Report - broadledger.net/

Report Overview

Visited public
2024-09-18 04:07:35
Tags
URL
broadledger.net/
Finishing URL
broadledger.net/
IP / ASN
172.67.136.17
#13335 CLOUDFLARENET
Title
Telegram

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

124

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-17 18:12:05	1.3 kB	3.6 kB	23.36.77.32
broadledger.net	unknown	unknown	No data	No data	14 kB	1.6 MB	172.67.136.17
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-17 18:12:27	1.3 kB	3.5 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram
2024-09-17	medium	broadledger.net/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed
2024-09-18	medium	broadledger.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	broadledger.net/redirect.js?v=1	407 B	2024-09-18 02:03	2025-01-11 17:01
Pretty URL broadledger.net/redirect.js?v=1 IP 172.67.136.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-18 02:03 Last Seen2025-01-11 17:01 Times Seen275 Hash 6ea7d7dc767ce7e92a6e01c7a3fa69d7 9cdf6ff82455df1351e53e86ee0a9781012ead5b f3267d78cb220ddc7bd4a3fe3fed46a05f8dc69611d5523e7443b2e4afaa2cbb Loading...

	broadledger.net/compatTest.js	2.5 kB	2024-06-30 22:36	2025-01-15 12:57
Pretty URL broadledger.net/compatTest.js IP 172.67.136.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-30 22:36 Last Seen2025-01-15 12:57 Times Seen1054 Hash da7800ea928a021f2539ab41e6f2323e 0141da1dc85ca8f34212f3dde2fac9bf61f5adb7 15c24ec2b4cb94f24e66750f09e7071e5659e20a5ed926f69f565e20a81027cf Loading...

	broadledger.net/main.9a912c00d881695d0ddb.js	439 kB	2024-08-26 11:45	2025-01-11 17:00
Pretty URL broadledger.net/main.9a912c00d881695d0ddb.js IP 172.67.136.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-26 11:45 Last Seen2025-01-11 17:00 Times Seen248 Hash fbb3255985fdbb3b866c764f2b4b2f59 99048f8ff4b7155676fa1639ca4444211d4740b2 dc29b8a0507b3b28a459de068b3b1bf5b66331a72e96c74e6ed47a856b8d5a8f Loading...

	broadledger.net/6708.05075ec696cf1bca34b2.js	10 kB	2024-08-15 13:06	2025-01-11 17:01
Pretty URL broadledger.net/6708.05075ec696cf1bca34b2.js IP 172.67.136.17 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-15 13:06 Last Seen2025-01-11 17:01 Times Seen428 Hash 96ef59c5330eda8a6049dc0850b9d2c3 3293c0574ac9cd31a37f9ad740cebd8d0d0aee69 1f105f736a0aeac0e3d3c6cf76b3da36820054850484015b8befa243e1bef253 Loading...

HTTP Transactions (39)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b4ddabe3dc0fdf5ea3a82a9aebbb01c6
bfbff7cc66b83f1e16d8739a987f175866a6de68
73c53b2f9ea6cb310eb9df3e6d917f4649a2c2470b3ae7ee1e4bbb7102550016

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "73C53B2F9EA6CB310EB9DF3E6D917F4649A2C2470B3AE7EE1E4BBB7102550016"
Last-Modified: Sun, 15 Sep 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12572
Expires: Wed, 18 Sep 2024 07:36:40 GMT
Date: Wed, 18 Sep 2024 04:07:08 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a4e61c096fb8a0f28561b209588076fe
84634c409a230cba663826d593379499fce545a8
17f85499c27b8bafbc202dc51cd5e7fa80be0988a0d820dbf8a4c81344f26da9

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "17F85499C27B8BAFBC202DC51CD5E7FA80BE0988A0D820DBF8A4C81344F26DA9"
Last-Modified: Tue, 17 Sep 2024 12:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14674
Expires: Wed, 18 Sep 2024 08:11:42 GMT
Date: Wed, 18 Sep 2024 04:07:08 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
946bd983da8ed3f6d5c12abcab5273e0
eaf94210f1202240080722b9f0a78aa64b6cc1b3
f772e410f6d95169a72a7473bf8ff96f7c642b0e8cd820c34b9debdfc367c44e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F772E410F6D95169A72A7473BF8FF96F7C642B0E8CD820C34B9DEBDFC367C44E"
Last-Modified: Tue, 17 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2390
Expires: Wed, 18 Sep 2024 04:46:58 GMT
Date: Wed, 18 Sep 2024 04:07:08 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a31eb23bb83183cf82d06967d5e3f31e
803053eed17ab1e4d902c93d5f20ae6e930c89e4
116549023fd841d0418e44c97968a7f84c98b643b76ce6b9a94ca70446de13f1

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "116549023FD841D0418E44C97968A7F84C98B643B76CE6B9A94CA70446DE13F1"
Last-Modified: Tue, 17 Sep 2024 14:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2693
Expires: Wed, 18 Sep 2024 04:52:02 GMT
Date: Wed, 18 Sep 2024 04:07:09 GMT
Connection: keep-alive

broadledger.net/icon-192x192.png

172.67.136.17

200 OK

3.1 kB

URL GET HTTP/3
broadledger.net/icon-192x192.png
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced
Size
3.1 kB (3059 bytes)
Hash
1a1650d2c76bfc1ac484646c19e495b9
fe58d66042ce9241226f5da9370230285ff604fc
6e587a62c9d7a97f25265ab5eb29d101ad2e36810042a4116d2dd29da96b0bf8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /icon-192x192.png HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:10 GMT
content-type: image/png
content-length: 3059
last-modified: Mon, 19 Aug 2024 08:00:42 GMT
etag: "66c2fbaa-bf3"
expires: Fri, 18 Oct 2024 00:23:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 13434
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BycfP15bb2ZdLYpU2X9iSIzZyL%2BGWXWWW85ww%2BbI0Tj%2BPz7JznQVEKJhJfV8RJLAYvD%2BZoAc%2F9lT8sqVZIRGzGZVdefdEsLrYjmUgF%2B6cvX5%2Bpf9WoDMODuECayNJf1HI00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c4e77b17c31b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/api/rcd

172.67.136.17

400 Bad Request

36 B

URL POST HTTP/3
broadledger.net/api/rcd
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JSON text data
Size
36 B (36 bytes)
Hash
03700bfb53b1fac3e3f278e951ca7737
e8c1cfa0edb9f323d956d38802cce27785529ddd
9954014c43fc8ff25d10a71adaa9178136122a32a33b9a03ec94b53faaf8a509

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /api/rcd HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://broadledger.net/
Content-Type: application/json
Content-Length: 26
Origin: https://broadledger.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 400 Bad Request
date: Wed, 18 Sep 2024 04:07:10 GMT
content-type: application/json; charset=utf-8
content-length: 36
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, User-Agent, Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fag4apRIbBUD79Y26dgIpXBmKYogsvVxYl3ychJXWll8geT2W%2FEXTgjPjXFD0I1Gd6xXlg7a1ncga5gcCSYmxPYcxjF%2Bsggfhd9RepXavxN0UXXDuLFLbej%2FrEC8Sjb7LL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77af8b0db50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2

172.67.136.17

200 OK

11 kB

URL GET HTTP/3
broadledger.net/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11016, version 1.0
Size
11 kB (11016 bytes)
Hash
15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /KFOmCnqEu92Fr1Mu4mxKKTU1Kg.465390c6e54c60f4a15f.woff2 HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/main.b563a1b1790456b66383.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:10 GMT
content-type: font/woff2
content-length: 11016
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
etag: "66b8d586-2b08"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0i3KV%2FeCqHro2zVXjAy6o%2BZ2OyPs2Cf0BEfk6KH23LyanGbifx5iJbvRC4nahB6tjRn9tnUsBATggt%2BJ6fgZXRxPy64BucgZ2Py9zUfvbKNcbyzE%2Fc5bF%2F%2Fdq%2FnAwdip%2B3E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c4e77af7b08b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/notification.mp3

172.67.136.17

206 Partial Content

11 kB

URL GET HTTP/3
broadledger.net/notification.mp3
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo
Size
11 kB (10880 bytes)
Hash
eba09b6a457792c52fc610b5f9f974b3
95e6e0f7648e28ea21bc434054ea59aba3a35aea
86093551f5a7f68c7dcac947bd8dc54c6a79dd9a5d83f7e40116d640eb28c7d6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /notification.mp3 HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Wed, 18 Sep 2024 04:07:10 GMT
content-type: audio/mpeg
content-length: 10880
last-modified: Mon, 19 Aug 2024 08:00:42 GMT
etag: "66c2fbaa-2a80"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-10879/10880
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=224kZK3zoGeaUckQMaJNjU95qCdoK7cKQPQbf9fxzHtmaRGiVcaF8yYOO%2F0sGGht0rDSpiF3wJVpXrs7V3EgcDZSgVoD2jGZPxieZ%2B9M%2BkGm%2FKWeQj%2BezAOelZ3yb7%2Fp%2BvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c4e77af9b10b50f-OSL
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
45c440d4cead985bd4f1f69f84162f7b
1251ec50f9cfdb548fe2e0fef4cbb146fd92a56b
91127a16631d0d606cac9cac289cf04f0ccb542d3f8954ef4bc5caaef374c238

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "91127A16631D0D606CAC9CAC289CF04F0CCB542D3F8954EF4BC5CAAEF374C238"
Last-Modified: Tue, 17 Sep 2024 14:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8407
Expires: Wed, 18 Sep 2024 06:27:17 GMT
Date: Wed, 18 Sep 2024 04:07:10 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
45c440d4cead985bd4f1f69f84162f7b
1251ec50f9cfdb548fe2e0fef4cbb146fd92a56b
91127a16631d0d606cac9cac289cf04f0ccb542d3f8954ef4bc5caaef374c238

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "91127A16631D0D606CAC9CAC289CF04F0CCB542D3F8954EF4BC5CAAEF374C238"
Last-Modified: Tue, 17 Sep 2024 14:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8407
Expires: Wed, 18 Sep 2024 06:27:17 GMT
Date: Wed, 18 Sep 2024 04:07:10 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
45c440d4cead985bd4f1f69f84162f7b
1251ec50f9cfdb548fe2e0fef4cbb146fd92a56b
91127a16631d0d606cac9cac289cf04f0ccb542d3f8954ef4bc5caaef374c238

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "91127A16631D0D606CAC9CAC289CF04F0CCB542D3F8954EF4BC5CAAEF374C238"
Last-Modified: Tue, 17 Sep 2024 14:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8407
Expires: Wed, 18 Sep 2024 06:27:17 GMT
Date: Wed, 18 Sep 2024 04:07:10 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
45c440d4cead985bd4f1f69f84162f7b
1251ec50f9cfdb548fe2e0fef4cbb146fd92a56b
91127a16631d0d606cac9cac289cf04f0ccb542d3f8954ef4bc5caaef374c238

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "91127A16631D0D606CAC9CAC289CF04F0CCB542D3F8954EF4BC5CAAEF374C238"
Last-Modified: Tue, 17 Sep 2024 14:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8407
Expires: Wed, 18 Sep 2024 06:27:17 GMT
Date: Wed, 18 Sep 2024 04:07:10 GMT
Connection: keep-alive

broadledger.net/6708.05075ec696cf1bca34b2.js

172.67.136.17

200 OK

62 kB

URL GET HTTP/3
broadledger.net/6708.05075ec696cf1bca34b2.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
gzip compressed data, from Unix
Size
62 kB (62393 bytes)
Hash
74e186bf4e103b71a13bc42195a96b48
45613ad54a65d1aecce985615f69375bf8114399
2486127f7a2be07d8bb247e4171310a28c05c0e1c66ab343ca9f99e49fbe533e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /6708.05075ec696cf1bca34b2.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-287f"
expires: Wed, 18 Sep 2024 12:23:17 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilrvSWKb9wqHwyKhlB%2Ftbq9g4I7W4ASlVGHoLg09S8oKLW8Wl26M12cZyUGJkpAWVa%2FKGX3a0y2UyjxgF1Y9wiXzQunIf0SWHS4PKlW2t1gr0znh7K9OxXKhYMyIHePFmi0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c24e1fb50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/9357.1f6836f2d95171420e95.js

172.67.136.17

200 OK

2.5 kB

URL GET HTTP/3
broadledger.net/9357.1f6836f2d95171420e95.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (2628), with no line terminators
Size
2.5 kB (2502 bytes)
Hash
f1e52bed22548c1f7e2fce0522cd4a82
41e036d1f96cfb47fb93fc121083185660cf1b86
27d08f1a88bf79a17d448203d046e206aa249bc86bd99cf67c4e88e6aef34255

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9357.1f6836f2d95171420e95.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-9c6"
expires: Wed, 18 Sep 2024 12:23:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8NVU5Ujj8%2FMzOaSjLwJvbfisRVA1xKZ6WC%2BdpqPAjyHwwWMUgLeCENesssrxulrw31N%2BkYA0651LL4pUqTgeb91AA%2FdvRG1mFwk0%2BsQzLL1BqqdeK%2BOF1uCwBIDZPmueGUY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2fe82b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/5905.7740c1743540df2d6991.js

172.67.136.17

200 OK

140 kB

URL GET HTTP/3
broadledger.net/5905.7740c1743540df2d6991.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
140 kB (140180 bytes)
Hash
46648d77dd491aa690f065c72bcba0c8
0c06eb281c296bec1d6a5ba710e94392689a90dc
145628cfa23f0607acd86035ca9ee8f3179c980d848d52564bcff7334db4af10

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5905.7740c1743540df2d6991.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-22394"
expires: Wed, 18 Sep 2024 12:23:18 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2F9dTFZ1sAKVL6EZHSnhn951Y17we6uG%2B3PI3Yjf%2BONbqztpX5gTdhw4Hb8kukJFj%2BCmhaVPrBCMC%2F8Y1UzWVi%2BlE20MgaPVB%2F58el%2BMWTPP35cPb5W6KjngQWAmD3Y%2Bnc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2be58b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/5905.7740c1743540df2d6991.js

172.67.136.17

200 OK

140 kB

URL GET HTTP/3
broadledger.net/5905.7740c1743540df2d6991.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
140 kB (140180 bytes)
Hash
46648d77dd491aa690f065c72bcba0c8
0c06eb281c296bec1d6a5ba710e94392689a90dc
145628cfa23f0607acd86035ca9ee8f3179c980d848d52564bcff7334db4af10

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5905.7740c1743540df2d6991.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-22394"
expires: Wed, 18 Sep 2024 12:23:18 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrEIenpTCHIvfc4%2Bx8jrNgyLB2cS3%2FJvymLOsbUiFiBk5y%2BdaS%2F4TZrjV5JZuoX%2BS%2FFrCcb5djoI8jCcskRcuFRT3zfOs2E%2FZSJibG8vh2F%2B4CgMaHqCjeCILHhF76tL1j8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2ce5eb50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/rlottie-wasm.f013598f1b2ba719f25e.js

172.67.136.17

200 OK

66 kB

URL GET HTTP/3
broadledger.net/rlottie-wasm.f013598f1b2ba719f25e.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (65591 bytes)
Hash
4441938ee433d3657c20d454d352a336
dd67121d7fda7c17be196f60c72dfa06bcb5bc6f
659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-10037"
expires: Wed, 18 Sep 2024 12:23:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkK9alx8To4G5cLHQVS1qh5DMjnRvS0VXfwCFme8UE%2Fp0kLmiQhC7ukV0JvtYZSf8KSUvi1mdwKf7s5jnvbBaEgielKtFJFkYSWLab5r%2BqXlgSDxUhZYH4KG%2B5yvO0BaNeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c31e8db50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/rlottie-wasm.f013598f1b2ba719f25e.js

172.67.136.17

200 OK

66 kB

URL GET HTTP/3
broadledger.net/rlottie-wasm.f013598f1b2ba719f25e.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (65591 bytes)
Hash
4441938ee433d3657c20d454d352a336
dd67121d7fda7c17be196f60c72dfa06bcb5bc6f
659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-10037"
expires: Wed, 18 Sep 2024 12:23:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PGNvVI%2FjJRQRIvTndzU2Z8hWeet1M68JGokf4r%2F9ZGRPxxmkfDuD3pZErkkk9BbL%2BP%2BDZNVwB5jHLDGMUWSNE408AXgaZYLBdJUsA4LwNVYG1UFpwRthS6ZPyWrZ2tKINjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c31e91b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/compatTest.js

172.67.136.17

200 OK

2.5 kB

URL GET HTTP/3
broadledger.net/compatTest.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (2610), with no line terminators
Size
2.5 kB (2544 bytes)
Hash
6cfbdd49583de4aef06544f30e1eafb9
b852473e5433f95a06bf58c7e625876a14358422
9f053b9be11ee313213aaf4d5269f4a011e068ed6eaf12a557634381fc42c9ec

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /compatTest.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:09 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:42 GMT
vary: Accept-Encoding
etag: W/"66c2fbaa-9f0"
expires: Wed, 18 Sep 2024 12:23:12 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3KhIDGZiMwCsc7WzKRncr2had0qGOoCx6mAAfRcjl3uokY5nj1t1k%2Bhy9mrdX7hiSQOrphQ0wgtZjmMny16BydGetPOFIW%2F55WO0EPAhkwVxsgXc%2ByvPnJX2TrCtW9GZ0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77aeaa5bb50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/8074.2a21714739b00af37659.js

172.67.136.17

200 OK

8.4 kB

URL GET HTTP/3
broadledger.net/8074.2a21714739b00af37659.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (8568), with no line terminators
Size
8.4 kB (8401 bytes)
Hash
cf029d23efef8096e18b597928dadca1
c82cd6d236f5bf526a350ce60e9830cd78bd7eb4
f5b1ea8910be7e403c7c2149044bb7f2664878d8f27c7ea93c24821b8c02b188

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8074.2a21714739b00af37659.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-20d1"
expires: Wed, 18 Sep 2024 12:23:17 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2hxD6LHFkcFvtQFEJXpU7G7FYJOT1cPBJTgyNHC3n8Vb1fumy%2FsEwoCQswhvjdZNpKNdbBM1wKxwqY7gZPU9rul0DPG5SJM%2FRf550dTo2CO1cRTxJQ%2BSNtk9todHW3sO54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c27e37b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/7784.ec5164938531ffe545a2.js

172.67.136.17

200 OK

21 kB

URL GET HTTP/3
broadledger.net/7784.ec5164938531ffe545a2.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (21341)
Size
21 kB (21424 bytes)
Hash
4ed38bfe5a91818dc89b8e94b809c616
768694610faf78cc071230229c990821c456e2fb
a0a5bd8a76f26757141750073dddaba0527a2e3a3be9a4566a46ab4fd13f1c28

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /7784.ec5164938531ffe545a2.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-53b0"
expires: Wed, 18 Sep 2024 12:23:15 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13438
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8JvBdQ%2BtqmbNkphrID3vAFxvlE02HFdG8xwNGXyNOfK8MQzI8CE5lowvfJSbPSbCcXsRge3GKWt0u7qBJzNb5MfjqX5HFFVHmaER4LapH%2FtKR8pdgSeCzKtlGriy5wVjMOU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2ae4bb50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/9357.1f6836f2d95171420e95.js

172.67.136.17

200 OK

2.5 kB

URL GET HTTP/3
broadledger.net/9357.1f6836f2d95171420e95.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (2628), with no line terminators
Size
2.5 kB (2502 bytes)
Hash
f1e52bed22548c1f7e2fce0522cd4a82
41e036d1f96cfb47fb93fc121083185660cf1b86
27d08f1a88bf79a17d448203d046e206aa249bc86bd99cf67c4e88e6aef34255

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9357.1f6836f2d95171420e95.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-9c6"
expires: Wed, 18 Sep 2024 12:23:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpQMyyNH%2Bujmvsy5nXOBmaDUHDVnI5N3f8AMRHKQ0q%2Fb8mbNmh3edNoQyr7CwzdzJugK%2Bsa%2BKHUecrGxDSC5KMujicDLqWwfGgIn4IaDDqToMUrpsMAeey8v6qoGVqBLyck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2fe7ab50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/rlottie-wasm.f013598f1b2ba719f25e.js

172.67.136.17

200 OK

66 kB

URL GET HTTP/3
broadledger.net/rlottie-wasm.f013598f1b2ba719f25e.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (65591 bytes)
Hash
4441938ee433d3657c20d454d352a336
dd67121d7fda7c17be196f60c72dfa06bcb5bc6f
659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-10037"
expires: Wed, 18 Sep 2024 12:23:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJduVhH2LVWaZ%2BFC7d49BZ2SpmVbuJbpdyfYrLi58ujPsoqm2DsVrpQwm%2FYnuIrdtINp21sgzCnInA6ygEawuM%2Fja75vk75ofOktUdLroJqYBp5o%2BH6n3PU%2FTsNnXdzFP0E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c31e8eb50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/5905.7740c1743540df2d6991.js

172.67.136.17

200 OK

140 kB

URL GET HTTP/3
broadledger.net/5905.7740c1743540df2d6991.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
140 kB (140180 bytes)
Hash
46648d77dd491aa690f065c72bcba0c8
0c06eb281c296bec1d6a5ba710e94392689a90dc
145628cfa23f0607acd86035ca9ee8f3179c980d848d52564bcff7334db4af10

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5905.7740c1743540df2d6991.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-22394"
expires: Wed, 18 Sep 2024 12:23:18 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAX7YGahWt%2F0JlIBWOkjuz5t%2F1OEZ4hGcT%2BmVmS%2F0MLMubWobOl7TgjbtWIO%2BV37emqbnhhrosvuZ3ZMw1CG2F3Coss6UHWWZvfJ5KXntmQoBKbn57UhCdOyN4%2FsrJ7LyQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2ce5db50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/5905.7740c1743540df2d6991.js

172.67.136.17

200 OK

140 kB

URL GET HTTP/3
broadledger.net/5905.7740c1743540df2d6991.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
140 kB (140180 bytes)
Hash
46648d77dd491aa690f065c72bcba0c8
0c06eb281c296bec1d6a5ba710e94392689a90dc
145628cfa23f0607acd86035ca9ee8f3179c980d848d52564bcff7334db4af10

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5905.7740c1743540df2d6991.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-22394"
expires: Wed, 18 Sep 2024 12:23:18 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UF73akLics5%2BgdqXQs4o%2FmJqWX%2B44kvd9Rv0FTBkR2tEpZOpm7uZzQzAo4qbIyT30en9JNvQvdXPgnErLasHrxx33ZpPwiyDRQMnx3kdQxvVpGNvBfKKb4%2BWm1ezjlxLjcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2ce61b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/8074.2a21714739b00af37659.js

172.67.136.17

200 OK

8.4 kB

URL GET HTTP/3
broadledger.net/8074.2a21714739b00af37659.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (8568), with no line terminators
Size
8.4 kB (8401 bytes)
Hash
cf029d23efef8096e18b597928dadca1
c82cd6d236f5bf526a350ce60e9830cd78bd7eb4
f5b1ea8910be7e403c7c2149044bb7f2664878d8f27c7ea93c24821b8c02b188

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8074.2a21714739b00af37659.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-20d1"
expires: Wed, 18 Sep 2024 12:23:17 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1124HG%2BJAtr8t4jOky86suEf4D2tlI2ti4Cv6y79E8zmmK6%2BmCzXgveiGHBaD1Jrd9KSiZ896Osf2OuUGlCNf3D%2BEY4s4iztwyLiN9Eq4%2FW3%2B7xPhz6mf7DaJvnsyZW9M3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c27e35b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/8074.2a21714739b00af37659.js

172.67.136.17

200 OK

8.4 kB

URL GET HTTP/3
broadledger.net/8074.2a21714739b00af37659.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (8568), with no line terminators
Size
8.4 kB (8401 bytes)
Hash
cf029d23efef8096e18b597928dadca1
c82cd6d236f5bf526a350ce60e9830cd78bd7eb4
f5b1ea8910be7e403c7c2149044bb7f2664878d8f27c7ea93c24821b8c02b188

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8074.2a21714739b00af37659.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-20d1"
expires: Wed, 18 Sep 2024 12:23:17 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqSjWtMavBnc4khHOcBnBRvSScwLwhGgcCN528D6VqUYXOiBzJtCqsLl9y%2FJbM38qFxgw0O7bEHuVm7VYxFR6QnuhaHXYt7CDS0Wmd8TPtN9jG2fRnYrfM3q6EPXF1Foo6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c27e39b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/7784.ec5164938531ffe545a2.js

172.67.136.17

200 OK

21 kB

URL GET HTTP/3
broadledger.net/7784.ec5164938531ffe545a2.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (21341)
Size
21 kB (21424 bytes)
Hash
4ed38bfe5a91818dc89b8e94b809c616
768694610faf78cc071230229c990821c456e2fb
a0a5bd8a76f26757141750073dddaba0527a2e3a3be9a4566a46ab4fd13f1c28

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /7784.ec5164938531ffe545a2.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-53b0"
expires: Wed, 18 Sep 2024 12:23:15 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13438
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwyu2lvY%2Bou3DmQ4kZGH5BLjZG6PzX%2B9qoss8YxhT3vROKvhBTlrarSMiynGD5jWXdrwUTihAYWgnndFpVyp6ZXLwjoZsEY7TEXqxdFcjdEtYm6q5jrXam4si0Ey73TtMzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c29e44b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/9357.1f6836f2d95171420e95.js

172.67.136.17

200 OK

2.5 kB

URL GET HTTP/3
broadledger.net/9357.1f6836f2d95171420e95.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (2628), with no line terminators
Size
2.5 kB (2502 bytes)
Hash
f1e52bed22548c1f7e2fce0522cd4a82
41e036d1f96cfb47fb93fc121083185660cf1b86
27d08f1a88bf79a17d448203d046e206aa249bc86bd99cf67c4e88e6aef34255

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9357.1f6836f2d95171420e95.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-9c6"
expires: Wed, 18 Sep 2024 12:23:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFpZUWYKP6GddzN6C62rb%2Flv1lHfVwLvVZbAn%2Fqmn8e7e62r9XcvG2kzkYhldU9qXr3AiH5%2FiGSoxoExlMeAyt01qfEGBFJITnabCIIJCjWpEtyzTRMkdQq1qr1hLaPZxzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2fe72b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/

172.67.136.17

200 OK

3.0 kB

URL User Request GET HTTP/2
broadledger.net/
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
HTML document, ASCII text, with very long lines (3199), with no line terminators
Size
3.0 kB (3035 bytes)
Hash
7eca8a05bcb727e9754a2005357d6ab4
c4a9046ea028d52445fb7601de72b33b9ae1e825
ba10b76130e0fdeb4cd52f8ced51d2c877d5c635a3319a42fbf4f298b02a6371

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 18 Sep 2024 04:07:09 GMT
content-type: text/html
last-modified: Mon, 19 Aug 2024 08:03:08 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qinbeIrpwuHffp%2BYWB%2BEUrQgUK1eQGpxCc0%2B6IQUpzPd6%2FyyhzU%2BX8GOcTxZxMDLWfhi2LnI5kNXAYKqF32T6vJM32LRkE9VVDjEGmR4DySD%2FvWPgnu1gxjQ71SGXl821Yk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77aa5a3456b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

broadledger.net/main.9a912c00d881695d0ddb.js

172.67.136.17

200 OK

439 kB

URL GET HTTP/3
broadledger.net/main.9a912c00d881695d0ddb.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type

Size
439 kB (438807 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.9a912c00d881695d0ddb.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:09 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-6b217"
expires: Wed, 18 Sep 2024 12:23:12 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bW645aCzh8IGa5nUQJt9WBDPUusU6ha9nZGwbelk1P39AKJfTtwKfstpTzTWaziMzOOWUpcvsYfmzdxFZH%2FWvb%2BsN7SfXDUqx4TdoruQZL5178AzvvViPAF13bdOsi4BhX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77ae9a59b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/7784.ec5164938531ffe545a2.js

172.67.136.17

200 OK

21 kB

URL GET HTTP/3
broadledger.net/7784.ec5164938531ffe545a2.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (21341)
Size
21 kB (21424 bytes)
Hash
4ed38bfe5a91818dc89b8e94b809c616
768694610faf78cc071230229c990821c456e2fb
a0a5bd8a76f26757141750073dddaba0527a2e3a3be9a4566a46ab4fd13f1c28

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /7784.ec5164938531ffe545a2.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-53b0"
expires: Wed, 18 Sep 2024 12:23:15 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13438
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiqvEzl2KoR%2BOlFIdy4BySd1OQvj00JXQN3i7mj09CJXBA%2FLtXmtoEQbsZTQh%2F5M7QzQiFVkz%2BMzvIXToK2Td4h99VMRebt%2BsVUS9rHyVtDyaMhryZa6cGQNczbe6XnMj9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c29e46b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/7784.ec5164938531ffe545a2.js

172.67.136.17

200 OK

21 kB

URL GET HTTP/3
broadledger.net/7784.ec5164938531ffe545a2.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (21341)
Size
21 kB (21424 bytes)
Hash
4ed38bfe5a91818dc89b8e94b809c616
768694610faf78cc071230229c990821c456e2fb
a0a5bd8a76f26757141750073dddaba0527a2e3a3be9a4566a46ab4fd13f1c28

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /7784.ec5164938531ffe545a2.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-53b0"
expires: Wed, 18 Sep 2024 12:23:15 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13438
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M730sjor547iJcly3TbIyockHfC8BcLsKkSk%2BWinTY6yPeX2Peb1N0LkUwWKfNA0JjoUrXJb0jTq7aMhzO6DB251xDJZq7fTYxfyuqqLRQ07OHwctXQBej73AM97aMH%2BLLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2ae4fb50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/rlottie-wasm.f013598f1b2ba719f25e.js

172.67.136.17

200 OK

66 kB

URL GET HTTP/3
broadledger.net/rlottie-wasm.f013598f1b2ba719f25e.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (65591 bytes)
Hash
4441938ee433d3657c20d454d352a336
dd67121d7fda7c17be196f60c72dfa06bcb5bc6f
659bf63501a8054ef0eedda3dec466dbc1e9a1b2c4d5d59a285b005215e16679

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rlottie-wasm.f013598f1b2ba719f25e.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-10037"
expires: Wed, 18 Sep 2024 12:23:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cq1H2MvM7GgAXh59%2Bj6ymzn0bAy5MXsbLlkcJVZyCT65b63rav3Aapj6a1d94XH3%2BnU4qH2RaDxKartX3TVf2YNzWS4Xul14RpkzJPS8G9Jsz6yRrXtxKH%2F%2F%2Bz72huVvAtA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c31e90b50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/main.b563a1b1790456b66383.css

172.67.136.17

200 OK

107 kB

URL GET HTTP/3
broadledger.net/main.b563a1b1790456b66383.css
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type

Size
107 kB (106611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.b563a1b1790456b66383.css HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:09 GMT
content-type: text/css
last-modified: Sun, 11 Aug 2024 15:15:18 GMT
vary: Accept-Encoding
etag: W/"66b8d586-1a073"
expires: Wed, 18 Sep 2024 12:23:12 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awbBZ57IDHrQZMwjAt%2F2FxtOhcuE2kuisfUCpl%2FhKt9z0lRmJW02zMCzyAOm0vRZXOukMK3OA55mYe7VAiSVbOmJrASQTH%2Fu%2FQu1uHxPiz2GV6kmG9QdD8hbm%2FKjYfi2TJ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77ae9a5ab50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/favicon.svg

172.67.136.17

200 OK

892 B

URL GET HTTP/3
broadledger.net/favicon.svg
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
SVG Scalable Vector Graphics image
Size
892 B (892 bytes)
Hash
fbfd454715d8180275b32bd48770a483
0716abb57416f83cfad3e17ff830039c0607b313
788c238be3597ef42c549caff599bb84e584790f43f7d6013d6a1987264bdbe1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.svg HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:10 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Aug 2024 08:00:42 GMT
etag: W/"66c2fbaa-37c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ck1SPt2r2cqAZylH3PJqj5fLrc8g5P3VjYaJkceDNRC1ZF8DkuYoyvpkw9pdb2RcfGxMvHbmWR8iWuyzxYyq%2B5JyxbJKqDDzVH1pCe88CDNhXQVXWK2Le25k1k14V887wRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c4e77b17c32b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

broadledger.net/redirect.js?v=1

172.67.136.17

200 OK

407 B

URL GET HTTP/3
broadledger.net/redirect.js?v=1
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
ASCII text, with very long lines (439), with no line terminators
Size
407 B (407 bytes)
Hash
dc764c7a13c1485188bebd7c465e11e4
b7fd8a45fb6cc607aecfe98832247b39f8dc5223
0ddbbb164cd2e6a52d418e922d064395b4503fd2b49008081e1c8d7582cc9cb4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /redirect.js?v=1 HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:09 GMT
content-type: application/javascript
last-modified: Tue, 17 Sep 2024 10:43:20 GMT
etag: W/"66e95d48-197"
expires: Wed, 18 Sep 2024 12:23:12 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 13437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FqWukfTQwtf9TNFahKGN0R4pJOdJHpgffkBziBB4%2B0UO7JWm4Csxs4Tz4KIqdR5kFkBUvk%2FRXiNZ%2FcpwrckQtXtONYx9Yses4nXUoeTaDRPXPWb4i6rWUbuJXPaoajd9mY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c4e77ae9a55b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

broadledger.net/8074.2a21714739b00af37659.js

172.67.136.17

200 OK

8.4 kB

URL GET HTTP/3
broadledger.net/8074.2a21714739b00af37659.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (8568), with no line terminators
Size
8.4 kB (8401 bytes)
Hash
cf029d23efef8096e18b597928dadca1
c82cd6d236f5bf526a350ce60e9830cd78bd7eb4
f5b1ea8910be7e403c7c2149044bb7f2664878d8f27c7ea93c24821b8c02b188

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8074.2a21714739b00af37659.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-20d1"
expires: Wed, 18 Sep 2024 12:23:17 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13436
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4NZptTHrnDPySLj965z3wtia2xpZCRytjVQVnuV2M691IehuK08vM5DB1hCRNdTV9CcmmKAo8VlwdOpKKzvGIhc2LU%2F44DEHMApDGOD1UW4vykom2DNCz5pPnSNCRc2j0I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c27e3ab50f-OSL
alt-svc: h3=":443"; ma=86400

broadledger.net/9357.1f6836f2d95171420e95.js

172.67.136.17

200 OK

2.5 kB

URL GET HTTP/3
broadledger.net/9357.1f6836f2d95171420e95.js
IP
172.67.136.17:443
ASN
#13335 CLOUDFLARENET

Requested by
https://broadledger.net/8074.2a21714739b00af37659.js
Certificate
IssuerGoogle Trust Services
Subjectbroadledger.net
FingerprintE7:3F:6A:0C:95:14:4F:33:E7:3A:A2:8D:BD:C7:59:49:85:A9:21:9C
ValidityTue, 20 Aug 2024 06:44:09 GMT - Mon, 18 Nov 2024 06:44:08 GMT

File type
JavaScript source, ASCII text, with very long lines (2628), with no line terminators
Size
2.5 kB (2502 bytes)
Hash
f1e52bed22548c1f7e2fce0522cd4a82
41e036d1f96cfb47fb93fc121083185660cf1b86
27d08f1a88bf79a17d448203d046e206aa249bc86bd99cf67c4e88e6aef34255

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /9357.1f6836f2d95171420e95.js HTTP/1.1
Host: broadledger.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://broadledger.net/8074.2a21714739b00af37659.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 18 Sep 2024 04:07:13 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 08:00:38 GMT
vary: Accept-Encoding
etag: W/"66c2fba6-9c6"
expires: Wed, 18 Sep 2024 12:23:19 GMT
cache-control: max-age=43200
content-encoding: gzip
cf-cache-status: HIT
age: 13434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPOQWJrwORjmSf%2BnS4L4MUUm4hq%2BqdzTDS7PcXl%2B7fvQx6NB9ulNRIvoJFyLh193p8ADAiApdB7QeDAHvkOBdzz3LEXkw2t4zIU3Zqz%2B%2FN0ADCZEsvim8Rl%2BENiqmWFSCp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c4e77c2fe73b50f-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (39)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers