{"report_id":"8a443715-2127-4da3-90f2-3cc16051fc5a","version":6,"status":"done","tags":[],"date":"2026-03-04T11:47:21Z","url":{"schema":"http","addr":"api.firstledger.net/","fqdn":"api.firstledger.net","domain":"firstledger.net","tld":"net"},"ip":{"addr":"3.14.205.149","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"about","addr":"about:neterror?e=netTimeout\u0026u=http%3A//api.firstledger.net/\u0026c=UTF-8\u0026d=The%20server%20at%20api.firstledger.net%20is%20taking%20too%20long%20to%20respond.","fqdn":"","domain":"","tld":""},"title":"Problem loading page","dom":{"size":7922,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (488)","md5":"71d4870ab6b7426241eb2c5e7f598461","sha1":"d2cb69c4173d860c04f871a67bed4b37f5cac260","sha256":"839755d588840d481f2e1cd066fe9f9b30472de230064182a84384dd2faee248","sha512":"c608840c1c602efc8816d507df4b78fc22895019b163d7da41b57cc00942f6d2c444a48a2f2c2654d42be0e01dde2b584106506b983a5e8b7e50976f0bd8d939","ssdeep":"96:rhfV0HLxtVfrp1LS8k45USz+45RaIkata89+RzydNAIl9+kex8KdRonI7B1g/M:r3Yvjp1LS8LUSZRa2b9wm7I98IT","tlshash":"b8f182a462fa1d2b818386ed38db7409be01d257d35c28e6bf6e05e10fc7d91980f19b","dom_hash":"domhash00ae9e3bca261b1ffff94c1aaedb777d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"api.firstledger.net/","fqdn":"api.firstledger.net","domain":"firstledger.net","tld":"net"},"ip":{"addr":"3.14.205.149","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T11:47:21Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.firstledger.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"api.firstledger.net","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-02-03","domain_rank":0,"first_seen":"2025-06-03T01:56:01.437871Z","last_seen":"2026-01-03T19:36:35.013744Z","alert_count":2,"request_count":2,"received_data":414,"sent_data":892,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"api.firstledger.net/","fqdn":"api.firstledger.net","domain":"firstledger.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T11:46:59.634Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: api.firstledger.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T13:49:31.916752Z","times_seen":13333799,"resource_available":true,"data":null}},"time_used":7470,"timings":{"blocked":7470,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.firstledger.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.firstledger.net/","fqdn":"api.firstledger.net","domain":"firstledger.net","tld":"net"},"ip":{"addr":"16.58.127.136","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T11:46:59.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.firstledger.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 16 May 2025 00:00:00 GMT","end":"Sun, 14 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3D:2A:3B:86:6E:9D:55:A7:6F:C3:E5:49:5A:39:C7:09:11:55:9E:64","sha256":"C7:66:1A:E9:DB:E1:C2:AF:08:98:A5:0A:EE:03:9B:62:66:43:A0:03:92:D6:7B:07:2F:D1:BB:D0:69:7F:AE:E9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: api.firstledger.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 04 Mar 2026 11:46:59 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 139\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":139,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"da7da7d630292e7a2a7dda8ca87b3d39","sha1":"a4cb76424dc44433a2df01fe8b0bbd836d15e970","sha256":"52c1e7a2c36be28c42455fe1572d7d7918c3180cad99a2b82daa2a38a7e7bb23","sha512":"9e717f9c6699b280436ca9be7107ba6301430d4def8311b963a266a5b3b91b2719687b04860509b6142fa24d629a3217bd450696559fe6d9dc8c60bccfd740ad","ssdeep":"","tlshash":"e3c02b9e100111410a3083003ec1329435973b9d24f285006b82f027ecd4617c8c7288","first_seen":"2023-04-05T13:34:15Z","last_seen":"2026-04-04T01:42:36.399257Z","times_seen":1910,"resource_available":true,"data":null}},"time_used":778,"timings":{"blocked":335,"dns":16,"connect":104,"send":0,"wait":107,"receive":1,"ssl":212},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"api.firstledger.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}