12:36:49.079392Z","last_seen":"2026-04-01T02:18:18.054572Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/lottie-web/5.12.2/lottie.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"55bf86203909151984bef8cbe4739d64","sha1":"543e646b2ff86405b77bd2514b1aede8a8b4cbd8","sha256":"a0757321f974527bda3cc2593bf56cc7ffe4578421249ced6ae49ffb1c529f90","sha512":"8c49ee0edea37de7028ed850009f9e774313540fbee592a69547260c606fdaf508fd1127e85b88762c4b367413faf2aeb04da18539368acddc16fbf9c00f9282","ssdeep":"3072:xnEwejqNqAvPSIoPayIYzfq526QGK2y0mbsZmml+39xzKMTlB6k:xUjqNqAvPSIoPayIYzfq52tU1l4fRRBl","tlshash":"a85419597254343805c540a9806f0a4bb736292e246ac49cb76cf4ffacbde8d31beb75","size":305543,"data":"","first_seen":"2023-07-18T12:10:25Z","last_seen":"2026-06-13T09:56:48.541492Z","times_seen":2066,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"243aa7e75c76643e9eea24da9d02faf7","sha1":"18daab0ba1ddb1a648933962c998f4e4af94ec1e","sha256":"840e6f7510495ebe0dafe0b63035c78f40fd4d7b5b3ecb17e35efc271354097b","sha512":"952e0d49b57e96a492cd32ac3bd107a8f6e53526c84714095874627b98d207072883d0637cf1a4078a98550dae35af9323954c4460c6fea0dc902c565d7bf8b7","ssdeep":"3072:Coz2ckNzTATzPNXMwhDv624jTusWc3S0HOtDthtOtgtE6mpR9U/aVuVFAiqNVYqr:Coz2ckNzTATzPNXMwhDv624jT913S0Hz","tlshash":"bfc3fe1f097692e9fb166488c7833ce686d661a17fca09f8cdbb8d024bb435d2306d65","size":121301,"data":"","first_seen":"2025-09-29T19:36:32.636628Z","last_seen":"2026-04-01T02:18:18.067902Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"286ef717d8482125df21c1f125a9f1d2","sha1":"f90479afb9019271d148bddd5cf49e56a0668661","sha256":"f193d9e4e3bb4b58c99cc113bcebf24449c38eb78d46f8f7ffc28f8644eaeb6f","sha512":"df9ece3b0f432cb1c45cbec8510dc4db42b6c673331ce3d3f66d4fddbd885a1e5f681fb1b1219b7a559c7f89ba701ca3301616604fb1b650337bc9b0092f45e5","ssdeep":"1536:sDgwQGNMpJGnZKccyvushuo05MMo4N5G+vXJNshK61ZD7DWMRaGMRa9J9IH:sDgwQGNMpwcyvushuo05MMo4N5G+vXJN","tlshash":"7373d01f0a7652fafb1538498b8338e646e272613fcb08eccdbb5c154ba865d3306d65","size":76339,"data":"","first_seen":"2025-09-29T19:36:32.640043Z","last_seen":"2026-04-01T02:18:18.068516Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"aaee862449ac0980f822c348fe9177d9","sha1":"d1e54f73a108768be539edd6aa6cb4c7d7699f6f","sha256":"7e0636a54aa0c4bff212e92564bc4f59453766fe36a53b28cb381278c165374e","sha512":"0d547f331cac33cb31c3efb46f5a0975a5f5b8097e7e5a180a4019f0a68529bd0f786f4b8ac5b3f1d67a7057594b22ec2a37a872ccef4ed9df3a2530d421a61a","ssdeep":"","tlshash":"2441920fb9f31425c5b73176598f0e78b220810658096e133f9c83e59f95f726a729ae","size":1918,"data":"","first_seen":"2026-03-16T12:36:49.094455Z","last_seen":"2026-04-01T02:18:18.070165Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/lottie-web/5.12.2/lottie.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"55bf86203909151984bef8cbe4739d64","sha1":"543e646b2ff86405b77bd2514b1aede8a8b4cbd8","sha256":"a0757321f974527bda3cc2593bf56cc7ffe4578421249ced6ae49ffb1c529f90","sha512":"8c49ee0edea37de7028ed850009f9e774313540fbee592a69547260c606fdaf508fd1127e85b88762c4b367413faf2aeb04da18539368acddc16fbf9c00f9282","ssdeep":"3072:xnEwejqNqAvPSIoPayIYzfq526QGK2y0mbsZmml+39xzKMTlB6k:xUjqNqAvPSIoPayIYzfq52tU1l4fRRBl","tlshash":"a85419597254343805c540a9806f0a4bb736292e246ac49cb76cf4ffacbde8d31beb75","size":305543,"data":"","first_seen":"2023-07-18T12:10:25Z","last_seen":"2026-06-13T09:56:48.541492Z","times_seen":2066,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"5b509dc6b89a0642357c150849b3ca5f","sha1":"9724f996937672f4caf753cce24e8b302c799632","sha256":"0ee0df80f18f960f14d95c89a8305b53dd2341d85c489af52a2648db42b8448b","sha512":"4252ef635d18916295bd3bbf31fbec8ad12dc61f435de85353faca6b61a34a70357d0d46f0d313d84987fdadf6bc4b5747ffb2cca388f550a8e97fbec7d218f4","ssdeep":"384:tXhBZJkL7hAIYs1I7UH7BTZXR4lXWB/zoj+aXPa23xoEsgR:JDkdUx","tlshash":"6ba2516a36b725310aab31bb7beb9649353240033840f9497e6d86440f51fd06af7bda","size":22935,"data":"","first_seen":"2025-09-29T19:36:32.643933Z","last_seen":"2026-04-01T02:18:18.070925Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/lottie-web/5.12.2/lottie.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:17.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/lottie-web/5.12.2/lottie.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4875ledger.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 16 Mar 2026 12:36:17 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 63677\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"659c9856-f8bd\"\r\nlast-modified: Tue, 09 Jan 2024 01:50:30 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 113138\r\nexpires: Sat, 06 Mar 2027 12:36:17 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tUf3zjxEaWYiqO5PuKmn2%2B%2BTwfQa7jRetuUynC97DAt0UZD5qhUn2icW%2BGJifEucMvoIRuI03znzz2RKdpFc3HIv%2FOHCODwUsLBhl0wedvVuyJk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9dd3cd784ff85ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":305543,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"55bf86203909151984bef8cbe4739d64","sha1":"543e646b2ff86405b77bd2514b1aede8a8b4cbd8","sha256":"a0757321f974527bda3cc2593bf56cc7ffe4578421249ced6ae49ffb1c529f90","sha512":"8c49ee0edea37de7028ed850009f9e774313540fbee592a69547260c606fdaf508fd1127e85b88762c4b367413faf2aeb04da18539368acddc16fbf9c00f9282","ssdeep":"3072:xnEwejqNqAvPSIoPayIYzfq526QGK2y0mbsZmml+39xzKMTlB6k:xUjqNqAvPSIoPayIYzfq52tU1l4fRRBl","tlshash":"a85419597254343805c540a9806f0a4bb736292e246ac49cb76cf4ffacbde8d31beb75","first_seen":"2023-07-18T12:10:25Z","last_seen":"2026-06-13T09:56:48.541492Z","times_seen":2066,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":27,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"css-style.com/%66%6f%6e%74%2e%70%6e%67","fqdn":"css-style.com","domain":"css-style.com","tld":"com"},"ip":{"addr":"104.168.140.156","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"css-style.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 03:58:10 GMT","end":"Sun, 14 Jun 2026 03:58:09 GMT"},"fingerprint":{"sha1":"3E:F0:CE:D8:01:DC:3A:D1:C0:45:21:3F:84:8D:3B:12:A9:87:E5:4F","sha256":"19:6D:E8:4C:8C:BF:DE:D8:35:25:2A:43:1F:F3:1C:60:E3:4D:F7:37:3E:5B:D4:CB:35:2F:3F:35:97:59:EA:9B"}}},"request":{"raw":"GET /%66%6f%6e%74%2e%70%6e%67 HTTP/1.1\r\nHost: css-style.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4875ledger.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nx-powered-by: PHP/7.4.33\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\ndate: Mon, 16 Mar 2026 12:36:16 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":2309,"timings":{"blocked":653,"dns":186,"connect":153,"send":0,"wait":996,"receive":0,"ssl":317},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/flex.png","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/flex.png HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:17 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:40 GMT\r\nETag: \"2b59e-64d164f9aec67\"\r\nAccept-Ranges: bytes\r\nContent-Length: 177566\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":177566,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 1120, 8-bit/color RGBA, non-interlaced","md5":"3423d9216bd5559dec8b83b19cc29bee","sha1":"37c03fac2985177963c5bdf2447e86eca8984434","sha256":"d904a3d1ecef38cbd5c973379b889abcc203ae56a9ba50c78e0eec047a6d5904","sha512":"521c4a78d075b18bec5d48e2a8ff22c114fb92196707b35931a5da7b9ef4aa0a6fdc95e5f133e68bc7152eac2a33b62d596b742128994965d87977f5da29ca9d","ssdeep":"3072:PvZDVxTPxaYF77jICJ6agdTYbA84s7EMWPzWzhxiffyQdgA+u83G1QxlUd3SDG:PvVTPxn7/lhDAGE5WFaycTKG1QxlUx","tlshash":"2e04138ff6539c36be533627daf0657e3e994564c0be437911572b2bb31881c24e2ea0","first_seen":"2025-09-29T19:36:32.599074Z","last_seen":"2026-04-01T02:18:18.053509Z","times_seen":13,"resource_available":false,"data":null}},"time_used":1748,"timings":{"blocked":1687,"dns":0,"connect":0,"send":0,"wait":19,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/lottie-web/5.12.2/lottie.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/lottie-web/5.12.2/lottie.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4875ledger.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 16 Mar 2026 12:36:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 63677\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"659c9856-f8bd\"\r\nlast-modified: Tue, 09 Jan 2024 01:50:30 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 113136\r\nexpires: Sat, 06 Mar 2027 12:36:15 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2EqF4UHNsqZ%2BzJzHj4Y42kQ5vu8kvxhdNSJtiFhyQ8XpX2aDYA2jrZTCmCkHmozVpcJ0hSUIb54EHEk6S4sPcXIelHNNwlDKioNHBPanb3U8OYI%3D\"}]}\r\ncf-ray: 9dd3cd6c6a910daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":305543,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"55bf86203909151984bef8cbe4739d64","sha1":"543e646b2ff86405b77bd2514b1aede8a8b4cbd8","sha256":"a0757321f974527bda3cc2593bf56cc7ffe4578421249ced6ae49ffb1c529f90","sha512":"8c49ee0edea37de7028ed850009f9e774313540fbee592a69547260c606fdaf508fd1127e85b88762c4b367413faf2aeb04da18539368acddc16fbf9c00f9282","ssdeep":"3072:xnEwejqNqAvPSIoPayIYzfq526QGK2y0mbsZmml+39xzKMTlB6k:xUjqNqAvPSIoPayIYzfq52tU1l4fRRBl","tlshash":"a85419597254343805c540a9806f0a4bb736292e246ac49cb76cf4ffacbde8d31beb75","first_seen":"2023-07-18T12:10:25Z","last_seen":"2026-06-13T09:56:48.541492Z","times_seen":2066,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":44,"dns":8,"connect":1,"send":0,"wait":11,"receive":3,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/nanoHourglass-NLC7SCA5.png","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/nanoHourglass-NLC7SCA5.png HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:17 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:40 GMT\r\nETag: \"24935-64d164f9df9a5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 149813\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":149813,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1028 x 1028, 8-bit/color RGBA, non-interlaced","md5":"0a164a5d2989e5efc417f29de776bafd","sha1":"21921ad734ceea47cbddb362f9988f68a8be27fb","sha256":"21afe0f26f9bc486cc9de993a474e7aaf64f0728ae7686ca3a8d99dd43baa6a7","sha512":"f5104fb98b6814a598e9972da378d8f4241fa01b671413501ebbbcc45e8ed878526ad5864df91f9759a96cc288da65084bf887f3a9994e06170f457cefb6e8ad","ssdeep":"3072:dkVz1oGkRCJI/BMOWUuYeujB2FbjccNCMMo/9ehk2Uo7s:dkp1lksQBMWuYYjnyg9ehknN","tlshash":"0ce3122b5c0f7c9aceec16517dfa030b1a269b3727c275a3562936c4bf6d8b3b484149","first_seen":"2025-09-29T19:36:32.58018Z","last_seen":"2026-04-01T02:18:18.059804Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1935,"timings":{"blocked":1726,"dns":0,"connect":0,"send":0,"wait":22,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/stax.png","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/stax.png HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:17 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:43 GMT\r\nETag: \"68302-64d164fc363b4\"\r\nAccept-Ranges: bytes\r\nContent-Length: 426754\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":426754,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 1120, 8-bit/color RGBA, non-interlaced","md5":"3a0a79398001035a9d2cdd5262f23bf0","sha1":"bab1d1d8fe4e87b87ba1fc2c166a2f89054dded4","sha256":"79d8e86ef43845d73a67903bbf60afad80cde9414844e776a12387b1f4dd0aa5","sha512":"1e8503c8304707570341618789e513c70e6d2e46bee00ba91bf1e8d178a302549e303863fde9d769bed1d4bca42ae2e782bf078c086867f8f24e321bc4730f1f","ssdeep":"12288:b1sditJ61TSUx4Sud3+BtnClG4biw+UgOQkkzQzkxnLqI:b1sUe12kuE7nx4ewTI5wkpWI","tlshash":"849423e98c37ed603d62a2f19a659cd358f08c5d4dd84cb4d10c87396bdbebca4ea814","first_seen":"2025-09-29T19:36:32.584331Z","last_seen":"2026-04-01T02:18:18.057015Z","times_seen":13,"resource_available":false,"data":null}},"time_used":3595,"timings":{"blocked":1649,"dns":0,"connect":19,"send":0,"wait":21,"receive":271,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/Track.js","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/Track.js HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:15 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:43 GMT\r\nETag: \"f53-64d164fc45db3-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 1455\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3923,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"a0280f3afc46a7cd904c18c059268ea1","sha1":"f2461b4a3a54bda16695d7c96e5cdfd0f3db99c7","sha256":"3104a7c6448c401fe77fa8672072b158af956bedb7932b3c8cbabd871e8fae7d","sha512":"2d590aee5af704b541f333a512b5ed838b480ae720ac637257ac9243f3894e26aa70feb5397908f6c6a37640867678f7d6bf53cee3457eb077e8cf8b19cbbd7e","ssdeep":"","tlshash":"0081323804232a1b69bba16e5e67610af163d01f2541cb367bfc8708af74a3c4695f8c","first_seen":"2026-03-16T12:36:49.079392Z","last_seen":"2026-04-01T02:18:18.054572Z","times_seen":7,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.111.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:17.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 06 Feb 2026 21:41:53 GMT","end":"Thu, 07 May 2026 21:41:52 GMT"},"fingerprint":{"sha1":"A2:51:20:89:CB:5A:58:66:4F:F9:80:3A:0E:A3:6B:2B:13:44:D8:F9","sha256":"02:BD:D4:4D:11:37:CE:23:17:D9:AA:CC:D3:6F:75:3C:AA:1F:BE:C7:EE:91:CC:5F:AE:51:D8:1E:8F:F7:DC:A7"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://4875ledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4875ledger.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: F79E:3101F6:1B786F:1E7592:69B7F941\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Mon, 16 Mar 2026 12:36:18 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410022-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1773664578.915094,VS0,VE122\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: 112430c20d0cff36eb5f05997e2d20c1470b5e34\r\nexpires: Mon, 16 Mar 2026 12:41:18 GMT\r\nsource-age: 0\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-05-30T18:07:31.753849Z","times_seen":262,"resource_available":false,"data":null}},"time_used":617,"timings":{"blocked":399,"dns":3,"connect":28,"send":0,"wait":148,"receive":3,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-16T12:36:14.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Mon, 16 Mar 2026 12:36:15 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLocation: /LE/\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1468299,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T17:33:37.826371Z","times_seen":16391923,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":131,"dns":82,"connect":21,"send":0,"wait":20,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/nanos.png","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/nanos.png HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:17 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:40 GMT\r\nETag: \"988ee-64d164fa2fae3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 624878\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":624878,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1440 x 1680, 8-bit/color RGBA, non-interlaced","md5":"cf176eb1d64bbff10703233876495a46","sha1":"5d5d052799695d694ed0ecf8637e2b2f3b0f6435","sha256":"2e2b32fd81a3ec43769f01548f285db098a133114c51b3a941422418c080f072","sha512":"dd381fbab96d0e395123e95be32cb6442007e7371d020cbdf3346b78ef2d82e5ae7bd393fce694423d8bb374a7aeaa08acb6b27e888f043c99ba0558858f6fc8","ssdeep":"12288:WX8yrBmhrr6tQotXFH8DX460906xmyaU+fh4A9pEuKsLZeoAwNPn1LlM1BMMhCN:CO4Hq6xmHUIh4UyHwQYR3M1BMmc","tlshash":"99d423a983b1cd88e04268bc18d71feb5ef744966bf405b6da0f4465be03af59a30d4c","first_seen":"2025-09-29T19:36:32.601957Z","last_seen":"2026-04-01T02:18:18.057717Z","times_seen":13,"resource_available":false,"data":null}},"time_used":3488,"timings":{"blocked":1644,"dns":1,"connect":21,"send":0,"wait":21,"receive":166,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:17.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Mar 2026 16:45:18 GMT","end":"Sat, 30 May 2026 17:45:14 GMT"},"fingerprint":{"sha1":"EF:8D:ED:C7:B3:46:8A:91:47:71:92:F2:D9:B0:67:EA:C1:FC:5B:89","sha256":"01:CA:DB:EB:79:61:2D:B3:FE:2B:09:FE:44:84:EA:5B:6E:C1:3B:81:A1:0F:8C:9F:DE:2E:16:1E:59:45:06:D9"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://4875ledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4875ledger.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 16 Mar 2026 12:36:17 GMT\r\ncontent-type: application/json\r\ncontent-length: 21\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9dd3cd7bae1390fd-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-07T07:51:18.251001Z","times_seen":93313,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":368,"dns":35,"connect":8,"send":0,"wait":104,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/91.90.42.154/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"172.67.69.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:18.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 15:59:25 GMT","end":"Sun, 17 May 2026 16:59:23 GMT"},"fingerprint":{"sha1":"37:8F:7A:B7:BF:60:24:8D:1C:83:4F:C2:59:C3:0A:0C:EE:B3:75:A5","sha256":"8D:E6:B5:3D:41:1D:D8:B2:FA:03:95:07:E2:54:7C:1F:A2:22:E9:05:05:5E:D2:99:7D:DF:46:3F:32:52:53:F9"}}},"request":{"raw":"GET /91.90.42.154/json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://4875ledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://4875ledger.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 16 Mar 2026 12:36:18 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nallow: OPTIONS, HEAD, POST, OPTIONS, GET\r\nx-frame-options: DENY\r\nvary: Host, origin\r\naccess-control-allow-origin: https://4875ledger.com\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\ncross-origin-opener-policy: same-origin\r\ncontent-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.stripe.com https://*.paddle.com https://www.google.com https://www.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://*.paddle.com https://fonts.gstatic.com https://fonts.googleapis.com; img-src 'self' data: https://ipapi.co https://maps.gstatic.com https://maps.googleapis.com https://*.stripe.com; font-src 'self' data: https://fonts.gstatic.com https://fonts.googleapis.com; frame-src 'self' https://www.google.com https://*.stripe.com https://*.paddle.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; connect-src 'self' https://ipapi.co/ https://*.paddle.com https://*.stripe.com https://maps.googleapis.com https://www.google.com/recaptcha/; object-src 'none'; frame-ancestors 'none'; base-uri 'self'; form-action 'self';\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dVK33V4NaYrFmatqp0WZmSXq9sdjmTkfOd%2FFUxK44WuGti0VfzbwjqsH4Er4f2fzjn2N9GcMTJiRXkuyKF2qY%2FAtqWzP2Oo%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9dd3cd7d29091243-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":748,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"460b460d57658b5fd29c5e4934445c33","sha1":"24a724b25ef1401657cafa588835edfb9f7ef1f7","sha256":"93eefe1243dfce9ac06bf199cc9962e610bab6bff4f096662a357d27c9aefa70","sha512":"127d42078b0a87c6d0a70bd359dbcf50844e871ae9e98875a63f2303950b50bcc04fdb72df3f2e157dde3c019355fb67791147d38d6c3c570e1bde1d3b8f31c2","ssdeep":"","tlshash":"a9012428e4680e7b88b80358b4286a07122422075f16354e7fd4878d0f8d8bf20b124e","first_seen":"2025-12-17T10:03:05.72606Z","last_seen":"2026-03-25T09:03:12.863773Z","times_seen":3067,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":63,"dns":34,"connect":8,"send":0,"wait":204,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/favicon.jpg","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:18.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/favicon.jpg HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:18 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:40 GMT\r\nETag: \"4159-64d164f9936e7\"\r\nAccept-Ranges: bytes\r\nContent-Length: 16729\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":16729,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre 7, datetime=2025:04:29 04:55:18], baseline, precision 8, 716x646, components 3","md5":"b205f8d66c2573e5c5282531cbf52491","sha1":"658b89462743d0d28bc597de5f2c81766649c7f1","sha256":"e873d5d375bc249a7912a50c283f891fb6df0fd3265957b21642185f9bcc2193","sha512":"0c19cbc4d3962e7af7efc783597b80aae491e762cec77716381d92f76d21e0ade5a6e065f93b5310a784f764054880977694f4e7245a84beccafbcf39eb221db","ssdeep":"192:pYDj3jeUuOOGVos57fkMlxfSoeov84AMwOBdtG9xjwL3nHEbZR2sQk:pYDrj3nJpfkg9b9vXBy9xjwL3E9R2Zk","tlshash":"ee72f00389495ec3a46cc7e5bf074ed86f49675de8863eef04625f873b612231d8a02e","first_seen":"2025-07-31T03:28:11.020601Z","last_seen":"2026-04-01T02:18:18.065379Z","times_seen":14,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-16T12:36:15.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/ HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:15 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1468299,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65234), with CRLF line terminators","md5":"9d0622fd009e7c5836d64db839b32172","sha1":"531e0420df5a729909c2478bfdf367624e575d34","sha256":"2e482d12cb8e776356cb849ad549decbd26987f26bca8e7e241606fc1661ea73","sha512":"5db63346c99b65501f564b47872f08e0886299d075186775b8e9a4eeac13b2295612bde06c6f1bb2297b76af412ed61388a712eafc0e70b538fb2fc1b3ca5f91","ssdeep":"12288:2BvDuSmboHCSr398898E8l8O8XDLLDMMxdfDn4kqTa1Y+neQyXXFGoz2ckNzTATp:wvD9X3i8i7qt3GaxehFl","tlshash":"18252216c622492ef23b65a85bc3755dfbc68253e7c102ed7eae51214ffb252032639c","first_seen":"2026-03-16T12:36:49.084341Z","last_seen":"2026-04-01T02:18:18.049399Z","times_seen":7,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":217,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/popup.png","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/popup.png HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:15 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:42 GMT\r\nETag: \"1fddd-64d164fc046d5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 130525\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":130525,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 377 x 421, 8-bit/color RGBA, non-interlaced","md5":"ea5739db4934d8f08f1ff2088bc17097","sha1":"5fe878f4e863a73078f613a57168f7d8a414825f","sha256":"81843f9cc4473328e73b00603c1f8c7c42caf88834e5ce98cf4dc6ca95f1d385","sha512":"35ff3d09927f2c414971f8ce2a024d7a99a87e8fc1a34bcc3779c58bad7a7b5d105a028345e6bc402326c6cac3f810fb3161669fca8bffb4b94063712f604024","ssdeep":"1536:2JN9XBjIYqtU21YdA737kONwu+lQnFjd2JMRg2/1E0ebt5lPcGqMzNFmXWhouZEb:cR8k2V8Ou7lap+eW0ebtHKcpouckOgSJ","tlshash":"52d312c26a0b1d6f975805393d77286fc4a299aca04ff06625401f5fb86be32e2c55f3","first_seen":"2025-09-29T19:36:32.604562Z","last_seen":"2026-04-01T02:18:18.052426Z","times_seen":9,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/Nanox.png","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/Nanox.png HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:17 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:41 GMT\r\nETag: \"836b9-64d164faa2e9f\"\r\nAccept-Ranges: bytes\r\nContent-Length: 538297\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":538297,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1440 x 1680, 8-bit/color RGBA, non-interlaced","md5":"f2859ba015a0f0712889407d5199cf30","sha1":"d8751f42905235d43407359bf44acd3429872143","sha256":"527c6eb210a9e5ea295436e414abe58fe553ea5a2deaca9d7650aec1d49d943a","sha512":"65fc361de95c03bbe50e84c86ad5dd11b4b34d09b503d4655f046c1ca365557e67ca18457d2ffa8a5fee4b6424094d9c8a913e0556c2ce3d0dd37dbc758f4baa","ssdeep":"12288:kNA2itl9GwyDMP5ts8ScdmxVBVZnlYIpKuypkKwDc3:w1itl3yDMPbtzmxVBVZniMKV+0","tlshash":"e5b423ee87a7ca05ff8270f24449dea8cb64349a139b16c5400373297287aff5278e57","first_seen":"2025-09-29T19:36:32.574082Z","last_seen":"2026-04-01T02:18:18.059154Z","times_seen":9,"resource_available":false,"data":null}},"time_used":4108,"timings":{"blocked":1642,"dns":1,"connect":32,"send":0,"wait":20,"receive":793,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/nanosplus.png","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/nanosplus.png HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://4875ledger.com/LE/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Mon, 16 Mar 2026 12:36:17 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:41 GMT\r\nETag: \"7f623-64d164fa68521\"\r\nAccept-Ranges: bytes\r\nContent-Length: 521763\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":521763,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1440 x 1680, 8-bit/color RGBA, non-interlaced","md5":"895d2c161d001507305b82100c536d82","sha1":"6c88ae9cea0d479fc1cc47ab582b1bd5cd54921f","sha256":"3e1941f3a5bf4a08013f553e8bbb4bfcf7def09069e5f817c76b57e4297892ec","sha512":"b2d4e9df98150e4e4ede3817ab214cff8a8aa44195d7c5d2fb9cc8a3f794f4c3e380cee3a572287b7e285e46750e3c42e7cd68e639efae0e4c751c608d26681e","ssdeep":"12288:6UHmx5mXy/AQr2CPRJOrxm4CgcbAcQbhGM0ACS8+WjnKY:omy/AQqCpQrOBscQdGMlCn+onKY","tlshash":"48b423ebda85a550e9840372ae812b108235705f466c495cf160f3b19b63efd7b09aff","first_seen":"2025-09-29T19:36:32.629389Z","last_seen":"2026-04-01T02:18:18.058476Z","times_seen":13,"resource_available":false,"data":null}},"time_used":3582,"timings":{"blocked":1643,"dns":1,"connect":19,"send":0,"wait":20,"receive":263,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/welcome.mp4","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/welcome.mp4 HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nReferer: https://4875ledger.com/LE/\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Mon, 16 Mar 2026 12:36:17 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:43 GMT\r\nETag: \"6734-64d164fc557b3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 26420\r\nContent-Range: bytes 0-26419/26420\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: video/mp4\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":26420,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"b16847de02c85b9a1044aa608ce48c3d","sha1":"1c09b3675c955b6ce17fe87a4847389622946b63","sha256":"fc80ce85ef11ccd942a1db0612d60cd941655d07f9e6a22c2b9191ed409c972c","sha512":"528f87c35168ab3492594c71f2e64315a0fb52bc8907b7b44ff4e8add89cb84237a439c5237d068e7aff1581f02481cbcd309aa1ae15926e3496e50b6b6f4c67","ssdeep":"384:cpUlJ0Q5/GfSDG0jmRb7cAtugrBGk2Syi0SV/I+WqPaXTRjRHbCPy1ZYWKA+L0Zw:y1TXQcPGlNdRC0QvirSQE","tlshash":"46c2ad8a97b499c3d92d923c8cb7d306f318e6d8670693cbc7607265fd319accda0585","first_seen":"2025-09-29T19:36:32.607113Z","last_seen":"2026-04-01T02:18:18.062474Z","times_seen":9,"resource_available":false,"data":null}},"time_used":1459,"timings":{"blocked":1420,"dns":0,"connect":0,"send":0,"wait":19,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"4875ledger.com/LE/Folder/buyNanoX-D6R3F3RS.webm","fqdn":"4875ledger.com","domain":"4875ledger.com","tld":"com"},"ip":{"addr":"192.109.200.111","port":443,"asn":199760,"as":"Pau Poyatos Fuentes","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://4875ledger.com/LE/","date":"2026-03-16T12:36:15.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"4875ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 19:06:51 GMT","end":"Sat, 13 Jun 2026 19:06:50 GMT"},"fingerprint":{"sha1":"43:30:50:9F:FE:AB:2B:6C:18:9E:A3:B3:4A:D9:1D:AD:D1:BD:C3:E2","sha256":"7F:06:C9:52:B1:BB:2B:BE:52:20:49:43:BB:CE:D2:20:4E:0A:53:F8:50:DE:D7:EA:16:93:79:43:87:29:05:87"}}},"request":{"raw":"GET /LE/Folder/buyNanoX-D6R3F3RS.webm HTTP/1.1\r\nHost: 4875ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nReferer: https://4875ledger.com/LE/\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nDate: Mon, 16 Mar 2026 12:36:17 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nLast-Modified: Sun, 15 Mar 2026 20:54:40 GMT\r\nETag: \"5aabab-64d164f96e528\"\r\nAccept-Ranges: bytes\r\nContent-Length: 5942187\r\nContent-Range: bytes 0-5942186/5942187\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: video/webm\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":5942187,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"10988b050abf34d353feab102b3818f6","sha1":"f2f811a00ea9e60d7b6a8036a23d4fdb90493bf1","sha256":"d652953ed77bc7c3183e8d1c81b4d21d24ed2bc9d2c6ef3f0168917ffeea6be8","sha512":"ae3435680cf90ad26c01c4b43b992ea2611731f58012d3b114cf04ba1ac8f5d74992ab07d2746c3574a171249eb218dc110176eec0b2f2c78f9c9a452b607ff2","ssdeep":"24576:wRPHRx5qVKg603NAFp3GSVn/sIAVv8ios1f7mrzwuAdtK:wRfRx5q1/+f3GSV/LS91DGzNmK","tlshash":"412533165f88bbe4c29987b1f357006f1f1e947d582d220adb9b2065ca44bbeddac04f","first_seen":"2025-08-07T11:40:32.793324Z","last_seen":"2026-04-01T02:18:18.061718Z","times_seen":17,"resource_available":false,"data":null}},"time_used":2219,"timings":{"blocked":1418,"dns":0,"connect":0,"send":0,"wait":22,"receive":779,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-16","alert":"Phishing Block","trigger":"4875ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"4875ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}