{"report_id":"35bb7785-4f15-45fd-81b7-3785f040e3a7","version":6,"status":"done","tags":[],"date":"2026-04-02T11:31:59Z","url":{"schema":"http","addr":"authenticatingconne.nesarashiftledger.live","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":0,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"final":{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"title":"USDC CONNECT","dom":{"size":39064,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (411)","md5":"793063e6e51e49cf86b092f07e52d6af","sha1":"f38afd28ebcd597424ae91ed3a8f57498920f802","sha256":"135cf6e9afcdaf6437374b41e272ae1a0f1543b56450ee13cb41e79940b8eb6f","sha512":"0b32ae62ef38c2c02b32b747fed6c0d3c3aafbaea5fef552802d5c4949d0ed202e0ae964b937913cb132cbd22d97745edb4f9dbdef356057e03af484699a572c","ssdeep":"768:Z28VII1bFN5vSFPF5FPFdr6P5rTfUmOPajgS:bII9n5vSlXlHr6P5r","tlshash":"f703c23269f1222241a780853be66b692b69d017d526cd9837ed43d88fc3fc5cc936de","dom_hash":"domhash1dc3cc807a60519409cb2e49a1b7f3ad","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"authenticatingconne.nesarashiftledger.live","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":0,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-07T11:31:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"authenticatingconne.nesarashiftledger.live","ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-02T11:32:07.256291Z","last_seen":"2026-04-02T11:32:07.256291Z","alert_count":96,"request_count":48,"received_data":9163700,"sent_data":25021,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Bootstrap:5.3.2","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2026-03-29T23:54:08.408227Z","alert_count":0,"request_count":4,"received_data":1709,"sent_data":1804,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-03-29T22:35:00.993215Z","alert_count":0,"request_count":1,"received_data":81815,"sent_data":540,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-29T22:20:07.848058Z","alert_count":0,"request_count":1,"received_data":9416,"sent_data":512,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/ajax/libs/bignumber_js/8.0.2/bignumber.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"a4cae21db6148c524ce7ca8d0486ebfa","sha1":"51fc0b03795a061f0830e43b61f1c5622f200005","sha256":"cc711d7d219c1465d5fa275882eeb501d9f3c7ae1638adc03dd00fc2138c8a68","sha512":"5d00c6e87f3b46031ff9a345c033c251c17051fdedf658b2a8dff606427c2868b1ba96e33f0407361ca9340f7bda62c8920e0a3e8e259069aa01fdf27c3cfc87","ssdeep":"1536:eqNDqFAE7+o5dUtCKEXeCVi/hs+GTEJQ2ZaazulA9:3pAnACH0/2+GTELZ3yA9","tlshash":"cc83b64c6ac321375b33a3384f5aa44ceb28512756c5624a346e83b46f72c60a7f9fdd","size":88004,"data":"","first_seen":"2023-03-07T01:24:06Z","last_seen":"2026-04-02T11:32:15.598955Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"a21bc194cb4633e5df646fe2342dc114","sha1":"3cf8fa88fdcef968a280273618aff01532d3fa79","sha256":"9321d8cb1ec58f5b1c5234d68a606da42a270d32b1a854fc9f6085a7d57bc387","sha512":"6704b27c4acb056f58fd7c1a139e5ea0c8a317fd978f0220c6c23474d8d477575a099cd7dc0faef6b4a58dd7dbffe0c33bc6b0ff822b6d2332d7adeb2aef58c5","ssdeep":"","tlshash":"e6b0121913a0c5380137411e138dbbc52a71019fa2804d0e13d40580dd54ba3c2e06c3","size":98,"data":"","first_seen":"2025-08-08T11:29:24.230175Z","last_seen":"2026-04-02T11:32:15.60544Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"2329bdbaa39b181690a8f839d3027d0f","sha1":"7a00e439bf499477b25421d264682ec26aaf871e","sha256":"6aaa5f3240bcd48f6ad238983087cac4ea3ad6a8f438ebd80afc203e959e5ec8","sha512":"b6e0e1cc7183d5e62bdab6de1d376fb9753a472243c0a9142107f4d7fbe82ef97a0807c594db31d151997df1a9b6ee2a7d86f8df4255412b99104ab648732de8","ssdeep":"","tlshash":"ff415a8f6535337006bb3237639fa3a87172804b1615e908398ec7d01f74a7595afeda","size":2105,"data":"","first_seen":"2026-04-02T11:32:15.606387Z","last_seen":"2026-04-02T11:32:15.606387Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/web3-latest/dist/web3.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e131238273584c83b0089668cf50b1c","sha1":"a0e353e006c1ce398cc28b065c9e2754f9f6d655","sha256":"8cdcd2aa68c68480d5180ca0cd64f190c7064fdecff596ea34042eba5ff181db","sha512":"1179354c1ad3d530be6a372bf1cf8c71584616fe31008fbc9be57b4f83f04f731d600bf8ee3922ae57934d987c205b51bfdd19b4a3ce93fe09253194690f5de9","ssdeep":"6144:O/QrM70NNb2ki3aT9lWCNvmsIAAvkNS98bKwTlC1wr5ndZYTXLpg3jvLJvyzzWaO:OIrM7xkr/WamsIbcvbKunDYn6vU8","tlshash":"0c45f9c47691b095c3a25ad1446fd00ae33dfd647c8c4169bb57ecf32ca8a89512bf3a","size":1184878,"data":"","first_seen":"2023-05-12T17:02:00Z","last_seen":"2026-04-08T01:21:50.445207Z","times_seen":430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/web3modal.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"b75e5b4aa819a4e0db65d09f304ffca5","sha1":"322a4343cbc52f87360eece8baf8107535e1e153","sha256":"0ce4217a6e4105da2cf62a06789f3d999a4c6dae1ffbbc8fe3b5b12d8373dbcb","sha512":"7bfe99b2371a31bfe270481c6a4c26b77ae40ba7d696dd875acc847464f1c1be4bf2b96399cb9f68fefa038101f7d966e5eb914fa7f37ff6dfd87f693886d57b","ssdeep":"6144:i7Q8a7NJ7oiJhdJ0zIwKu4YcacueJ3px/1ikVAwkOfuQ8s:oQr7NJ0iXdKveF9JAwRVT","tlshash":"a5b4aee73583f42107b23ab740af2c06b23c691718098990f295edd494bd69e916bffd","size":493905,"data":"","first_seen":"2023-03-13T10:07:14Z","last_seen":"2026-04-02T11:32:15.575606Z","times_seen":89,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/webpack-59c5c889f52620d6.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c2270d3b272a5b20747cc8056323655","sha1":"5cf62beb9374212bd1074b0d61f723fb8815ada7","sha256":"b7082c98641f82287ee830bdef5ee7c447c042d01f42b0b0bdadd1b819fb0c93","sha512":"8222dbdf6219c13120dad2405fdc7130e141e4172f8e26324c0b064d2c8e55ab2f150b3e99fc90d00d964e24a921b90d97f55b6f01cb655bea0d8bcafeb073cf","ssdeep":"","tlshash":"a33156c972e5f8d81717b464482f8497f13b99b3107da8e1eb05c2b17c351584272fae","size":1606,"data":"","first_seen":"2023-03-11T14:54:16Z","last_seen":"2026-04-06T22:32:46.770633Z","times_seen":306,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6baf57f25796c332144ed58a2a0cd9ee","sha1":"f7fd0f3dc84b2cf93bf81e832505a673f354e0a3","sha256":"82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd","sha512":"5ff6240d9ca34dfe30c9cd95cb5e981823c7c0063cad9258f8f3a0a24663401da684844524272410673a6325fd78db0f7e7d0fcd3844b8db3eb9aa2613908ee8","ssdeep":"1536:Qmw0iELO+TBR2t472RirWyKsVfK5GEfy3YJtCRv/45wZbqbXZTbYWU178:VwXza3YCl45wZODZTbYR8","tlshash":"cc73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","size":80663,"data":"","first_seen":"2023-09-18T01:21:14Z","last_seen":"2026-04-09T13:23:45.988774Z","times_seen":15061,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"1f1c33378498950b36dea87aad7c04e1","sha1":"efd195f662cfbd16b323691d172f2898870015bf","sha256":"dfdc4597200ae12f3c18c9d8b59d63f5b3e750e1e1e496a7818c62b476c404d3","sha512":"3a167952eb0438460e5e72bb1e7c254282d692561bd15a0e4e4bfa426cf59975551ac895feb4e6b7a9537fac5b8e79c456fe2c5f6cd73366d09a867e59de4e8a","ssdeep":"","tlshash":"7601970821b01231023f212f470ba2843620586b6304e8983a4d8a35dff8ea381e2acb","size":731,"data":"","first_seen":"2024-08-19T19:04:48.450772Z","last_seen":"2026-04-02T11:32:15.608267Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/-walletconnect/web3-provider.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"2445f62ab38cca81d6777764e8404f89","sha1":"1eacb53addcc2ebe4f72e8f3a92a18b50abee214","sha256":"0553fe38d4e791a7ecd18f9d19ba5d7ed05e05d5b9f904819979ee7e7ebfad8d","sha512":"d73a9ea52cdc3a4e99351f44f158aa744d08b561756abea328a94560d518db65dd925741fdfffbcc76b4bc393859d71efd286a1dbbf6a031be287744a70da671","ssdeep":"6144:9Z+a41Elitd9rGMXRiZ7n/M+ReCNvmsKLNQDiBwhqnCNvmsu37be:a35mheamsK6ibnamsT","tlshash":"1df4e888baa4b071539665a0002f540ff27bba2c784e44acf655d8f5bcbc98d553bf38","size":744404,"data":"","first_seen":"2025-06-14T13:42:28.278914Z","last_seen":"2026-04-02T11:32:15.573516Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"bc5cf934ce6d4e7f87d5cfe7b263fc19","sha1":"d2a5ed2842b2b3bcf12aed0603addeb91d9ca9f9","sha256":"a4d9118903d66c801091f19a5a4aaaaa59453c1d257123cca15e70606bef6c10","sha512":"aec78583c20c343246724eff49b01b803489f5d738be0cec92f202350cca428fb821487d50ee0ff8358faf4cb3855a19e142c474e1cba1eb3a2c03bee50764c4","ssdeep":"","tlshash":"4921aa9a279122304fbb267a1b0f73e03261847f0a609958754e47919fb0bd1846ffcf","size":1261,"data":"","first_seen":"2024-08-19T19:04:48.452254Z","last_seen":"2026-04-02T11:32:15.61106Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"2bf915707fa0d27814ddb88a3b227abc","sha1":"0bc2ae1d0150fb26e701bf01619588034fe6f2e0","sha256":"cf506bcf9dca96efd1bbce313b9f6b1e23703138f80f9df83a0f2e5f2b5cec6c","sha512":"9cc75f77224113a5150e6499183b55ca876047136c570ab3d7362541f11f1bc98f9ed52a4f409900780bdb885976f6f32bc71a80ad0742f567d47f5e0a6d06c0","ssdeep":"","tlshash":"e0116b9a239112308fbf267a0f4f22d43255887f0a505555355e47a18ff079284aebcf","size":874,"data":"","first_seen":"2024-08-19T19:04:48.452876Z","last_seen":"2026-04-02T11:32:15.611992Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"Function","is_inline":false,"md5":"2512414f817df8312569d55032748f81","sha1":"13467df6e962aa77bb36867ff1412e1ba9f8feb1","sha256":"e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de","sha512":"db6e4298746d519b0987bfa0feb89c39315718e178418e482b1c10c76439eae343afabf2db35ffaaa26c7ee6a3855084d39e9b88d35b11f87c354ceaf38874a0","ssdeep":"","tlshash":"a590029525c25101965295d4455b5c8450658675249569809180956259550205125cbc","size":47,"data":"","first_seen":"2023-04-11T22:25:25Z","last_seen":"2026-04-09T13:49:04.591798Z","times_seen":19392,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-09T14:26:57.846191Z","times_seen":606002,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"88a7233a4709f2290c567b2504714d15","sha1":"b09347539c0ebc02500e5106e33fbaa531c90ae3","sha256":"dc67ced1b9dd88ff44b3292a0129564cbb0198663c8f307f53c5a6f3c8ecc4e2","sha512":"8c2b70b88613df5a372bf9a1c66dc78f1726233658759807a2b8f8fcac70a4c6bb12f2989c37bea94fcdce59ca2e4b0c9fe3ff2e640301e6691e116a6819d31c","ssdeep":"","tlshash":"53219b3d917142716e1fa0a263cf139c1056b217b803c578bddf53842fb442ac51e7c6","size":1425,"data":"","first_seen":"2025-08-08T11:29:24.236178Z","last_seen":"2026-04-02T11:32:15.613918Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-09T14:25:43.114608Z","times_seen":209713,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"eventHandler","is_inline":false,"md5":"50dbd80e805f1cafc644cb95387bfa64","sha1":"52dcb4c35013bc48d805f9271011e06f62a15e53","sha256":"14050246257181f8d77269e3302b09bb387f23350f32670bfdea94598aa357ad","sha512":"2c9071b3a172b33c1fbeab025982d5aafc50602cfe095f422eb8264130d2747efe6464697c36ed2d8d2e48c7c79e27112b132b60c6b5e59e7c4e00e482e5de4b","ssdeep":"","tlshash":"3c5000c0000f00c00f000c030f0c330c00000c0000000c000000c00000000000c03000","size":11,"data":"","first_seen":"2025-08-08T11:29:24.237956Z","last_seen":"2026-04-02T11:32:15.615191Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/src/js/claim.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"d1eae5855c32a170dd8a94a9e277b7d4","sha1":"7482e05dc3282167cce386685a4014e840dc8bd8","sha256":"98106e8822473836a5004a1083b82b6ad2c6c020ebd6e34256f2a21eef1965d5","sha512":"e8fd840b966d706dd3c2e7abb745630a88c7967a32636787d5c86ae9f0eee558240c26936ae6fb45e4f34648131c8496d713cf5cf6a0cf135c4bd24917a86b2d","ssdeep":"384:bxLwDJHETOjbjdtAfQsLSLn1lr40y+1ivrJak7Ih6IIAJL4diP30uA67ogYwNrYf:bWxETOJtAfQsLSLn31y+1WEk7IhdIA5m","tlshash":"faa2846c6ee01e6d130b1eef762778c5e0691e4d3a4484afd1087d68a5e7327eaf1630","size":21526,"data":"","first_seen":"2026-04-02T11:32:15.602427Z","last_seen":"2026-04-02T11:32:15.602427Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/main-d774003010c49e99.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"1531d59e92107d30a22acde0865d8455","sha1":"f98116c8710c0f50bfc8ae5cd50521848091bf45","sha256":"6603641801d45e9dc06cd8668fce2745721089e3859faa78cb2e3641ef270c51","sha512":"2443e8813f8bf2672375dd3c5de6caf4e836a1ea854c7313f6b3904c0cc275553f35aeef0e8aa7e408c92f4f29cf995f87bcd657b3adff79fcf76c296ae64056","ssdeep":"1536:2on6vKYbmJiBN3hZH0PLmfvPvQFzalJLH7S:r+KonvUaldbS","tlshash":"1c9319b536d1f8a207db4195c43b0202f3761d3ea41fa855e3ebdcd67560d8ea0a2f26","size":90400,"data":"","first_seen":"2025-08-08T11:29:24.208919Z","last_seen":"2026-04-02T11:32:15.587705Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/src/js/ethereumjs-tx-1.3.3.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca1104de538caea2d54265fbe90916b4","sha1":"d6c416e5d153f500f7ac66d25a2b73db45867ad4","sha256":"10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0","sha512":"51fe1c1b91913f9108019b1d18ca38593175cbc827ee159e2942d62b2a9825317642833f17c2526ce292d9623e394cce1a750d9c6246c7eb201a57b15c8d8bc4","ssdeep":"3072:3dpgpHu8o3GVhW8Jg5bGpLsev6ns9oq1CfdfDWp1WrB33NjbLytdJ7bt3r:3fGVL2CNvms/CfdS1Dr","tlshash":"a6640989fba07052435671a5062f644fb67af92d5949006cf254e8fb3cf89c8a63bf34","size":323051,"data":"","first_seen":"2023-03-07T01:24:06Z","last_seen":"2026-04-09T04:10:04.926364Z","times_seen":2023,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/assets/js/jquery-3.6.0.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-09T14:24:59.060025Z","times_seen":447388,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/assets/js/popup.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"1951c3479c5f3c47349f89b18972ac43","sha1":"dde7de2837f0ca7f1cd10158d744090f68e24cf9","sha256":"5ffd9804bfeb634e42ed133c48330c4ea58e23ec7b2ff71ec991c6a7f7ea1ec7","sha512":"fbe81cbdb873bd5839bfd32dc93d6ac08236074c1876c36218475a863376ae26a9158d61d2d7339016cdffb5ef4f83cf3d0d3b75fb5fbca95cd5673fe892eea9","ssdeep":"","tlshash":"ec21e524b17cfad548af332e23728885bf3719a7b5021d71ec360e4829246986382e6d","size":1267,"data":"","first_seen":"2023-06-25T11:44:49Z","last_seen":"2026-04-02T11:32:15.553901Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/857-1805016c23c80f95.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"467ca5761d59317941961f88558b9d3a","sha1":"16b4f2962d27826690af3183c48cc08ef530b39f","sha256":"6fcdb5bacee81d0886e55ddcca5921bcc0b0e1585dad4093d6cf314a381bb0ee","sha512":"f8d55b06ee8496d815cc87206be3620b229ff9739299a81d333fe6f42aea2f371f9837d75029a2e70fad3d3cac16ee5877dee892fe2a4f118d351c44af34f618","ssdeep":"192:QKsBY5F3T4ZxU30JNK62/LC+Jff3myHhaPmuxCpwzs0QF4gnqZawuXtg:0BYbD4ZK30JN3UZfWbC2s0QFNnOaZXtg","tlshash":"ab42c885b561fa2149eb22e3442f130ab23a2624740cc09dfa7cdde16db142be573f39","size":12005,"data":"","first_seen":"2025-08-08T11:29:24.17378Z","last_seen":"2026-04-02T11:32:15.56035Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/pages/_app-5482eeea9b28a6d9.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc31d155fec325329e255c76bb779bd6","sha1":"b1b6525509d6c1038b7f6ef025151e61affd1fad","sha256":"0aa085dde608aa8d84634ac2090595dc48271c1d03ae7797dbfe2dcb480ea3db","sha512":"fe16edafee096a9fc75250a28dc2c13f3b968b70e5a7cf877becd079f8d5950e2200fa61729834747144f92ff637407fc1504d06dda349ffceda9968cbde078b","ssdeep":"3072:4R8S7lgLd3rWrIOqMRmg/y7ECOrnpCtw6u:cgLd3r6y7H4","tlshash":"2be33cd97181b1f44f5345e242ff010cb23e2d5869294864f67e84da2b78adc6263faf","size":152641,"data":"","first_seen":"2025-08-08T11:29:24.194503Z","last_seen":"2026-04-02T11:32:15.593131Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-09T14:25:43.114608Z","times_seen":209713,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/settings.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4b0ca63dae2f70bdef0b507efa4ac52","sha1":"0a2fc39c52a5de8e913dc44c1d19f67a188655da","sha256":"dad80b4fd130c0ca49112613e3ee22e82004ccfac4b027920212153ba6ffee8f","sha512":"c29b18e35103772cf2f6cb87bea842208532fe78f39631aa4a064814c67781e43f29d2c744c3964db956ef31704cc1ccc6d602cdf49e9a1a0b1cc590369032dc","ssdeep":"96:14wjRsrdykZ+j2gZSA63dbXauidMztgPFnexLt5oYleaEV1eMaEoa:6nrdykZ+jDZ763dXodStgtehrlFMea","tlshash":"16c194d1fb80ee15634757fb7f0736ccd91a98d938c888c4c72c9c8839aa919d192b76","size":5722,"data":"","first_seen":"2026-04-02T11:32:15.561365Z","last_seen":"2026-04-02T11:32:15.561365Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/264-2f490903294bd863.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a7b111edfab7d66087675b1a4d8d949","sha1":"79d480c23d67a6c6e2b809e75ceab1deac723851","sha256":"9cbfd93211d1934fb275fd41dbc2fbff1fe3d718ded0029007a5dbd120112791","sha512":"ef5b1473c7f61bd01f500381b9983ac980d7d4b4d18d08354f667061f400dc370a6679387e20ebf7a8adb22db18fbf35264a7d302ac999479cdf0352fb58733b","ssdeep":"96:vJaCqToP+osFWlRuf+BrlML8AKzTf4FKII3Tz7E8rOJbklBLfKQkxELEz:sC89osdfMlU8dzTfWKP34wOmlxfK1Ka","tlshash":"e2c1b6ccb0823470a77b6084c99f449f717d9d58310e4868f1a6ac7d23eb9826573be7","size":5643,"data":"","first_seen":"2025-08-08T11:29:24.207152Z","last_seen":"2026-04-02T11:32:15.60143Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/-walletconnect/web3-provider-1.7.8/dist/umd/index.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"29fb92b3430a91e0f677a5f852800627","sha1":"2c0d22ddc0bb82f5b7cd3085650e8457f9aa229e","sha256":"968d103baade1160c2e2d096bcdeb0ad70400b2b2e92df06bd6e6e0c7b5f4dba","sha512":"b5881dc1eb94e9fe65f0404bc08ec31c6777ab4f652beda88dbeb62bad37627c36f9626341ab165f3ef727f9232e94c06657ff06eb5c7837b3efe2dd2a20d4bc","ssdeep":"6144:Nyk4y38Pmw7kM9YTIPAIhKVlbolF+QMPjqUY2OoGHFiRlQIiH+O3+2zrbwRbCNv9:hSY0CGliQIipDwRbamsXEmpR","tlshash":"9af4f984b6a4b061439765a4003f540ff27aba2d780a44bcf654d8f6bcbc98d653bf39","size":747143,"data":"","first_seen":"2023-03-07T01:14:55Z","last_seen":"2026-04-02T11:32:15.591504Z","times_seen":728,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-09T14:26:57.846191Z","times_seen":606002,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"Function","is_inline":false,"md5":"2512414f817df8312569d55032748f81","sha1":"13467df6e962aa77bb36867ff1412e1ba9f8feb1","sha256":"e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de","sha512":"db6e4298746d519b0987bfa0feb89c39315718e178418e482b1c10c76439eae343afabf2db35ffaaa26c7ee6a3855084d39e9b88d35b11f87c354ceaf38874a0","ssdeep":"","tlshash":"a590029525c25101965295d4455b5c8450658675249569809180956259550205125cbc","size":47,"data":"","first_seen":"2023-04-11T22:25:25Z","last_seen":"2026-04-09T13:49:04.591798Z","times_seen":19392,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/moralis-v1-1.12.0/dist/moralis.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"5393b517fdf9dcd730b073998c403323","sha1":"7cf2732ea23e2283c118cfcc9a3851c56056790c","sha256":"c68360db58621edfd07503a3f4952e0c09ea1606a4cb87ed1f8c9cb2d2e3d207","sha512":"ae411e43cadaecd4b4233c8bee7db7f1ef54df6b1496e29769c304bb4d9c6cf118cf7e97804ce722892b34f0b55c369a766b62b7d678a1d6cac22efce812d115","ssdeep":"49152:0yieTYtSfdeBRIVoxugHBKEuc+P8Fu/88BpMU4+0:W","tlshash":"05d5d609baf360624617706d4b1f9805b374d417618dec60bd8cd7a0afd582886fafee","size":2870702,"data":"","first_seen":"2023-06-25T11:44:49Z","last_seen":"2026-04-02T11:32:15.616412Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/pages/home2.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f748823cd2b081fa2e636dee0ffaefd","sha1":"665f40dcbc569cad292e388bc694619521f81820","sha256":"c2620d67f63303b41e0ac61e694906387112b16de76d7ba153a9e59e036b99de","sha512":"48075c3ac8385e34c42d2e743f779806d40d312bdab6cd2ffdfc0332c48661ae4c06fc74bcb8cecfc7c426c09818eeaafeba079de2cd190060d48ac1893fe1f4","ssdeep":"384:5twhPRTUN45xx8rcoGabvHF/OwpYdzR2c6x2V5:5tYw45xxEXxQ","tlshash":"a2f29a40e669fbedf86908d9566f900cb12f2f88cb3908b8bdf8641509554e47623fce","size":36530,"data":"","first_seen":"2025-08-08T11:29:24.227475Z","last_seen":"2026-04-02T11:32:15.604098Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/framework-2c79e2a64abdb08b.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"7fc4bed6b4319c62343f0bf5db91a5bb","sha1":"6e283c4ea2b12da64476af280236a8c5d85dbbbc","sha256":"f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7","sha512":"e2e0072386f2f35690899509229136406c27c2b95e3e8cc810aeb6630d7f13bd0872e0f6e650b4fddce2567680e7c42eea49c62bd2653006f5151d9ba0430cd7","ssdeep":"1536:2YjvmNg6kMudjY+o3F36qmk1S/qcnde//ZQg:Dj7UN6qT1S5cXmg","tlshash":"a3d309e83995f6526ab311a700af2803733d2a1b280c4960e615fd9e75b841fb17bfdd","size":141052,"data":"","first_seen":"2023-03-13T20:58:32Z","last_seen":"2026-04-09T01:16:33.046928Z","times_seen":2006,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/546-4b54b9aaaf4b16cb.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c5f370e9a2f576117ca5ed6fdb19e9f","sha1":"2f8ae5663361fc55f70d99edf5171fc8a24296f0","sha256":"38548222b978a476314c80f398a29c52a80fcbdedadcb76aa10583970bd79ef1","sha512":"e478e988a460ecf9f34e24cf70f59671d48a8a0e9fbbefd64c949a219e1ab221039f02f7e4430c70288e9245aaa5518848c568c39df94674fb6efacf22a87ffb","ssdeep":"1536:aIV/wysRk/oB3UolxU78f2MXOXJr+yuFTFLB/RyHkGBd3ar+BpnKkhk3L:5zq1H4l+yuFTFLB/R8zBd3D8","tlshash":"158308d96221b57693ef525b92a58111b3f50888b40dc46cb0f88caf55bd99803feff8","size":85476,"data":"","first_seen":"2025-08-08T11:29:24.220385Z","last_seen":"2026-04-02T11:32:15.597414Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/src/js/tokenabi.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":false,"md5":"9690795493f65e03ba9d3f9136c70cf1","sha1":"627f5e2fdfbd8afdd36bdcd184e420faeff5d60b","sha256":"8ffe8e4ad105bedc0e56d1d7eb10447d394c42a656e25a20dea8fbdaf2364680","sha512":"c45e09382417d3cf481c8b7a1e7441a89e68bef8f0d6e5091b5751bda6c30aed19af01c3fd7d58e9a33fdd0da626b801e14f9783eb6f2b9c72349367bfe6701a","ssdeep":"48:kRGt/FcpGt/FXDVGt/icepGt/GGt/KrGt/EcGt/WGt/X6pGt/FopGt/EsjGt/5ja:7x4TNT0pR9+DjHHFekk88","tlshash":"fda19e77d8695c6f48b5a3b499a94213f460936b91880c0779fc893c6ff6c23240af4f","size":4675,"data":"","first_seen":"2023-03-07T12:11:01Z","last_seen":"2026-04-02T11:32:15.600533Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"introduction_type":"scriptElement","is_inline":true,"md5":"27b36b746dadae4cd98511c5cdda78b7","sha1":"3902b4726129872210a964f363a5b33679e9eb2b","sha256":"2cee68363e0f03963cce37d990ff933e047f99ed83ebc71353e5e87be61aecf4","sha512":"cd859fad805e84741cf9ac5bb013a0ead00a81ff2b7f082a233c6008b57019889aee3a81aa021e95e6ec6a5cde97b05625a7147a9ca76a3407aded24877bae82","ssdeep":"","tlshash":"5cb0920af0c10904123b326b36bb21000a19003ba60a9d12f80c18a80f60104601430a","size":119,"data":"","first_seen":"2023-06-25T11:44:49Z","last_seen":"2026-04-02T11:32:15.617338Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/s/rajdhani/v15/LDI2apCSOBg7S-QT7pa8FsOs.ttf","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /s/rajdhani/v15/LDI2apCSOBg7S-QT7pa8FsOs.ttf HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/css2?family=Rajdhani:wght@300;400;500;600;700\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 128869\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":372568,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409","md5":"f48b39785d2b25e1282c40b47631b88b","sha1":"85045273845d7d971feec8d0109d9251cd5de93a","sha256":"8b2fbb04ed3af38ea941d7351fc5bcf917d239d0bfb64c9bb8916510d8774495","sha512":"a4010d994369b42a4e143d1fdfa83ed6369aa9c1c590464445d5cfa670e1239ab6cbf1aa329db1a938395f4cc9deb982da69ab660ce044e6817b1b1b5aab549b","ssdeep":"6144:DrhJE3EeP5MDfibDYMwytTPX06PAcJYLN4OV:pS3lMD8RP+V","tlshash":"6f846d2dab3adf92d3d7648e0d82cc0232e0fb49b7567bc7dd6197a864429c641a34c9","first_seen":"2023-12-02T12:15:56Z","last_seen":"2026-04-02T11:32:15.549177Z","times_seen":8,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvAw.ttf","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlvAw.ttf HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/css2?family=Rajdhani:wght@300;400;500;600;700\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 66758\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":128676,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 18 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.137; 2017Roboto-Bo","md5":"fb6210739c4993c1a86f812e6502e471","sha1":"3a4a7ff4fdba5317d6941e2d66e629df6c3c8cf3","sha256":"39a2f9d2c6a99fb8de9bf674373c4082cde84253311808ca80db6582266962ef","sha512":"26487b7df0c38dd128ec9871dca33498d1f1492f7b5b04ac7bda91df98908babc7ccb85ccaf473432fae1e8bf24121a471d3db2248e6107a7e2d5fdfbd8304bf","ssdeep":"3072:gBa9dX3CuiSB1/R7O0aXjC1ZnFAPbXj9K9SINj9V0kXwHXYXXXXXXxoIPi0c:XXaX9jCS3eoIPrc","tlshash":"d0c3d400e646a628cac6b278bc3cd3be5970e42ebc6b611735e49f3155c4845ec69bfc","first_seen":"2023-05-08T12:10:57Z","last_seen":"2026-04-07T04:30:57.296993Z","times_seen":330,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/src/js/ethereumjs-tx-1.3.3.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /src/js/ethereumjs-tx-1.3.3.min.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 91727\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":323051,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (43040)","md5":"ca1104de538caea2d54265fbe90916b4","sha1":"d6c416e5d153f500f7ac66d25a2b73db45867ad4","sha256":"10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0","sha512":"51fe1c1b91913f9108019b1d18ca38593175cbc827ee159e2942d62b2a9825317642833f17c2526ce292d9623e394cce1a750d9c6246c7eb201a57b15c8d8bc4","ssdeep":"3072:3dpgpHu8o3GVhW8Jg5bGpLsev6ns9oq1CfdfDWp1WrB33NjbLytdJ7bt3r:3fGVL2CNvms/CfdS1Dr","tlshash":"a6640989fba07052435671a5062f644fb67af92d5949006cf254e8fb3cf89c8a63bf34","first_seen":"2023-03-07T01:24:06Z","last_seen":"2026-04-09T04:10:04.926364Z","times_seen":2023,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":58,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/coino.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/coino.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 07:14:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3502\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3502,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 304 x 166, 8-bit colormap, non-interlaced","md5":"3f35edd055d3267a14f717fd10d24e7c","sha1":"b1e8a57f0e44f7efce37d69aa62e98f625cca23f","sha256":"40b31916ea06d01469baca50a2cd5d4761cf34c441987bb083e5c3388c442074","sha512":"9b8ca0ce2759aff4699ad158e6379ef05f1c810e73c8859fb03f33509c49fe3769eaa87cad2999224550ca0e65d13969413438ad9a6e211ad0dc911b83c70177","ssdeep":"","tlshash":"5c71298ed8d87caf8ce59227110b9ca617a6066d729457049e1237f5ae7033e116532d","first_seen":"2025-08-08T11:29:24.17802Z","last_seen":"2026-04-02T11:32:15.552309Z","times_seen":3,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/evm-chains/lib/index.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 08:16:48 GMT","end":"Tue, 19 May 2026 09:15:09 GMT"},"fingerprint":{"sha1":"F3:CF:0B:A3:28:07:E9:5A:D0:8B:F4:9E:A8:A1:9B:71:A6:59:38:23","sha256":"DD:EE:6D:62:AC:D0:59:11:F9:1C:53:44:27:F0:8B:A5:2C:A2:C6:C4:BF:B8:79:AF:A5:5F:B3:E1:29:E8:45:8E"}}},"request":{"raw":"GET /evm-chains/lib/index.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 45\r\nlocation: /evm-chains@0.2.0/lib/index.js\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=60, s-maxage=300\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9e5f8213a8390daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T14:28:37.844917Z","times_seen":13542679,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":2,"send":0,"wait":226,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/assets/js/popup.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /assets/js/popup.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 260\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1267,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"1951c3479c5f3c47349f89b18972ac43","sha1":"dde7de2837f0ca7f1cd10158d744090f68e24cf9","sha256":"5ffd9804bfeb634e42ed133c48330c4ea58e23ec7b2ff71ec991c6a7f7ea1ec7","sha512":"fbe81cbdb873bd5839bfd32dc93d6ac08236074c1876c36218475a863376ae26a9158d61d2d7339016cdffb5ef4f83cf3d0d3b75fb5fbca95cd5673fe892eea9","ssdeep":"","tlshash":"ec21e524b17cfad548af332e23728885bf3719a7b5021d71ec360e4829246986382e6d","first_seen":"2023-06-25T11:44:49Z","last_seen":"2026-04-02T11:32:15.553901Z","times_seen":28,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/evm-chains@0.2.0/lib/index.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 08:16:48 GMT","end":"Tue, 19 May 2026 09:15:09 GMT"},"fingerprint":{"sha1":"F3:CF:0B:A3:28:07:E9:5A:D0:8B:F4:9E:A8:A1:9B:71:A6:59:38:23","sha256":"DD:EE:6D:62:AC:D0:59:11:F9:1C:53:44:27:F0:8B:A5:2C:A2:C6:C4:BF:B8:79:AF:A5:5F:B3:E1:29:E8:45:8E"}}},"request":{"raw":"GET /evm-chains@0.2.0/lib/index.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 41\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9e5f82155801b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T14:28:37.844917Z","times_seen":13542679,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/evm-chains/lib/index.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 08:16:48 GMT","end":"Tue, 19 May 2026 09:15:09 GMT"},"fingerprint":{"sha1":"F3:CF:0B:A3:28:07:E9:5A:D0:8B:F4:9E:A8:A1:9B:71:A6:59:38:23","sha256":"DD:EE:6D:62:AC:D0:59:11:F9:1C:53:44:27:F0:8B:A5:2C:A2:C6:C4:BF:B8:79:AF:A5:5F:B3:E1:29:E8:45:8E"}}},"request":{"raw":"GET /evm-chains/lib/index.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 45\r\nlocation: /evm-chains@0.2.0/lib/index.js\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=60, s-maxage=300\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9e5f8218db34b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T14:28:37.844917Z","times_seen":13542679,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/css2?family=Rajdhani:wght@300;400;500;600;700\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /css2?family=Rajdhani:wght@300;400;500;600;700\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3022\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3022,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4520fd20c064556900eb4b021e7526e7","sha1":"c7b297334b86d63983bc10340ff84d00cc718f35","sha256":"19f5ea00cb347749a43944a75c201349ee76b9b5e698347e219015bb82d77856","sha512":"634148a43197c9748fdc6bbda42e8deeb0894e1d787378a1087a3a80d5105297c050c8353ca5ef7b64aa4a20a567a754fd7516277b3beacf7f2825efe4fd6b00","ssdeep":"","tlshash":"7c512610044e6160eea21c6d73cf7f2dbd0c29192163c4bd9769a8789edf92b8384f5d","first_seen":"2025-06-18T12:20:07.090526Z","last_seen":"2026-04-02T11:32:15.555316Z","times_seen":10,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/css2?family=Rajdhani:wght@300;400;500;600;700\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 66045\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":129584,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 18 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt","md5":"afe8eacfc0903cc0612dc696881f0480","sha1":"ba879317acdc045b8fa78cb8f948650627d0477c","sha256":"7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae","sha512":"f6f135748e4d5afe4f8f05a4a07a51ceeaa5cc250c62305769661c9c61277d961678b03ef1848b660dde2980028350ec5cbe1090bfc8d7a41e55e64c9693e76b","ssdeep":"3072:By2g0L/sAQRuzzlPrvR39RB1zMolYE0B5YvPliLg24flLc:1Omp/TnnliLg2wlLc","tlshash":"dfc3b400da41a629c9d6b2797c7de3be4c75e82dfd4b641330aa9b2115c8c41ec69bfc","first_seen":"2023-05-06T12:03:53Z","last_seen":"2026-04-08T22:28:42.678671Z","times_seen":1247,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/banner/bg.jpg","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/banner/bg.jpg HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 135642\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":135642,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"ae6651426c4d98d14a260664c32d1544","sha1":"a68ec7b86153872e9edff0e3a309ed87c5fe8d10","sha256":"9ade2a640d1c8f86326aed74df9ba8764fca205bcb8e64f894cfe56a3b354952","sha512":"d01a32f9e2e7ab733170b74f13d0306738f5ae9b6188945476d75eac0c8badbfd4bd5d5b134157d21ee0803f7d434f2b2f65da25bfd42e2395f98d6fd93ad965","ssdeep":"3072:/DXrqFOScGxT726mk4IwC8G7XKx45r4E602XzF9mJ+Zg4sXSfWEOOM/:rXrqFOlGhikghSKxsMXb3ZgMfBOOQ","tlshash":"a6d302fa2759604ee1d1133bf0872a171b7a56f89e83872291396ca5b5b2343bd1c0df","first_seen":"2025-06-25T02:08:28.19965Z","last_seen":"2026-04-02T11:32:15.557593Z","times_seen":3,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/css/313fd1ebfc9126bd.css","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/css/313fd1ebfc9126bd.css HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 66699\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":417711,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (61227)","md5":"857eb25f7218fe2faf3efd56cb7a34db","sha1":"939835732049ff633c56665d48e9c6c5bc9e0211","sha256":"a9f24b24f4ecea30e6e2ffd6687ff25fc93fbadf88290e96b8aa14aa1382d39f","sha512":"5664447c57979c649859ce9aa5b6636fa0c8adaea2acf16e8541389a053e0ec72f6cffd2284a8544babad1718daa0594a65dc2efae4a2742e2751c2e17968249","ssdeep":"3072:l709gMGFiyPGuwpfZCzg9tqp9UfW9tWLVupz600I4fEnbQhlI:t09JGFiCagg9t+9UfnIpz600I4fOQhlI","tlshash":"8694a6e5f14820e87b23c10ba785bbbc517af728d6110da5f41b2a5c4ec2bd225a3f5c","first_seen":"2025-08-08T11:29:24.160679Z","last_seen":"2026-04-02T11:32:15.558909Z","times_seen":3,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/857-1805016c23c80f95.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/chunks/857-1805016c23c80f95.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3989\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":12005,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (12005), with no line terminators","md5":"467ca5761d59317941961f88558b9d3a","sha1":"16b4f2962d27826690af3183c48cc08ef530b39f","sha256":"6fcdb5bacee81d0886e55ddcca5921bcc0b0e1585dad4093d6cf314a381bb0ee","sha512":"f8d55b06ee8496d815cc87206be3620b229ff9739299a81d333fe6f42aea2f371f9837d75029a2e70fad3d3cac16ee5877dee892fe2a4f118d351c44af34f618","ssdeep":"192:QKsBY5F3T4ZxU30JNK62/LC+Jff3myHhaPmuxCpwzs0QF4gnqZawuXtg:0BYbD4ZK30JN3UZfWbC2s0QFNnOaZXtg","tlshash":"ab42c885b561fa2149eb22e3442f130ab23a2624740cc09dfa7cdde16db142be573f39","first_seen":"2025-08-08T11:29:24.17378Z","last_seen":"2026-04-02T11:32:15.56035Z","times_seen":3,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/settings.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /settings.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Thu, 31 Jul 2025 23:13:20 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2609\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5722,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2485), with CRLF line terminators","md5":"c4b0ca63dae2f70bdef0b507efa4ac52","sha1":"0a2fc39c52a5de8e913dc44c1d19f67a188655da","sha256":"dad80b4fd130c0ca49112613e3ee22e82004ccfac4b027920212153ba6ffee8f","sha512":"c29b18e35103772cf2f6cb87bea842208532fe78f39631aa4a064814c67781e43f29d2c744c3964db956ef31704cc1ccc6d602cdf49e9a1a0b1cc590369032dc","ssdeep":"96:14wjRsrdykZ+j2gZSA63dbXauidMztgPFnexLt5oYleaEV1eMaEoa:6nrdykZ+jDZ763dXodStgtehrlFMea","tlshash":"16c194d1fb80ee15634757fb7f0736ccd91a98d938c888c4c72c9c8839aa919d192b76","first_seen":"2026-04-02T11:32:15.561365Z","last_seen":"2026-04-02T11:32:15.561365Z","times_seen":1,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/wallet/coinbase.svg","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/wallet/coinbase.svg HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 473\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1005,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"51cf71e8d651bd9c7ac32259fa39d3b0","sha1":"be744867f760ba9aba4316ba47bb91ce923cc402","sha256":"b541567b079542a47dce96c54478abd1b032c753daa3c1d5c38d7500ce82911f","sha512":"b48e60c8b841a243727cfa3798e507a71b8339dd5d8ab583a342a6b6f5f1820f4f821ca95f42bc621bdad1c5ea3f12d4c9edb9b263eaaf804197939c4b806ef3","ssdeep":"","tlshash":"6411021dce2d7f84e064f0fceb266560762561c6fac24da1c1a07e2b20d70db944b9e1","first_seen":"2024-08-19T19:04:48.438761Z","last_seen":"2026-04-02T11:32:15.562369Z","times_seen":6,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/token/01.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/token/01.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 20680\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":20680,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced","md5":"5ce76b83d1afd269a02d2fd4dbf8d1f2","sha1":"e122418f9d132d116aa5fc5501d376ec36853712","sha256":"83c60ae502b2b3b1a72575838e8a1e6b1baed080883b59c8bf57381e077060cd","sha512":"d99c25fc373a85b953a6c80806fd1a1f351f478efe867349e1a8392d8daca363359842e5fe6afac77f7236673fb8b473c2f65ba5a78f11848caab74593c8c02b","ssdeep":"384:C7lOQ0mIRPlZnXDAyYwV8dNTrfONo0FROFDB31KdKmn:KOXVRP7nX8rrW5ML385","tlshash":"9492cf81fd9e005b88e9f62a61e1f4a95367cc024c1c3ee0a086eb1e514bdf6da3c5d6","first_seen":"2025-08-08T11:29:24.166519Z","last_seen":"2026-04-02T11:32:15.563695Z","times_seen":3,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF8Os.ttf","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /s/rajdhani/v15/LDI2apCSOBg7S-QT7pbYF8Os.ttf HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/css2?family=Rajdhani:wght@300;400;500;600;700\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 130636\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":362824,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 17 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409","md5":"f000067a4be08694cb5899fb26563dc3","sha1":"731f75a9c03aebbb2eef99e65ad4742108783563","sha256":"bcffd70c330f38f97f49fbb41cad34a1628a7852c0e6d1d1418ebc162add3144","sha512":"b414f23d83b5ed8e8077fd26701e147187ea1cfeab5cb9d13633f0b0231bc1433a0c94fa6fa06372cafe81364dfb4e89c9fda95a2bd707abd9ce1d83f6ea2849","ssdeep":"6144:qXj6K6Amoau8ymCb9Jt/oV9pJhg9IcyFsnl:eF6DGRg8Os","tlshash":"68746d2cba27df63d3d6248f0d96cd0122d4b75eb796bbc3dc2257a864518c981632ce","first_seen":"2023-12-02T12:15:56Z","last_seen":"2026-04-02T11:32:15.56476Z","times_seen":6,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/wallet/wallet-connect.svg","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/wallet/wallet-connect.svg HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 598\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1445,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"88cea51aeb67177bac61ce4f82069536","sha1":"df8fae76e40a4f1a69aaaa35042d376b5d8de458","sha256":"03011c78c2e8d8c5f67255e43541e53ad98358cb7b0ae80a3a42f373b2ff466f","sha512":"ead841b2992df7d46285341027527728541720cd9f4973b9dc6ba9b6b37f588f65390613979b627a8c431b5523efdc7fce3397295d0f2e4127b4e501edfdb6da","ssdeep":"","tlshash":"44312fb4abe5a3f674c1f3d9c2b840b43d5e50f971e06920c3468d9aa44e051fc914d4","first_seen":"2024-08-19T19:04:48.44378Z","last_seen":"2026-04-02T11:32:15.570466Z","times_seen":7,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/atomic.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/atomic.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 07:14:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 8779\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8779,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x144, components 3","md5":"d645a5756bba2dbb3571242bc5f112ce","sha1":"27953a3349aca2fd76454fba3cbfba9bbbe9af65","sha256":"4fa712116c0fe190e319a8c7e8db5c92062b7dbabae82d8f6f3de1f1baf5645f","sha512":"a053816ac8835e2b9d790e31850d71b32e8a826ceee019eb6cfa8439c83735f394a2c32a324ce5a571d3ed283e433841e4c0579b65da49df230e8bccb9bbb88d","ssdeep":"192:HsWpHy97SGujfpOH3yUoNR6sR3S6jDn2J8O2Z5PRN5gyMuAvLLa:PpW7sYBYVjDn2oZ5nMfLO","tlshash":"bc029ef84aef66d3c7339fb5ad5cbd4acdc0cf14504425d95833d9a826be8a09b85243","first_seen":"2025-08-08T11:29:24.168634Z","last_seen":"2026-04-02T11:32:15.571521Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/okx.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/okx.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 07:14:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3800\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3800,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 266 x 190, 8-bit colormap, non-interlaced","md5":"b2ae416650ca1e0413797532e67ca10d","sha1":"5dcb551b4389d4cceb5e0da910446d8249674529","sha256":"25c5340d12c9dc2247456b7ef823254fc8093dd5c884938cd545e8a0a2fdf50b","sha512":"0e6459a6eff91f0125338f6530acbcecd8f9d0c3ba1247ce78cd8c883f1809ff04efee5ccae05529ba358fbb26c492467191c7f505ca843abefb1dfca9f41667","ssdeep":"","tlshash":"6b716de1a1d03f0fc13c061f8a1e4eb94d7dcf17962385cca5aecd5239a5900400ba5f","first_seen":"2025-08-08T11:29:24.178963Z","last_seen":"2026-04-02T11:32:15.572566Z","times_seen":3,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/-walletconnect/web3-provider.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /-walletconnect/web3-provider.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 221695\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":744404,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (55709)","md5":"2445f62ab38cca81d6777764e8404f89","sha1":"1eacb53addcc2ebe4f72e8f3a92a18b50abee214","sha256":"0553fe38d4e791a7ecd18f9d19ba5d7ed05e05d5b9f904819979ee7e7ebfad8d","sha512":"d73a9ea52cdc3a4e99351f44f158aa744d08b561756abea328a94560d518db65dd925741fdfffbcc76b4bc393859d71efd286a1dbbf6a031be287744a70da671","ssdeep":"6144:9Z+a41Elitd9rGMXRiZ7n/M+ReCNvmsKLNQDiBwhqnCNvmsu37be:a35mheamsK6ibnamsT","tlshash":"1df4e888baa4b071539665a0002f540ff27bba2c784e44acf655d8f5bcbc98d553bf38","first_seen":"2025-06-14T13:42:28.278914Z","last_seen":"2026-04-02T11:32:15.573516Z","times_seen":4,"resource_available":true,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/framework-2c79e2a64abdb08b.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/chunks/framework-2c79e2a64abdb08b.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 43730\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":141052,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65202)","md5":"7fc4bed6b4319c62343f0bf5db91a5bb","sha1":"6e283c4ea2b12da64476af280236a8c5d85dbbbc","sha256":"f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7","sha512":"e2e0072386f2f35690899509229136406c27c2b95e3e8cc810aeb6630d7f13bd0872e0f6e650b4fddce2567680e7c42eea49c62bd2653006f5151d9ba0430cd7","ssdeep":"1536:2YjvmNg6kMudjY+o3F36qmk1S/qcnde//ZQg:Dj7UN6qT1S5cXmg","tlshash":"a3d309e83995f6526ab311a700af2803733d2a1b280c4960e615fd9e75b841fb17bfdd","first_seen":"2023-03-13T20:58:32Z","last_seen":"2026-04-09T01:16:33.046928Z","times_seen":2006,"resource_available":true,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/web3modal.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /web3modal.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 206391\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":493905,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (49676)","md5":"b75e5b4aa819a4e0db65d09f304ffca5","sha1":"322a4343cbc52f87360eece8baf8107535e1e153","sha256":"0ce4217a6e4105da2cf62a06789f3d999a4c6dae1ffbbc8fe3b5b12d8373dbcb","sha512":"7bfe99b2371a31bfe270481c6a4c26b77ae40ba7d696dd875acc847464f1c1be4bf2b96399cb9f68fefa038101f7d966e5eb914fa7f37ff6dfd87f693886d57b","ssdeep":"6144:i7Q8a7NJ7oiJhdJ0zIwKu4YcacueJ3px/1ikVAwkOfuQ8s:oQr7NJ0iXdKveF9JAwRVT","tlshash":"a5b4aee73583f42107b23ab740af2c06b23c691718098990f295edd494bd69e916bffd","first_seen":"2023-03-13T10:07:14Z","last_seen":"2026-04-02T11:32:15.575606Z","times_seen":89,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/evm-chains@0.2.0/lib/index.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 08:16:48 GMT","end":"Tue, 19 May 2026 09:15:09 GMT"},"fingerprint":{"sha1":"F3:CF:0B:A3:28:07:E9:5A:D0:8B:F4:9E:A8:A1:9B:71:A6:59:38:23","sha256":"DD:EE:6D:62:AC:D0:59:11:F9:1C:53:44:27:F0:8B:A5:2C:A2:C6:C4:BF:B8:79:AF:A5:5F:B3:E1:29:E8:45:8E"}}},"request":{"raw":"GET /evm-chains@0.2.0/lib/index.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 41\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9e5f82198bd5b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T14:28:37.844917Z","times_seen":13542679,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/main.css","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/main.css HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3075\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":12536,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12363)","md5":"32af869a91d4dcd524e27beb0ceab81d","sha1":"b2b7616d34ec9f41573bc94a8ee2573b752febcb","sha256":"4745230ddef3aa237aa5d09d65a992dadfbdb9a99f0f983732d46400f09844df","sha512":"e7bfe42fe89610b4b1f130f006f3fae53311fe5d3a42bcb56c20ec9739eb99453ec9d51e9c6a286fc23f4db5cc773733637d3fbd49f80190bc8e064d449fb53c","ssdeep":"192:+GvId6dxv114m2Er4g8i25/txFauxgcWB0:+scbg/cF","tlshash":"8642d81f7b04111ea85385f2e0d1fa9ca235a981ee23a2ebf8537901cfd53da5d7260c","first_seen":"2023-04-19T20:37:17Z","last_seen":"2026-04-02T11:32:15.576912Z","times_seen":19,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/wallet/vertical_blue.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/wallet/vertical_blue.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4853\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4853,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGB, non-interlaced","md5":"98bfbbd3a3606c240591ebe254ddd640","sha1":"8aeb83e9f68301e48cae614f89952b018321b643","sha256":"d93c466c594a450bc0387b837c0ad4ae9b29e8c16360b550f5c10e612870ecf3","sha512":"3356738f136a8882c6b15cb62f66d272326979a10059be1fcf9d10756e0a94c86fc888cacf8477741755e3b97c067502626a89c09b8d94881fd66b5733f5d099","ssdeep":"96:zvvvhW3VxO2DKZWTemREiyZf9FRyTkh4qTd2oO/RFBWSG3CVkuKZx+vvvv:zvvvhQVI2DRdKrQghHBGHMvCVk/+vvvv","tlshash":"84a18e13d17e0815713f8da35810597cf8bbc57a561c1af5f4f99cde938aa6ec080c84","first_seen":"2024-08-19T19:04:48.443061Z","last_seen":"2026-04-02T11:32:15.577459Z","times_seen":6,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/coinb.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/coinb.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 06:39:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5241\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5241,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 389 x 129, 8-bit colormap, non-interlaced","md5":"abce6e772243af52660018f7be416ccf","sha1":"98e1d2414299765198e819547e10350cdfdf3e88","sha256":"0ab94c993c697fab7f5dad784a814a04c41399d64a74f49a64f9c7c3cab546a5","sha512":"39b2eeef790579cc457903780d8e6059e408bdc6309fb8b3a0dbfafd77819227cbdc2badf171895c841f3d222667458a23d18d9515a0b42f6c401ceafde5a886","ssdeep":"96:wKrHxGd6ekShDXR7QCBq080rrqPjXO55j9kClz3Muf/JOJxeZSxmuFk:vxGOSVR0yN80MjXi5j9kUz3MukeZcDFk","tlshash":"3eb16de64c1ddc41c2215d55a7a0ffa6407070b072dcaaf8e02355f5e94e3f0a9d683a","first_seen":"2025-08-08T11:29:24.197624Z","last_seen":"2026-04-02T11:32:15.578751Z","times_seen":3,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/ownr.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/ownr.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 07:30:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3716\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3716,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 298x120, components 3","md5":"b6d0591e569bfa67e03a54631454e57c","sha1":"662e3a4b7124ae8af0f4319d02988e6b0ceed799","sha256":"0939a4cb583b73cd8f72d861ea961956e9bcdd5bd2dd559aa3b573d83632b1c9","sha512":"de849515161b25d3ce39be351e5dc3817c75d063c412efc8f24dfe46802fee36392e8dfa351749a105f309e2098e2cd4d8fa4c1f40824931e12d383db91e7aa8","ssdeep":"","tlshash":"3f7107408d91992adf6e45fc6ac29287e61401616bd2b986183a3e41e025f8d9d4ef22","first_seen":"2025-08-08T11:29:24.199413Z","last_seen":"2026-04-02T11:32:15.579943Z","times_seen":3,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.174.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://authenticatingconne.nesarashiftledger.live\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 24440\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.2\r\nx-jsd-version-type: version\r\netag: W/\"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230118-FRA, cache-bma-essb1270056-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 3317208\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bxP2X0nXmv73FY%2FWk%2BVUJDDL3yol8Vbxy9gQVtJBLH7u2UPBPYvI0IVokCJ8KqCutUm21GDEUO7GVdo8rFmJheLoY%2BL4jUBDJ1oyKLDgu72QBnYGAGz3Kskv85CnIru%2FsNo%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9e5f8213ac1a56b7-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80663,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"6baf57f25796c332144ed58a2a0cd9ee","sha1":"f7fd0f3dc84b2cf93bf81e832505a673f354e0a3","sha256":"82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd","sha512":"5ff6240d9ca34dfe30c9cd95cb5e981823c7c0063cad9258f8f3a0a24663401da684844524272410673a6325fd78db0f7e7d0fcd3844b8db3eb9aa2613908ee8","ssdeep":"1536:Qmw0iELO+TBR2t472RirWyKsVfK5GEfy3YJtCRv/45wZbqbXZTbYWU178:VwXza3YCl45wZODZTbYR8","tlshash":"cc73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","first_seen":"2023-09-18T01:21:14Z","last_seen":"2026-04-09T13:23:45.988774Z","times_seen":15061,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":2,"connect":1,"send":0,"wait":6,"receive":1,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/footer/bg.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/footer/bg.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 148164\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":148164,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 450, 8-bit/color RGBA, non-interlaced","md5":"8b070ab53579ddd25d9293525488c02b","sha1":"2e06b085295d33c2cb7f2ab4cdddfec52b016174","sha256":"0edf7e1b73995d213bc605608bfb1fa7b00755912e4db634ac2b53d8a26b6e9e","sha512":"ed8c6ebad0c9654d80825e6f09756e2b048e3fc8dd5a42dad62a32d120773e8cdb5b567bfe1b69f77b9693643bee778106d791574366670bbd62f0374e4989fa","ssdeep":"3072:/jdWEpxFwwtGBwTctYXYS1SAlCIL4qhOSLKHmCYARZJv7iFdfPpNiN1saOKFt:hfxjCwrzHLKGCYAR32XnK1saNFt","tlshash":"b7e31210de590e9ec36e7ab7381f3169dd60ec18e38af88d487ed164938a95f252c94c","first_seen":"2025-06-25T02:08:28.210188Z","last_seen":"2026-04-04T12:42:54.262787Z","times_seen":9,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/webpack-59c5c889f52620d6.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/chunks/webpack-59c5c889f52620d6.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 778\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1606,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1606), with no line terminators","md5":"3c2270d3b272a5b20747cc8056323655","sha1":"5cf62beb9374212bd1074b0d61f723fb8815ada7","sha256":"b7082c98641f82287ee830bdef5ee7c447c042d01f42b0b0bdadd1b819fb0c93","sha512":"8222dbdf6219c13120dad2405fdc7130e141e4172f8e26324c0b064d2c8e55ab2f150b3e99fc90d00d964e24a921b90d97f55b6f01cb655bea0d8bcafeb073cf","ssdeep":"","tlshash":"a33156c972e5f8d81717b464482f8497f13b99b3107da8e1eb05c2b17c351584272fae","first_seen":"2023-03-11T14:54:16Z","last_seen":"2026-04-06T22:32:46.770633Z","times_seen":306,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/bitwa.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/bitwa.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 07:14:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3923\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3923,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 408 x 123, 8-bit colormap, non-interlaced","md5":"911a223cb0fb9b532038ac52af148bfb","sha1":"b2f3af3b2b3e152628503bf6b3639b7a95051448","sha256":"247953386d5bc30495a063c1442b31f51f122ecfdef9380f122fa4b313f9b882","sha512":"094543ee2f75b44113555b06973e5159f002343d7dd56ed335430a014d2bba5b464e7aea5a87ddc0edef0306e7757a2b868664bee73f07f1ae3d65e46929dc66","ssdeep":"","tlshash":"c3816c76ebf69be2629f066ed0eec0094317323f824764174748a35ea564171d822c6e","first_seen":"2025-08-08T11:29:24.171458Z","last_seen":"2026-04-02T11:32:15.585725Z","times_seen":3,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/s/roboto/v30/KFOlCnqEu92Fr1MmEU9vAw.ttf","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9vAw.ttf HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/css2?family=Rajdhani:wght@300;400;500;600;700\u0026family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900\u0026display=swap\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 66715\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":129768,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 18 tables, 1st \"GDEF\", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto MediumRegularVersion 2.137; 2017Roboto-Med","md5":"b21ffa747200921845e38910b8ea97c0","sha1":"b5ba3632933756e9f7e8a0f83bfe90c215a768e2","sha256":"ecf88da1f85fa75dfce5aa0d9dd2973dd40e5702ce351d4de3ccfe58206044ce","sha512":"ac259fcd86bd67561fedcbb0cd2747fc383408d35639a237675720b216786607509ed745a053d23a51d939e5be2ef7c96801587aeaaf97046d33f5f96ceb5541","ssdeep":"3072:3qmFn5wkex8r6QyxjK2kFgAKEX4lqlX9W/ea/qCTIPi0c:aa5wklOjH2lXP9WIPrc","tlshash":"cbc3a300d240ae25dac6b6787c3dd3be48b8e41ebc4b652730d8ab3165c8845ec59bfd","first_seen":"2023-04-05T21:25:35Z","last_seen":"2026-04-02T11:32:15.586646Z","times_seen":193,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/src/js/jquery.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /src/js/jquery.min.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-09T14:15:34.741743Z","times_seen":117134,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/main-d774003010c49e99.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/chunks/main-d774003010c49e99.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 25968\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":90400,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1531d59e92107d30a22acde0865d8455","sha1":"f98116c8710c0f50bfc8ae5cd50521848091bf45","sha256":"6603641801d45e9dc06cd8668fce2745721089e3859faa78cb2e3641ef270c51","sha512":"2443e8813f8bf2672375dd3c5de6caf4e836a1ea854c7313f6b3904c0cc275553f35aeef0e8aa7e408c92f4f29cf995f87bcd657b3adff79fcf76c296ae64056","ssdeep":"1536:2on6vKYbmJiBN3hZH0PLmfvPvQFzalJLH7S:r+KonvUaldbS","tlshash":"1c9319b536d1f8a207db4195c43b0202f3761d3ea41fa855e3ebdcd67560d8ea0a2f26","first_seen":"2025-08-08T11:29:24.208919Z","last_seen":"2026-04-02T11:32:15.587705Z","times_seen":3,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/block.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/block.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 06:38:04 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2493\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2493,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 168, 8-bit colormap, non-interlaced","md5":"153873f4f94da96271ba2d9a39f8be6e","sha1":"f77343968016a206c7145edeb430aa61568215d9","sha256":"446f1cf9ceee94074707282b2dc1dfe732dd129db19955fb2829a67059f645d8","sha512":"94c32d8bbab49bd1332ac6f81b64439d70295190d7ce576f48b5e0e002035caba6017f8e1296e2ab218ddad1f966eeb3e17f26864e6c7beac6709da8bcee02f8","ssdeep":"","tlshash":"f6511bf52dfc9c86dbc0b6bd3943cb818c66a4dae760343d4309f8d81d0bd9058194d6","first_seen":"2025-08-08T11:29:24.180688Z","last_seen":"2026-04-02T11:32:15.588811Z","times_seen":3,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/src/js/jquery.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /src/js/jquery.min.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-09T14:15:34.741743Z","times_seen":117134,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/assets/js/jquery-3.6.0.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /assets/js/jquery-3.6.0.min.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 30267\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":89501,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-04-09T14:24:59.060025Z","times_seen":447388,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/exodus.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/exodus.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 01 Nov 2023 07:31:46 GMT\r\naccept-ranges: bytes\r\ncontent-length: 29558\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":29558,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 926 x 222, 8-bit/color RGBA, non-interlaced","md5":"f0e28100b264d375d6abec539f6111a8","sha1":"b02cb86faa0b65a27339900666e4c4ec1020695e","sha256":"c39f6f7b01d96a3bea98a830cf25e96ae70b0c4a50e3edc33ad5f90a9fd316b7","sha512":"b5d3f3d41d65e69901c8b2673becf8534910d3bda63660002dd76d952fa11900b5c2045dfa040a9c661be504dbb1c0800f18874e16c3418b2fe098a9290d01d5","ssdeep":"384:UYDNTGFzuekz5aXPdPB+5pRMVDxi443bYSwj530Lt1iSFcJlpMyIdbnVcyeFKn5G:UUCFFu54JWMV49bTkp0LtPFUgyEyD","tlshash":"48d2e13ad12a0b1bcb485ab0a2adbb50b738c67701b79f535731f217586cba0f471d68","first_seen":"2025-08-08T11:29:24.21701Z","last_seen":"2026-04-02T11:32:15.590267Z","times_seen":5,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/-walletconnect/web3-provider-1.7.8/dist/umd/index.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /-walletconnect/web3-provider-1.7.8/dist/umd/index.min.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 197525\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":747143,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (50859)","md5":"29fb92b3430a91e0f677a5f852800627","sha1":"2c0d22ddc0bb82f5b7cd3085650e8457f9aa229e","sha256":"968d103baade1160c2e2d096bcdeb0ad70400b2b2e92df06bd6e6e0c7b5f4dba","sha512":"b5881dc1eb94e9fe65f0404bc08ec31c6777ab4f652beda88dbeb62bad37627c36f9626341ab165f3ef727f9232e94c06657ff06eb5c7837b3efe2dd2a20d4bc","ssdeep":"6144:Nyk4y38Pmw7kM9YTIPAIhKVlbolF+QMPjqUY2OoGHFiRlQIiH+O3+2zrbwRbCNv9:hSY0CGliQIipDwRbamsXEmpR","tlshash":"9af4f984b6a4b061439765a4003f540ff27aba2d780a44bcf654d8f6bcbc98d653bf39","first_seen":"2023-03-07T01:14:55Z","last_seen":"2026-04-02T11:32:15.591504Z","times_seen":728,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/shape/header.svg","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/shape/header.svg HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/_next/static/css/313fd1ebfc9126bd.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 811\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2173,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f0c1833540fccd7b04aa6505968c573e","sha1":"ee670c7290657d86b13f5225c980551a6c3f3ccb","sha256":"eed44ffba4ca2ebd5aeeb6e0e80a2616cf353404ff4751a3ec819b7dc3ff70ed","sha512":"8a4ac1b0e8962ed23ca0514f1a1bbba4601e4b55919fa39dc6215228b70dc924d00d4519e34f08441bac62840b93a59a8b5978e3ec40346bbce10616053ac071","ssdeep":"","tlshash":"90419ce373193b39056929c4485862e53b9c50dfe7eab0ec7f66e814a8996a100f0f38","first_seen":"2024-12-20T22:54:45.370791Z","last_seen":"2026-04-04T12:42:54.269517Z","times_seen":9,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/pages/_app-5482eeea9b28a6d9.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/chunks/pages/_app-5482eeea9b28a6d9.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 44395\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":152641,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (45002)","md5":"bc31d155fec325329e255c76bb779bd6","sha1":"b1b6525509d6c1038b7f6ef025151e61affd1fad","sha256":"0aa085dde608aa8d84634ac2090595dc48271c1d03ae7797dbfe2dcb480ea3db","sha512":"fe16edafee096a9fc75250a28dc2c13f3b968b70e5a7cf877becd079f8d5950e2200fa61729834747144f92ff637407fc1504d06dda349ffceda9968cbde078b","ssdeep":"3072:4R8S7lgLd3rWrIOqMRmg/y7ECOrnpCtw6u:cgLd3r6y7H4","tlshash":"2be33cd97181b1f44f5345e242ff010cb23e2d5869294864f67e84da2b78adc6263faf","first_seen":"2025-08-08T11:29:24.194503Z","last_seen":"2026-04-02T11:32:15.593131Z","times_seen":3,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/moralis-v1-1.12.0/dist/moralis.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /moralis-v1-1.12.0/dist/moralis.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 533930\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2870702,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (864)","md5":"a66ca2c0e9de7c9fd7673a42247584fa","sha1":"a13f78c93a504bb87add7c4ef8929a5bbe3e1420","sha256":"bdd824f5d1c1b80b61cdba4ed988cf93446d7f228b1ee93b43041af43a42bc1e","sha512":"2029d219702d8066c9b645d40840ea52205544c0466ed15c2462ab3ea211bb9d609ef07090fe92339c607c8c43f1e6925e8e14cee580f92291c305aafd1d3291","ssdeep":"12288:N4c0VlMP7lCQGeTYtSfdeBRIvS7eDCveky71kXx29JS8DHHWZlO0viVq7Bc3TS:0lMieTYtSfdeBRIeekyoxuS","tlshash":"7e25c708bef2a022461371698b1f9844e334d417719ee861bddcd6b4bfc482497f6be6","first_seen":"2025-08-07T13:48:42.702308Z","last_seen":"2026-04-02T11:32:15.593852Z","times_seen":9,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/logo/usdc_logo.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/logo/usdc_logo.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 74639\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":74639,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 917 x 208, 8-bit/color RGBA, non-interlaced","md5":"4aae06bdd730c3779056ab4c1fa60781","sha1":"344e23b529a3f10597d31bffb9dd29ee45496411","sha256":"53ddbe33069a3949348510453326760b1c7a4fad457fec61b7fa950461d70d86","sha512":"90b0283af5174ce42f5a3a97bd59c561792245bb782cf609d9d28fc691692cde1b671b3f47fa54bf409727f2a1b38639336dc2691d69087d0ff78ee743b8ac20","ssdeep":"1536:2HrdPRDeqSVFn1EKzfiUVXiTX7gNDjtUdUo7R5/2EyDqZnM06/ESZNe:6PlyF1zfiYarCo1QEyDqZnMDbZ0","tlshash":"6073f2652d76ec1b4e2f9a2311073fc3716f3fa9c3c20aaaf1335d5915abd0d8205a89","first_seen":"2026-04-02T11:32:15.595311Z","last_seen":"2026-04-02T11:32:15.595311Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/images/favicon.png","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:36.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /images/favicon.png HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 09 Apr 2026 11:31:36 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1264\r\ndate: Thu, 02 Apr 2026 11:31:36 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1264,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"a23d30040a49c067dbb8ac0023854529","sha1":"e5db125ce6d4a04c036dbe36b94e9931ea3ee7ed","sha256":"0c2868ed206d8f13459828187808086243cd9abfeb35a565aad27c6f4a189344","sha512":"08d44dcc4af9422e5854250e7d3937b34c289ea77ee933641461f9308c2320505b27af8ae0cfa6993b23b12d8cb0ace18fca7ef56d1905f8ed12e5d3f3579ed8","ssdeep":"","tlshash":"4b21eaedf438f52869340535352121268b27dfc935a3c94c66009d527c2b808249c341","first_seen":"2025-08-08T11:29:24.223779Z","last_seen":"2026-04-04T12:42:54.222834Z","times_seen":5,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/546-4b54b9aaaf4b16cb.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/chunks/546-4b54b9aaaf4b16cb.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 24360\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":85476,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7c5f370e9a2f576117ca5ed6fdb19e9f","sha1":"2f8ae5663361fc55f70d99edf5171fc8a24296f0","sha256":"38548222b978a476314c80f398a29c52a80fcbdedadcb76aa10583970bd79ef1","sha512":"e478e988a460ecf9f34e24cf70f59671d48a8a0e9fbbefd64c949a219e1ab221039f02f7e4430c70288e9245aaa5518848c568c39df94674fb6efacf22a87ffb","ssdeep":"1536:aIV/wysRk/oB3UolxU78f2MXOXJr+yuFTFLB/RyHkGBd3ar+BpnKkhk3L:5zq1H4l+yuFTFLB/R8zBd3D8","tlshash":"158308d96221b57693ef525b92a58111b3f50888b40dc46cb0f88caf55bd99803feff8","first_seen":"2025-08-08T11:29:24.220385Z","last_seen":"2026-04-02T11:32:15.597414Z","times_seen":3,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/web3-latest/dist/web3.min.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /web3-latest/dist/web3.min.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 316431\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1184878,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65470)","md5":"d37b2a59a14a61b87878e711a84b61b8","sha1":"6cfc4156cfc57c1b80575c0500ff23a8ebaf138f","sha256":"b373e98462cf00b9307cb622f54dd317f4d6d607bb222edba86f9e6dc9e53fd2","sha512":"2bb491e0f551d18163e56b01dee786e0a5a897952476da5d69bb1389fd567002d6a28270ee807abf58781cd4afe3e66b65a2389f26c2f379cd6e9cc2e77dc894","ssdeep":"6144:O/QrM70NNb2ki3aT9lWCNvmsIAAvkNS98bKwTlC1wr5ndZYTXLpg3jvLJvyzzY:OIrM7xkr/WamsIbcvbKunDYnk","tlshash":"9625e9d47291b065c2a25ed5402fd00ae33dfd687c4c5169bb17ecf72ca8a89512bf3a","first_seen":"2025-08-07T13:48:42.705858Z","last_seen":"2026-04-08T01:21:50.423746Z","times_seen":55,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/ajax/libs/bignumber_js/8.0.2/bignumber.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /ajax/libs/bignumber_js/8.0.2/bignumber.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 21015\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":88004,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"a4cae21db6148c524ce7ca8d0486ebfa","sha1":"51fc0b03795a061f0830e43b61f1c5622f200005","sha256":"cc711d7d219c1465d5fa275882eeb501d9f3c7ae1638adc03dd00fc2138c8a68","sha512":"5d00c6e87f3b46031ff9a345c033c251c17051fdedf658b2a8dff606427c2868b1ba96e33f0407361ca9340f7bda62c8920e0a3e8e259069aa01fdf27c3cfc87","ssdeep":"1536:eqNDqFAE7+o5dUtCKEXeCVi/hs+GTEJQ2ZaazulA9:3pAnACH0/2+GTELZ3yA9","tlshash":"cc83b64c6ac321375b33a3384f5aa44ceb28512756c5624a346e83b46f72c60a7f9fdd","first_seen":"2023-03-07T01:24:06Z","last_seen":"2026-04-02T11:32:15.598955Z","times_seen":33,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/src/js/tokenabi.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.615Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /src/js/tokenabi.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 470\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4675,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"9690795493f65e03ba9d3f9136c70cf1","sha1":"627f5e2fdfbd8afdd36bdcd184e420faeff5d60b","sha256":"8ffe8e4ad105bedc0e56d1d7eb10447d394c42a656e25a20dea8fbdaf2364680","sha512":"c45e09382417d3cf481c8b7a1e7441a89e68bef8f0d6e5091b5751bda6c30aed19af01c3fd7d58e9a33fdd0da626b801e14f9783eb6f2b9c72349367bfe6701a","ssdeep":"48:kRGt/FcpGt/FXDVGt/icepGt/GGt/KrGt/EcGt/WGt/X6pGt/FopGt/EsjGt/5ja:7x4TNT0pR9+DjHHFekk88","tlshash":"fda19e77d8695c6f48b5a3b499a94213f460936b91880c0779fc893c6ff6c23240af4f","first_seen":"2023-03-07T12:11:01Z","last_seen":"2026-04-02T11:32:15.600533Z","times_seen":27,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/264-2f490903294bd863.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/chunks/264-2f490903294bd863.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2208\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5643,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5643), with no line terminators","md5":"3a7b111edfab7d66087675b1a4d8d949","sha1":"79d480c23d67a6c6e2b809e75ceab1deac723851","sha256":"9cbfd93211d1934fb275fd41dbc2fbff1fe3d718ded0029007a5dbd120112791","sha512":"ef5b1473c7f61bd01f500381b9983ac980d7d4b4d18d08354f667061f400dc370a6679387e20ebf7a8adb22db18fbf35264a7d302ac999479cdf0352fb58733b","ssdeep":"96:vJaCqToP+osFWlRuf+BrlML8AKzTf4FKII3Tz7E8rOJbklBLfKQkxELEz:sC89osdfMlU8dzTfWKP34wOmlxfK1Ka","tlshash":"e2c1b6ccb0823470a77b6084c99f449f717d9d58310e4868f1a6ac7d23eb9826573be7","first_seen":"2025-08-08T11:29:24.207152Z","last_seen":"2026-04-02T11:32:15.60143Z","times_seen":3,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/src/js/claim.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /src/js/claim.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Thu, 31 Jul 2025 23:14:00 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7225\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":21526,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (21526), with no line terminators","md5":"d1eae5855c32a170dd8a94a9e277b7d4","sha1":"7482e05dc3282167cce386685a4014e840dc8bd8","sha256":"98106e8822473836a5004a1083b82b6ad2c6c020ebd6e34256f2a21eef1965d5","sha512":"e8fd840b966d706dd3c2e7abb745630a88c7967a32636787d5c86ae9f0eee558240c26936ae6fb45e4f34648131c8496d713cf5cf6a0cf135c4bd24917a86b2d","ssdeep":"384:bxLwDJHETOjbjdtAfQsLSLn1lr40y+1ivrJak7Ih6IIAJL4diP30uA67ogYwNrYf:bWxETOJtAfQsLSLn31y+1WEk7IhdIA5m","tlshash":"faa2846c6ee01e6d130b1eef762778c5e0691e4d3a4484afd1087d68a5e7327eaf1630","first_seen":"2026-04-02T11:32:15.602427Z","last_seen":"2026-04-02T11:32:15.602427Z","times_seen":1,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":216,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-02T11:31:35.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/7.4.33\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 8621\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]},{"name":"Bootstrap:5.3.2","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}],"data":{"size":39116,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (411)","md5":"983b1e6d6e030743df8f13104d28030e","sha1":"14a68b602392aea644ca4c21e814824896321155","sha256":"8169f4e5f0d8076e4b5a6f9924eb75481a9e6eed74ff468f542d9d9bdb28de41","sha512":"83b5e2ecb1548c365378afdb02362303cdde8f9029a69ed46d63ae113efde904f9b00b26739a75ae4b25eb6e7d1b12955ce593f99cba2b73a8f8dfa911e7f001","ssdeep":"768:d285II1bFN5vSFPF5FPFSr6P5rTfFOOPajUK:nII9n5vSlXlQr6P5c","tlshash":"ad03c33269f1222241a780853bea6b692b69d017d526c99837ed43d48fc3ec5cc936df","first_seen":"2026-04-02T11:32:15.603266Z","last_seen":"2026-04-02T11:32:15.603266Z","times_seen":1,"resource_available":true,"data":null}},"time_used":383,"timings":{"blocked":151,"dns":48,"connect":32,"send":0,"wait":81,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"authenticatingconne.nesarashiftledger.live/_next/static/chunks/pages/home2.js","fqdn":"authenticatingconne.nesarashiftledger.live","domain":"nesarashiftledger.live","tld":"live"},"ip":{"addr":"86.107.77.165","port":443,"asn":207913,"as":"Next Level Business Srl","country":"Romania","country_code":"RO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"authenticatingconne.nesarashiftledger.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 01 Apr 2026 21:24:07 GMT","end":"Tue, 30 Jun 2026 21:24:06 GMT"},"fingerprint":{"sha1":"A5:CB:14:BC:2E:35:76:B8:09:E5:FE:1C:0E:9D:F5:08:7F:19:00:17","sha256":"95:E6:5C:FD:53:A6:DB:B7:26:D0:4E:10:63:34:B8:3E:83:8B:4B:BB:8D:1F:D9:13:A3:41:AA:69:59:C0:85:0E"}}},"request":{"raw":"GET /_next/static/chunks/pages/home2.js HTTP/1.1\r\nHost: authenticatingconne.nesarashiftledger.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Mon, 30 Oct 2023 21:26:44 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4665\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":36530,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (36530), with no line terminators","md5":"5f748823cd2b081fa2e636dee0ffaefd","sha1":"665f40dcbc569cad292e388bc694619521f81820","sha256":"c2620d67f63303b41e0ac61e694906387112b16de76d7ba153a9e59e036b99de","sha512":"48075c3ac8385e34c42d2e743f779806d40d312bdab6cd2ffdfc0332c48661ae4c06fc74bcb8cecfc7c426c09818eeaafeba079de2cd190060d48ac1893fe1f4","ssdeep":"384:5twhPRTUN45xx8rcoGabvHF/OwpYdzR2c6x2V5:5tYw45xxEXxQ","tlshash":"a2f29a40e669fbedf86908d9566f900cb12f2f88cb3908b8bdf8641509554e47623fce","first_seen":"2025-08-08T11:29:24.227475Z","last_seen":"2026-04-02T11:32:15.604098Z","times_seen":3,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-02","alert":"Sinkholed","trigger":"authenticatingconne.nesarashiftledger.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Overpass:wght@300;400;600;700;900\u0026amp;display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://authenticatingconne.nesarashiftledger.live/","date":"2026-04-02T11:31:35.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:54 GMT","end":"Mon, 08 Jun 2026 08:38:53 GMT"},"fingerprint":{"sha1":"B7:E6:53:75:FA:B8:E8:B5:11:AC:F7:22:E0:8B:AC:53:3E:61:05:64","sha256":"46:48:37:84:82:72:61:A1:32:78:58:13:38:99:8D:2A:19:CB:C4:47:8B:BC:B1:AC:5F:6C:F4:91:6D:BB:DE:BB"}}},"request":{"raw":"GET /css2?family=Overpass:wght@300;400;600;700;900\u0026amp;display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://authenticatingconne.nesarashiftledger.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 02 Apr 2026 11:31:35 GMT\r\ndate: Thu, 02 Apr 2026 11:31:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8730,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"8a4129fc964249730fd7ab1b81690e54","sha1":"f14f81f0899f5fbff62c378e0e069eaecf558c3c","sha256":"80b47bb00ce5795d8e23d81ddef685c28bba27c0814520d03b9acb75d60f81c6","sha512":"30d4feb3e09b6a0ee6fec44bcb05beb42b3eeca78c742fc0d1a61b1b80d69b6de28e37a12becfda8c1300b14099a42f406208cf102a85c0e8b51a94adfadc0bd","ssdeep":"192:TAZDA1gAuAFxA2AZOA1JAjAFoAkAZcA1vAdAFKAPAZHA1EA6AFtANAZVA1KA0AF6:+EspdnSgh2C","tlshash":"1e02dcd1442a96406b570cc623ce7d33bf5ea106b0858636bffe6da8eca9d21135075e","first_seen":"2025-10-23T03:37:08.619275Z","last_seen":"2026-04-02T11:32:15.604958Z","times_seen":14,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":166,"dns":0,"connect":29,"send":0,"wait":47,"receive":0,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}