{"report_id":"295217f3-c6fe-48c0-bd04-43ec28dc0f08","version":6,"status":"done","tags":[],"date":"2026-01-07T10:48:51Z","url":{"schema":"http","addr":"download-ledger.us","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"download-ledger.us/","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"title":"Ledger Live | Download and install Ledger Walletâ„¢","dom":{"size":23929,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (332)","md5":"45c9a572bb7d656b3d0e73bcc05237b5","sha1":"58aec940ff293f19aa96250af3c69241abc2cd89","sha256":"9e39184f0cd9f37ef640d8b0bd36306c46db2ec3ea2741595e950e96660870c2","sha512":"f73cb54e9fe5f7c024507f2f80d8586b5c4de01e373d3678f994d77bb2412a2b6358608c49822de5515eee46f0a7397bb3b2885b774765824db8b339fad83cd8","ssdeep":"192:/sdzXUUW9SxZnfMC3G12TfN/hWzPiJNhOOX815fyfHCIKUCcIkqqfQeVbPVVsxkP:/u7W98BxUSF+x8BIjZkMNid4HTzJ9fIP","tlshash":"28b2522be0f12c330147a1a46a69678fbe51900bc52a9c147bbc065e7fe3c96c57374e","dom_hash":"domhash7cf092e633027c4db3a9a8f0cded0707","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"download-ledger.us","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T10:48:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"download-ledger.us","ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-11-23","domain_rank":0,"first_seen":"2026-01-07T10:48:51.841313Z","last_seen":"2026-01-07T10:48:51.841313Z","alert_count":36,"request_count":12,"received_data":1746845,"sent_data":5405,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-01-04T22:21:06.427471Z","alert_count":0,"request_count":3,"received_data":363231,"sent_data":1581,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"download-ledger.us/","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:48:29.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:29 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23894,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (332)","md5":"6f509d340de74fb5a57b60668aef2d7f","sha1":"dbb21cf194953bd8c8663f579d7a8d7f4c5f1db3","sha256":"079e5967070012156e3785357a7ac709acf14b37cd3cc9fa09b76aaacd32a079","sha512":"9668cb0f43f10927039e86b06f44cbcf52aaca7c714d2d57d9f5795d33c93f7915c891f28ab8ff65c748b958e948b68119e42545233a044e40324f711c0c8f70","ssdeep":"192:CMdzXUUW9SxZnfMC3G12TfN/hWzPiJNhOOX815fyfHCIKUCcIkqqfQeVbaVVsxk8:CO7W98BxUSFFxFBIjZ5MNAe1HKRJ9fkd","tlshash":"12b2622be4f02833014762a46a7a678fbe919007c56a9c047bbc425e7fe3c96c57374e","first_seen":"2026-01-04T08:50:01.233279Z","last_seen":"2026-01-27T07:55:27.406085Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1026,"timings":{"blocked":477,"dns":335,"connect":26,"send":0,"wait":71,"receive":1,"ssl":112},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 07 Jan 2026 10:48:30 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\ncf-ray: 9ba2e21429972efa-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1835611\r\nexpires: Mon, 28 Dec 2026 10:48:30 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=x7FyMTflvyXQQ8LJuxtS4i23a2PWqlgMekjhHux2Y1kL8WRzpu%2BZ2FFCy4L%2Bb2H%2BJofWK05m%2FEl66Mo9WeKGXiZccbr%2B%2B3EmAJ4X2Arq2T1qg2TjqTn8vUh%2FK3U9D5fLFcB0MmDc\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-06-08T12:56:35.432212Z","times_seen":51066,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":9,"receive":2,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/assets/avatar-4.jpg","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /assets/avatar-4.jpg HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 225010\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"692354bc-36ef2\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":225010,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"da6c048ed84e57174be9eb73e7365ac2","sha1":"03cf08dbbe0af11b2ee8fc44ab1dd3ed0fad08f6","sha256":"27a53bba282f0b34edfad40aa86e9482738bfe37ab8ebb476bfcc8eda15cc309","sha512":"3d4bc32733ae9d4818a7ef9e1ded3ae49d4c62d39000e1e3fac727a453e78b6f841e46ffd5ab48616b38b84923899f42a83286820a586e3b8b11badd4ce0d3c0","ssdeep":"6144:FZjwUygHkyeOz7nBPT+Z11KHvZtxQbk5Sw6BKN:FPGFeRTe11KPZtxQbk5z6BKN","tlshash":"4d2422ebd75f14402c61186d762d4eb0a7096aac7ae8247160c8725e3fc88e7578e8de","first_seen":"2026-01-04T08:50:01.213761Z","last_seen":"2026-01-27T07:55:27.408283Z","times_seen":5,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":148,"dns":0,"connect":27,"send":0,"wait":105,"receive":128,"ssl":121},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/assets/avatar-5.jpg","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /assets/avatar-5.jpg HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 247725\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"692354bc-3c7ad\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":247725,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"677d2c7e64a501ea271398079688c77d","sha1":"96c16f30f8ba4a2b2259451dac7569d9cf45d44c","sha256":"f2834ba03131f1ab2ae2678d54bd2f5938f1264a5dd0a5788b427cb850ae3e66","sha512":"e6ac21efc33cb9919f2fae78f88e02087d37a223574c394b2ab44c4a3b3a8e0e1981430efa23ed0b24a61702cb00fe1af852945aeec600ed192aec6042b6a78e","ssdeep":"6144:2dHdF124WRso+3ewoCyjOSs2MQFpmEiIyGjf9P78oZFkr/:2d9b4RXrw/fnIy+FP7tkr/","tlshash":"b234236e41506a629efdd6ff1217a8518870070642d4bb923ea2885d15addcffbbf00f","first_seen":"2026-01-04T08:50:01.197264Z","last_seen":"2026-01-27T07:55:27.412499Z","times_seen":5,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":216,"dns":0,"connect":0,"send":0,"wait":106,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/assets/avatar-6.jpg","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /assets/avatar-6.jpg HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 392323\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"692354bc-5fc83\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":392323,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"622ebb4cfe3513e268b97e8e008eb1b5","sha1":"8a249e379752c54dace763f9ed9550441be2bcb9","sha256":"a7de28d85378e49b1d363dcc3e930f34aadffb39deaa5d176e60bc49d276d619","sha512":"c103d4bfee60bcaf810138295e9874b70a0d1867eac089e213ca1b4008bb6d0143e3f80fd07416f165157665589a445bf58274f5a2d668e4a31599f9e7ce29ff","ssdeep":"6144:zFahmt7YHHK6uDTsncoRldvsOccFAuUhIzRB1XDxmszvT7KscBtuqNGiLcFH2OXh:UstkHHnLncwXUDYdR/X9msjvKscO6tLM","tlshash":"bd8423936612a5dad522cd0874ad390662d7d87e86f7faff008e014261f797ca24bfc4","first_seen":"2026-01-04T08:50:01.168849Z","last_seen":"2026-01-27T07:55:27.404729Z","times_seen":5,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":283,"dns":0,"connect":0,"send":0,"wait":67,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/apple-touch-icon.png","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 2264\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"692354bc-8d8\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2264,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"9657aec64107bf8144e0d468b58db707","sha1":"dbc9901929e54912140faa9a31fe7b94b87c79a9","sha256":"bc7ba4eb42a1ec7182711afa820953d04e374c0b2ca1e64182acbb5ea683ad3a","sha512":"6a15d8ca5871d13fc2fdf821a55f2abeb0d7676627f5d7c25749039ece8956e9b63b765390d781855d88269ead1ef66b2ce31c4053eaca88afd8729c2f1ed86d","ssdeep":"","tlshash":"534118bc759dfe3be98723a261192c5e2c280a0a76375b8ca365d33c6794696027036c","first_seen":"2026-01-04T08:50:01.17933Z","last_seen":"2026-01-27T07:55:27.411923Z","times_seen":5,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://download-ledger.us\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 10:48:30 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\ncf-ray: 9ba2e214c8a98deb-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1585241\r\nexpires: Mon, 28 Dec 2026 10:48:30 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=q0adwm38H5%2BL6QdcgPW7%2BYInhZJBejYQUTmffrLjzIUFNWmu0lQPPzca74hqziElqVZaA2VsH6JPZ0J74rhbO3PF48PvYiuG1UnRlTbIQD4XkQpDS08BVqACBwF1Ep1pnrr2PrH%2B\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-06-08T12:56:35.426233Z","times_seen":37715,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":19,"dns":1,"connect":0,"send":0,"wait":15,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/assets/index-Cy9fOLEq.css","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /assets/index-Cy9fOLEq.css HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"692354bc-180a\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6153)","md5":"a38fc74af65f6c47963f2a0244051a73","sha1":"099b9f6b55e8cc009abb64e51f37a0722f1c774f","sha256":"49fef428180ed2a35c3f9c57a85f11ce9cd7126df84a850b329056ba43b3c27d","sha512":"242dd78f99df1d8bb29edabb6f3fc54ce05489a42ffc9c55c07dc4ee6900765258e2a22d69c91675b5b9aef39663d65c2e0f202858261ba7ba2015d34b11909a","ssdeep":"96:yYkSMxZ2G9nrWTBDVff4QbCy1Y3Exs17CzhAd:yvxB9nrWTbX1bCy3WhKhAd","tlshash":"59c1725ae224623e742fe87da1e4d78d2120ac90ce674bf6f9566234c9c73f21771709","first_seen":"2026-01-04T08:50:01.157014Z","last_seen":"2026-01-27T07:55:27.409414Z","times_seen":5,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/assets/hero-bg.jpg","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /assets/hero-bg.jpg HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 199985\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"692354bc-30d31\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":199985,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"94ee2de3e55029d201dc9ca90fbeb990","sha1":"3a7682957b73717640855381d98c7d9757811e86","sha256":"c44c40ebbe22403a40dd06a468974abe6c7e6725a7e98978b911f068a859ab19","sha512":"191d079d485a3aa41170302016b4137b07d8a213598f0727c82e8a590f4aa7eafa0ec4cbde3869c0721155af7941fd22ccf411159353bb414cc17349b1f5263b","ssdeep":"6144:ifP8Goa02yTrjEnci4+7SbDDcFz4qeaFb9GM:ifP8GoRrjEnH7IDDYTBnH","tlshash":"e8141247d6231a94bff581bc303a99426f904d27c5f14ac880474725a97fb07ef4baae","first_seen":"2026-01-04T08:50:01.186029Z","last_seen":"2026-01-27T07:55:27.410071Z","times_seen":5,"resource_available":false,"data":null}},"time_used":535,"timings":{"blocked":153,"dns":0,"connect":27,"send":0,"wait":105,"receive":119,"ssl":122},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/assets/avatar-1.jpg","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /assets/avatar-1.jpg HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 212247\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"692354bc-33d17\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":212247,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"121502a9096137634f676bfc809f7880","sha1":"66403b8922685010e0d9b5eb2b987141966ca979","sha256":"bd949c397fe788f5e6c8d1f9c277b724b168af4d93137182142883b6d6c630d5","sha512":"8e0c2a561d889a7191dede62cf730102368f377ce76aaa9fda7eea84186fe546da33f896145064deff95dbd772fe80c44e72435ca01c7b3666b8c332d7c45e52","ssdeep":"6144:WGt2Sy+oUCLTTcrQlc3yYqzyQwGzHRbC9E4gX19/:uftTcrQlc3yGPGVbC67","tlshash":"bd2412b78d0b8218dafde2532e2e1ba2630de541d64c255622e31c7b3e91b15ca9d73c","first_seen":"2026-01-04T08:50:01.220328Z","last_seen":"2026-01-27T07:55:27.413717Z","times_seen":5,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":107,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/script.js","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":280,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"bf1c26be86e0e9b21771dc2431f13d3f","sha1":"ab1bad570151e5ae06f6604fc4ec93a727dd2118","sha256":"a325d498e813c751d38993a604c8c1592789293289083219253cfabff03137a8","sha512":"bd6abd3bcf0babf3359b8b346f868e950f56b7b098225ff2cf00e074d8224b18a11e7aae7c8623b4d962b77057d6cfc7bd23e3ce9ff30014762a90930e18a522","ssdeep":"","tlshash":"c6d02b9f9083a2874812146039c525d2275d12f6a47a86a82d86d48f62a853ece9aa89","first_seen":"2026-01-04T08:50:01.205632Z","last_seen":"2026-01-27T07:55:27.41311Z","times_seen":4,"resource_available":false,"data":null}},"time_used":375,"timings":{"blocked":144,"dns":3,"connect":26,"send":0,"wait":70,"receive":0,"ssl":130},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/favicon.svg","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/svg+xml\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"692354bc-7be\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1982,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"256b7c320f74b39ee3573bff96c7b09e","sha1":"3a9d7cd8ec78cc8f4c18f37f40e6c94691d7b77b","sha256":"c3a07dce149650917ccc34641227f5956fce4bed05ebb095a0c3a2f86a23843e","sha512":"93d0956f14c606fb492b041ac28177489b5b7272e7be17138a3771d5f774753f369cd1cf8082418b832b262eb0e59dbbfae64e1c076013319f2cb31887d843de","ssdeep":"","tlshash":"56410d7bdc093079f25b052950a5f2ef5fe14043a2a981859f4a0832f0aa3bf2b90ec1","first_seen":"2026-01-04T08:50:01.214902Z","last_seen":"2026-01-27T07:55:27.408847Z","times_seen":5,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/assets/avatar-2.jpg","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /assets/avatar-2.jpg HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 209491\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"692354bc-33253\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":209491,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"8b45a8a84017c8fcc25c3a26c62ea117","sha1":"4188e91163272fdf35eeb7f25ae3936607b5781a","sha256":"1207307ca46c71c07e9f77c03e2937589dc6dc9c45a53cce2d2a3b1a401cd158","sha512":"1e52ddb4376a2d9ed04645590667dbfc4a972ebf85020315fcd0c3c59b94859591886a9d8cab364db122a08ef8a0ab8dab3b3828296d55949d68276d9e479d1e","ssdeep":"6144:JQOLF0QpJaQyiCU15odlfHiRNcp6XZ/5sPCFR:qOyQzyS12fuNcp6XZRsK7","tlshash":"4424235adb7f30589cf3369c6a1281715ae44be0b6467c52293fac0c233e7d61e1bb46","first_seen":"2026-01-04T08:50:01.215964Z","last_seen":"2026-01-27T07:55:27.407565Z","times_seen":5,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":150,"dns":1,"connect":27,"send":0,"wait":104,"receive":125,"ssl":128},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"download-ledger.us/assets/avatar-3.jpg","fqdn":"download-ledger.us","domain":"download-ledger.us","tld":"us"},"ip":{"addr":"144.31.228.146","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"download-ledger.us","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 23 Nov 2025 18:40:51 GMT","end":"Sat, 21 Feb 2026 18:40:50 GMT"},"fingerprint":{"sha1":"B0:20:20:07:0A:A5:80:06:15:00:69:A4:A2:B6:3F:BA:23:03:77:83","sha256":"AB:7B:75:8A:8F:56:DF:9F:44:2D:34:8F:FE:A3:F9:6F:F9:BD:46:7A:F2:9E:9C:3A:20:6D:3B:8B:E7:E3:EE:72"}}},"request":{"raw":"GET /assets/avatar-3.jpg HTTP/1.1\r\nHost: download-ledger.us\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://download-ledger.us/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 07 Jan 2026 10:48:30 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 222017\r\nLast-Modified: Sun, 23 Nov 2025 18:38:52 GMT\r\nConnection: keep-alive\r\nETag: \"692354bc-36341\"\r\nExpires: Thu, 08 Jan 2026 10:48:30 GMT\r\nCache-Control: max-age=86400\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":222017,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"310bd00dd474154384fd91e3f886c324","sha1":"aa10cf8ca724267e6e14918259e3171f053f63bc","sha256":"5046afa3750148449091f9d3041414a24488382d67bd7bc9ec0a9fd92bbcc06c","sha512":"f9fca2a95c9145c4e1f07154e9a292aab54d333d37534cb1683aecb81b979affffe930209f103082f88afef0e9410480ab8c2e3f08aceefc3032f5d7536df29f","ssdeep":"3072:cYGOIcs+EpIVDRiWIIcevoCW8sOX4z0ZuzdpzvYMHZPgjBWEk+EkseN2tIYLD:cYGws6VEp/HOoz0ERJvYM5Pa2vkJN7Yf","tlshash":"7724237fb980b8aed45df5b2429f312c858cdd4aebeb454dd2810433b00d264e66ad7e","first_seen":"2026-01-04T08:50:01.157966Z","last_seen":"2026-01-27T07:55:27.41066Z","times_seen":5,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":149,"dns":0,"connect":27,"send":0,"wait":107,"receive":131,"ssl":125},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"download-ledger.us","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://download-ledger.us/","date":"2026-01-07T10:48:30.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 15 Nov 2025 20:49:06 GMT","end":"Fri, 13 Feb 2026 21:49:04 GMT"},"fingerprint":{"sha1":"9A:71:C8:6F:E2:4B:9A:91:7D:C8:4A:1D:79:98:2F:97:C1:85:D8:79","sha256":"4E:C5:BB:7A:81:A0:D9:00:73:8D:D5:57:59:3D:A0:C3:D3:BE:62:18:4E:6F:6D:98:DA:F0:90:94:5E:E0:0B:63"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://download-ledger.us\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 07 Jan 2026 10:48:30 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 108020\r\ncf-ray: 9ba2e214d8ba8deb-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-1a5f4\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1827973\r\nexpires: Mon, 28 Dec 2026 10:48:30 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=16d4rBg80VtgVMdx1VAXOnZGo3SfAXu1a0feESv14hKrWbhBCVBlZGT1fo%2F54eukIWn2KHnS7Y8%2FbYDZdjKTL6V26jGZoLc2l8ab0ZjOIXlbulT%2FTYmECQLop1JRRDBvOrWs41fM\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":108020,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 108020, version 772.256","md5":"8b0ddedbb27cbc9971c8667caa8a0cc1","sha1":"4350f9ba93384634faf35f41c503c99c767f1069","sha256":"748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207","sha512":"d3b4791b988fcfd9911a2158163d0c44d6797650890b5d4ac769417e09d8fc2c67edc595be8e7927de0519a85eeb3577d0c7e385bdc99d762c7a6cfbad021b39","ssdeep":"3072:MUdDCdwgz0kLytDzAUhcJz8zfleLXsg4OEpUtbeONfQfG:1d+dNBBh8zflIWGP9Qe","tlshash":"8db312128031ef76fd4aa621de6b1807b03da30b67f249a9ded46a37c050997b471b4f","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-06-08T12:23:57.933136Z","times_seen":19087,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}