{"report_id":"4cf0a026-8424-4fbd-9cf1-1977df0d8dd3","version":6,"status":"done","tags":[],"date":"2026-06-03T10:44:20Z","url":{"schema":"http","addr":"usa-coinledger.com","fqdn":"usa-coinledger.com","domain":"usa-coinledger.com","tld":"com"},"ip":{"addr":"193.169.194.12","port":0,"asn":212496,"as":"SIA GOOD","country":"Latvia","country_code":"LV"},"final":{"url":{"schema":"https","addr":"usa-coinledger.com/","fqdn":"usa-coinledger.com","domain":"usa-coinledger.com","tld":"com"},"title":"Securing access","dom":{"size":21001,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5917)","md5":"bb4aba6c7d75b5cf0e14c5633a565566","sha1":"a4bd1e42a95e51c8e57ed9010f986a5ac7ca03d9","sha256":"94a96c622d2e7b442efa6ae27d33360736cf1b0cd14cf4abab7e3eb2343792c3","sha512":"c7d33e4711ac4f320d9df5abb65dd99c343d2de5d4ce5e7431bb6f1bdc1a395007c1fd7dc490cb815160b3127a7c14e39d47de2d5f4c1a09c9427a3623ce8041","ssdeep":"384:gSrI/3wOyme9LT0ACWXrbZgR0aIII1SJBAWU:gCWwOymeiWXrdgRnIII1SJ+WU","tlshash":"5a92f9e68533102a7523994767df178a32a49503a903c91cffcc72d88fc55c9f9b1b69","dom_hash":"domhash7abc4773b1b1e64e6e5f12c25cdc18f4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"usa-coinledger.com","fqdn":"usa-coinledger.com","domain":"usa-coinledger.com","tld":"com"},"ip":{"addr":"193.169.194.12","port":0,"asn":212496,"as":"SIA GOOD","country":"Latvia","country_code":"LV"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-08T10:44:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"usa-coinledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"usa-coinledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"usa-coinledger.com","ip":{"addr":"193.169.194.12","port":443,"asn":212496,"as":"SIA GOOD","country":"Latvia","country_code":"LV"},"domain_registered":"2026-05-18","domain_rank":0,"first_seen":"2026-06-03T10:41:21.040525Z","last_seen":"2026-06-03T10:41:21.040525Z","alert_count":6,"request_count":3,"received_data":22870,"sent_data":1355,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"usa-coinledger.com/","fqdn":"usa-coinledger.com","domain":"usa-coinledger.com","tld":"com"},"ip":{"addr":"193.169.194.12","port":443,"asn":212496,"as":"SIA GOOD","country":"Latvia","country_code":"LV"},"introduction_type":"scriptElement","is_inline":true,"md5":"f07ec63a380bc99f32157d2cad44b357","sha1":"74a8e940fe86a313512bb117bec45aee39be041d","sha256":"a59578fa5e578c1a5fe987581ff4963a94d8fe17305ff646689cd7b0ff51f616","sha512":"7fbba74ce9ae79c62cebb5b291acf1c2cb54bacfe376a40c947e2753c3da366176ecc3423aa4516a2cb4c91a6d5beb1d6cf18c7b24e6cd1b58e7decab9844fe0","ssdeep":"","tlshash":"e951112721e70433426768a6d79b46087d304b436642ec587f8c62c98fe5986d5fb7ec","size":2737,"data":"","first_seen":"2026-04-19T18:28:54.534123Z","last_seen":"2026-06-03T10:44:52.512217Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"usa-coinledger.com/","fqdn":"usa-coinledger.com","domain":"usa-coinledger.com","tld":"com"},"ip":{"addr":"193.169.194.12","port":443,"asn":212496,"as":"SIA GOOD","country":"Latvia","country_code":"LV"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-03T10:43:58.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"au-coinledger.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 12:35:53 GMT","end":"Sun, 16 Aug 2026 12:35:52 GMT"},"fingerprint":{"sha1":"34:5C:D9:1B:4A:18:E0:96:C0:16:02:A1:16:B8:63:88:9E:F5:D4:8F","sha256":"6E:D7:3B:81:2E:EE:43:03:3B:FF:62:EF:2C:19:40:5A:35:DC:6F:69:47:1E:25:8E:EB:82:31:52:C9:BE:FB:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: usa-coinledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 03 Jun 2026 10:43:58 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nCache-Control: no-store\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 6924\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html;charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":21599,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5930), with CRLF line terminators","md5":"3825131f5a813f04a87410036f713eb6","sha1":"d79d3fc40c3dd9bc4e127a67174c64d3ebbea590","sha256":"8afcb459e6eb9893e1bdf6a0047b073a58ff5011210700f3b9378060dbcb7b6a","sha512":"2ebd6aeecc47e036b1879a94695572ee4748bc44658caf616d61010b1c3d7df55080f1f39ee09e2714d9667710a8eb6ac628dc520c36a0ee494dc3b5bc149dda","ssdeep":"384:+WSrI9sNhbDElVm7PBniVbAHRScIII1SeAIY:VCCsNhbDJiV0HRbIII1ShIY","tlshash":"c7a2c6a5c515202ba1738b87e7d7068efb964203a7030618fbdc63854ff1949e672fad","first_seen":"2026-05-08T14:06:05.826983Z","last_seen":"2026-06-03T10:44:52.507132Z","times_seen":40,"resource_available":true,"data":null}},"time_used":135,"timings":{"blocked":44,"dns":0,"connect":19,"send":0,"wait":45,"receive":2,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"usa-coinledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"usa-coinledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usa-coinledger.com/loader-config.json","fqdn":"usa-coinledger.com","domain":"usa-coinledger.com","tld":"com"},"ip":{"addr":"193.169.194.12","port":443,"asn":212496,"as":"SIA GOOD","country":"Latvia","country_code":"LV"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://usa-coinledger.com/","date":"2026-06-03T10:43:58.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"au-coinledger.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 12:35:53 GMT","end":"Sun, 16 Aug 2026 12:35:52 GMT"},"fingerprint":{"sha1":"34:5C:D9:1B:4A:18:E0:96:C0:16:02:A1:16:B8:63:88:9E:F5:D4:8F","sha256":"6E:D7:3B:81:2E:EE:43:03:3B:FF:62:EF:2C:19:40:5A:35:DC:6F:69:47:1E:25:8E:EB:82:31:52:C9:BE:FB:75"}}},"request":{"raw":"GET /loader-config.json HTTP/1.1\r\nHost: usa-coinledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://usa-coinledger.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 03 Jun 2026 10:43:58 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nContent-Length: 281\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":281,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"5553f2cc8774237f391bf09575a37506","sha1":"8464eccdd2c5891d0aba890e6b1bec60ea9d9986","sha256":"afb29b58999c12b226fb28ce6fddb36272f3456d971979ea7d04f0246655c5a1","sha512":"94164240da0de809a8171c4aedb7e5e18afb884e2dde43e88fc3c78e240859a674b73f2b2baf8c3881486d134ee5887cd16873d4b867143bfa8a1ad22b4b56d4","ssdeep":"","tlshash":"2ad02bae5043a38b4821195039c565d2278d12e6e47a85ec2ec6d4cb529c67ece9ae8c","first_seen":"2026-06-03T10:41:24.808183Z","last_seen":"2026-06-03T10:44:20.927997Z","times_seen":2,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"usa-coinledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"usa-coinledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"usa-coinledger.com/favicon.ico","fqdn":"usa-coinledger.com","domain":"usa-coinledger.com","tld":"com"},"ip":{"addr":"193.169.194.12","port":443,"asn":212496,"as":"SIA GOOD","country":"Latvia","country_code":"LV"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://usa-coinledger.com/","date":"2026-06-03T10:43:58.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"au-coinledger.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 18 May 2026 12:35:53 GMT","end":"Sun, 16 Aug 2026 12:35:52 GMT"},"fingerprint":{"sha1":"34:5C:D9:1B:4A:18:E0:96:C0:16:02:A1:16:B8:63:88:9E:F5:D4:8F","sha256":"6E:D7:3B:81:2E:EE:43:03:3B:FF:62:EF:2C:19:40:5A:35:DC:6F:69:47:1E:25:8E:EB:82:31:52:C9:BE:FB:75"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: usa-coinledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://usa-coinledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Wed, 03 Jun 2026 10:43:58 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nContent-Length: 281\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":281,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"5553f2cc8774237f391bf09575a37506","sha1":"8464eccdd2c5891d0aba890e6b1bec60ea9d9986","sha256":"afb29b58999c12b226fb28ce6fddb36272f3456d971979ea7d04f0246655c5a1","sha512":"94164240da0de809a8171c4aedb7e5e18afb884e2dde43e88fc3c78e240859a674b73f2b2baf8c3881486d134ee5887cd16873d4b867143bfa8a1ad22b4b56d4","ssdeep":"","tlshash":"2ad02bae5043a38b4821195039c565d2278d12e6e47a85ec2ec6d4cb529c67ece9ae8c","first_seen":"2026-06-03T10:41:24.808183Z","last_seen":"2026-06-03T10:44:20.927997Z","times_seen":2,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"usa-coinledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-03","alert":"Sinkholed","trigger":"usa-coinledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}