{"report_id":"5cd0d6b3-6e6b-4792-ab9e-32ded99598fb","version":6,"status":"done","tags":[],"date":"2026-04-24T13:51:25Z","url":{"schema":"http","addr":"myledgerwebextension.live","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"myledgerwebextension.live/","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"title":"Ledger Web Extension – Connect Ledger Hardware Wallets","dom":{"size":8317,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5329)","md5":"e025826cc9c1be503c7607796d1ef005","sha1":"8c8b5d6f9d0c63e7e439cfc0d93bf37150574c02","sha256":"c227e2b0d47be89b639b36e4f6d445b4cef3b2b377fb47d08630f11ad6bceb71","sha512":"efa376320457876f995e1ff2a0c884791ef563da1912ddc1e78f7dde8578b167f45b7253132189d63f8922ceee68155196bce7a80620e91a98ebfb39cde96512","ssdeep":"192:t/28dt7zbt6v3lIhn2agpmf1VNzZMNCc1BBojVyhW:te8X5qpcBiz1BBY","tlshash":"4f02b562571c0a2d560f43a8d9f5f73ca23ac247d64e985c729d12af1bc6ec0c8b7e94","dom_hash":"domhashf0783bb7296c7183b72cefa737e6d7d9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"myledgerwebextension.live","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-29T13:51:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"myledgerwebextension.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"myledgerwebextension.live","ip":{"addr":"162.254.39.102","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-24T13:51:28.058525Z","last_seen":"2026-04-24T13:51:28.058525Z","alert_count":7,"request_count":7,"received_data":2612283,"sent_data":3253,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"myledgerwebextension.live/assets/index-KxXMlONj.js","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1bd77bc9a9ec94ba8116da8c8307f230","sha1":"748495ff549ca53165af79b9ad988c92f7f67d5b","sha256":"0815481b8c40791b47081f3ef2d56b68402ec84aef566ca168fc4ab8ab74f360","sha512":"4904adbab31550319ef15fb91c1aad3e895b99debe59185b9c551c89a9fb3cecf7a6d36d19bc5b9cab9452712013f0b445c4bfb0bd309fcc208d81eebbd40aa0","ssdeep":"49152:NXAWnr6F9fe0Cs3wxX2bAh3WEJs/KLQ/eOLWv51XcApBQ8EIPqAlxmeNzvL3IcIQ:EboGN/ebvjXcApBQ5IPqOxmu","tlshash":"ecb57c84b2646061c3a926e004af04c9b779bd4d548d40bdf19ce8fb3eb5a45a77bf38","size":2492630,"data":"","first_seen":"2026-04-24T13:51:32.37747Z","last_seen":"2026-04-26T08:06:12.652613Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"myledgerwebextension.live/assets/index-6-slqOPE.css","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://myledgerwebextension.live/","date":"2026-04-24T13:51:04.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myledgerwebextension.live","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:41:95:67:7B:A7:CD:8C:76:CD:78:59:46:5F:46:BC:6D:EA:28:B9","sha256":"A2:BC:B2:9D:E4:E7:55:6D:23:91:83:20:5D:19:AA:24:61:66:20:AD:76:7E:72:A6:73:88:26:4B:C2:F3:1B:9C"}}},"request":{"raw":"GET /assets/index-6-slqOPE.css HTTP/1.1\r\nHost: myledgerwebextension.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://myledgerwebextension.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 01 May 2026 13:51:04 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 16 Nov 2025 04:38:04 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4028\r\ndate: Fri, 24 Apr 2026 13:51:04 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":18970,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (18969)","md5":"cf960cef3009adb1bf0cc0f0ff40e064","sha1":"fea3538c47f09767a23637b7b61fee372f98ce4d","sha256":"887d39c2b6864d75be0636cd661b15579fe043a8186aa79149c45741c5841cbb","sha512":"f39a55a262d9a3577430e3f4e71f2aaac39e6af5f5b6e81a01cd3e09da24d4ff64b1ca83a74f7e449f8a3b7cee1b90cc6d9a0f06b0de5e83104c19b94c32b5d9","ssdeep":"192:O9JyW9JyyxwOFGsfzsfQfdbnLKUc/ixN1yX/m/HxrHrls2I:kwch+uyX/m/Hxr5W","tlshash":"af824219aa00403b7c1790f9d698b69eb62ab0c1df3e97f96dc76101abd73f60c93604","first_seen":"2026-04-24T13:51:32.357829Z","last_seen":"2026-04-26T08:06:12.650112Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"myledgerwebextension.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"myledgerwebextension.live/ledger-logo.png","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://myledgerwebextension.live/","date":"2026-04-24T13:51:05.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myledgerwebextension.live","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:41:95:67:7B:A7:CD:8C:76:CD:78:59:46:5F:46:BC:6D:EA:28:B9","sha256":"A2:BC:B2:9D:E4:E7:55:6D:23:91:83:20:5D:19:AA:24:61:66:20:AD:76:7E:72:A6:73:88:26:4B:C2:F3:1B:9C"}}},"request":{"raw":"GET /ledger-logo.png HTTP/1.1\r\nHost: myledgerwebextension.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://myledgerwebextension.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T11:09:43.115534Z","times_seen":14684832,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"myledgerwebextension.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"myledgerwebextension.live/ledger-logo.png","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://myledgerwebextension.live/","date":"2026-04-24T13:51:05.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myledgerwebextension.live","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:41:95:67:7B:A7:CD:8C:76:CD:78:59:46:5F:46:BC:6D:EA:28:B9","sha256":"A2:BC:B2:9D:E4:E7:55:6D:23:91:83:20:5D:19:AA:24:61:66:20:AD:76:7E:72:A6:73:88:26:4B:C2:F3:1B:9C"}}},"request":{"raw":"GET /ledger-logo.png HTTP/1.1\r\nHost: myledgerwebextension.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://myledgerwebextension.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 01 May 2026 13:51:05 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 19 Oct 2025 18:23:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7251\r\ndate: Fri, 24 Apr 2026 13:51:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":7251,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"a12b21184a2a6093e13b5d35e1e67f0e","sha1":"2cf6c1ac20a00d59524bec058440e451c132101a","sha256":"4c6b57bd08a664a7ef884ae1bf48d1a963a2ee4867047c83163ff255f2a70e16","sha512":"6f117b931be11653a5c4fa0b8b139fa94613b7691f2f2a059cc382efd7f9508a4939284d2e4bf672d88958aa5d4374e40f836e34252714b14d8e68b6fe6fdf87","ssdeep":"96:f+Nf2mA0R9xfYiauaL5n6qOWNl0eEcOMguXWWCxUnJlBJ/hWjWpfmG1gjGvBj:ae8/O3OO+eEaJxiKftgjW","tlshash":"61e18e4ba39447d3daa1423e71213605e8ba6dbff62dc2ce9b5971c8e5087d5e2c2113","first_seen":"2026-04-24T13:51:32.363871Z","last_seen":"2026-04-26T08:06:12.639148Z","times_seen":3,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"myledgerwebextension.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"myledgerwebextension.live/background-pattern.png","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://myledgerwebextension.live/","date":"2026-04-24T13:51:05.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myledgerwebextension.live","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:41:95:67:7B:A7:CD:8C:76:CD:78:59:46:5F:46:BC:6D:EA:28:B9","sha256":"A2:BC:B2:9D:E4:E7:55:6D:23:91:83:20:5D:19:AA:24:61:66:20:AD:76:7E:72:A6:73:88:26:4B:C2:F3:1B:9C"}}},"request":{"raw":"GET /background-pattern.png HTTP/1.1\r\nHost: myledgerwebextension.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://myledgerwebextension.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 01 May 2026 13:51:05 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 17 Oct 2025 10:51:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 87546\r\ndate: Fri, 24 Apr 2026 13:51:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":87546,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 827 x 464, 8-bit/color RGBA, non-interlaced","md5":"576c38a50a087a7d6d1ba9e580640e5e","sha1":"29ac314fe8921e6d95cc5272df8b1b5c9262918f","sha256":"11677c07bea5ed9897a74b121cc586737e65f28da8abc41604bb3570004bbe99","sha512":"30d6aa6eb361c4ae21df316e53a54ea3967fb0aeefbc6768b042620d1b9a29d710580972aa241c5f365dc4db4e8b8f3e14b47db0c352a168a9a6d631af7e7f5b","ssdeep":"1536:6/N1yIx3LAd6qaUidzVzFIt0kPMSAE6h7ybl4OrtXVOsvwsqum9pbMFBv/:6/N1yIxi6qNihVzvkPMSARuKOpfAu4pu","tlshash":"d68302d1857279858e0d280fbbc6399e6fba651f1fde623c830038611147df94b64bab","first_seen":"2026-04-24T13:51:32.366844Z","last_seen":"2026-04-26T08:06:12.63717Z","times_seen":3,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"myledgerwebextension.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"myledgerwebextension.live/ledger-logos.png","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://myledgerwebextension.live/","date":"2026-04-24T13:51:05.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myledgerwebextension.live","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:41:95:67:7B:A7:CD:8C:76:CD:78:59:46:5F:46:BC:6D:EA:28:B9","sha256":"A2:BC:B2:9D:E4:E7:55:6D:23:91:83:20:5D:19:AA:24:61:66:20:AD:76:7E:72:A6:73:88:26:4B:C2:F3:1B:9C"}}},"request":{"raw":"GET /ledger-logos.png HTTP/1.1\r\nHost: myledgerwebextension.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://myledgerwebextension.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 01 May 2026 13:51:05 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 15 Oct 2025 21:40:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1060\r\ndate: Fri, 24 Apr 2026 13:51:05 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1060,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"7afd696230b28eaf85538be0e2dd119f","sha1":"cfb17f3974e60d77ef3cdc9c64f45b87def2954c","sha256":"f5efed0bad48a024d6048d277d6c10782c1c92c0b211641c8f624c7fce8ec766","sha512":"b4eee77b8958ee6abd44eb03d1ad771856bd2c11dd22c3f4796461d4a2142474eec4bae683c8c0f03918621e8cf73e070359efbc32529f1dad8d390420b5e125","ssdeep":"","tlshash":"3e1183692420cc60e7c61125d346024d7fb02806706c6c8bf8fc90b34ae163eadf0ed3","first_seen":"2026-04-24T13:51:32.369592Z","last_seen":"2026-04-26T08:06:12.641501Z","times_seen":3,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"myledgerwebextension.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"myledgerwebextension.live/","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-24T13:51:03.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myledgerwebextension.live","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:41:95:67:7B:A7:CD:8C:76:CD:78:59:46:5F:46:BC:6D:EA:28:B9","sha256":"A2:BC:B2:9D:E4:E7:55:6D:23:91:83:20:5D:19:AA:24:61:66:20:AD:76:7E:72:A6:73:88:26:4B:C2:F3:1B:9C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: myledgerwebextension.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sun, 16 Nov 2025 04:38:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 922\r\ndate: Fri, 24 Apr 2026 13:51:03 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2958,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"e1e0f593269df8b355a70792b5b0858e","sha1":"9504baf43f6702b0beadc341bc66b6ae8465024d","sha256":"ab438f7f5e7affb567b42ad866afee3e387c4b62d8a70ef8f7dfce123c1c041a","sha512":"ef9e868200cfa144eaa6cc80fecd7d2bfd54d2158b02f6bc273c0791d3c4f297eca817bfbfe0bfbf6705d64db0b8d8579afbe2974cd1e303f686d6bc8f5bd0f9","ssdeep":"","tlshash":"eb510297d6e94944125c82389fe2f59c9632828bd19c391c72cc621f1fc2bd486bbfc9","first_seen":"2026-04-24T13:51:32.371707Z","last_seen":"2026-04-26T08:06:12.645839Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1093,"timings":{"blocked":464,"dns":52,"connect":164,"send":0,"wait":165,"receive":0,"ssl":244},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"myledgerwebextension.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"myledgerwebextension.live/assets/index-KxXMlONj.js","fqdn":"myledgerwebextension.live","domain":"myledgerwebextension.live","tld":"live"},"ip":{"addr":"162.254.39.102","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://myledgerwebextension.live/","date":"2026-04-24T13:51:04.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"myledgerwebextension.live","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Fri, 30 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C2:41:95:67:7B:A7:CD:8C:76:CD:78:59:46:5F:46:BC:6D:EA:28:B9","sha256":"A2:BC:B2:9D:E4:E7:55:6D:23:91:83:20:5D:19:AA:24:61:66:20:AD:76:7E:72:A6:73:88:26:4B:C2:F3:1B:9C"}}},"request":{"raw":"GET /assets/index-KxXMlONj.js HTTP/1.1\r\nHost: myledgerwebextension.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://myledgerwebextension.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Sun, 16 Nov 2025 04:38:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 24 Apr 2026 13:51:04 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2492630,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (26769)","md5":"c58f3cbfcbec24954aef3b5446021aee","sha1":"3fcfe380021d7ac235af783df7b377faec0e92da","sha256":"43d3451d8cf46b226643c8fc834304c9f07c523863ce822cc48c6d59b9f01cdf","sha512":"21a855b91af2e9334db5d1ae1b8188fa3783644b48f01ed9d1010e2096fd9bcef3b5399951a2e35fbafb5ec35b8411a965dda6f15e3aa01f84637a9745a81b5f","ssdeep":"24576:NXAWnr6F9fe0CsjLwx0k2bAh3WEJs/KLQ/eO+MzWv51RtcAueBQgzEIPWVdI00rc:NXAWnr6F9fe0Cs3wxX2bAh3WEJs/KLQv","tlshash":"38251ac8b2a57062c3a625a0002f444af27efd1d684d847cf158e8fa3db9549667ff78","first_seen":"2026-04-24T13:51:32.373838Z","last_seen":"2026-04-26T08:06:12.648331Z","times_seen":3,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-24","alert":"Sinkholed","trigger":"myledgerwebextension.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}