{"report_id":"8e52550f-b67a-46d5-b4e3-6b3f25ce1abb","version":0,"status":"done","tags":[],"date":"2026-06-20T13:45:53Z","url":{"schema":"http","addr":"ledger.com.ks.ua","fqdn":"ledger.com.ks.ua","domain":"com.ks.ua","tld":"ks.ua"},"ip":{"addr":"136.243.14.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"http","addr":"ledger.com.ks.ua/","fqdn":"ledger.com.ks.ua","domain":"com.ks.ua","tld":"ks.ua"},"title":"Ledger Wallet Crypto App — Independent Affiliate Review","dom":{"size":13626,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (359)","md5":"091483fb38097ebd536444d53bd226f9","sha1":"ae9826ab8caff5609ae2462e5592f56c59f92b8a","sha256":"41f358b824d861466fddad308545694f5e348530cf5ab3615fb9d962f75d213d","sha512":"b58066b370350893302536456d68df2f1b6f652230ceb5e7b08a25bb89f2b46f2c4a45011aa4d90522eac1aa966dcb84bac78ab69bfbe530aec2614f3baa4cb7","ssdeep":"384:nW0Cy+QgL7l6KI6acHBUrpjlPozO6m72RD:nWnL7l6X6acHBUrpjKO6829","tlshash":"18520773a1e151363127d2c076e827de7a20e493d81b4388b9ad429dcfc7ee35a53b48","dom_hash":"domhashfc464f0d189526af3d4646abb4a1666b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ledger.com.ks.ua","fqdn":"ledger.com.ks.ua","domain":"com.ks.ua","tld":"ks.ua"},"ip":{"addr":"136.243.14.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-25T13:45:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"play-lh.googleusercontent.com","ip":{"addr":"142.250.178.86","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":3758,"first_seen":"2019-09-30T06:57:53Z","last_seen":"2026-06-18T20:29:50.257643Z","alert_count":0,"request_count":5,"received_data":258657,"sent_data":3195,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ledger.com.ks.ua","ip":{"addr":"136.243.14.123","port":80,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2026-06-20","domain_rank":0,"first_seen":"2026-06-20T13:45:53.3596Z","last_seen":"2026-06-20T13:45:53.3596Z","alert_count":0,"request_count":3,"received_data":14121,"sent_data":1306,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"play-lh.googleusercontent.com/rj7Wx46RHPTJJbw4VWV2Qr7wgP1V6H2TjrAb4KPDLCIias10mMbc2uGxglBXOQIbLRl-bBuBJsuiYET_qRxGNg=w526-h296","fqdn":"play-lh.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.86","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ledger.com.ks.ua/","date":"2026-06-20T13:45:29.185Z","timestamp":1781963129185,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edgestatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:18 GMT","end":"Mon, 17 Aug 2026 08:36:17 GMT"},"fingerprint":{"sha1":"EA:A9:57:E7:4D:AB:CB:FA:8A:F9:27:C2:68:F5:EB:13:F9:9C:F8:67","sha256":"EE:E8:BE:E3:9D:16:79:90:5F:3F:23:DC:64:39:52:60:AA:80:6D:3F:50:4B:61:A5:FB:D1:FC:74:23:E4:24:A4"}}},"request":{"raw":"GET /rj7Wx46RHPTJJbw4VWV2Qr7wgP1V6H2TjrAb4KPDLCIias10mMbc2uGxglBXOQIbLRl-bBuBJsuiYET_qRxGNg=w526-h296 HTTP/1.1\r\nHost: play-lh.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ledger.com.ks.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/png\r\ncross-origin-resource-policy: cross-origin\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\netag: \"v1\"\r\nexpires: Sun, 21 Jun 2026 13:45:29 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnamed.png\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 20 Jun 2026 13:45:29 GMT\r\nserver: fife\r\ncontent-length: 35981\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":35981,"size_decoded":36523,"mime_type":"image/png","magic":"PNG image data, 166 x 296, 8-bit/color RGB, non-interlaced","md5":"fd53269bb4a2d59d29e60cbe4a3d107c","sha1":"e5119785736ddba0f134828bb405dfe78675bd7a","sha256":"0d96fc0e608a53409d0bb77e96c3a95fc09e1119a8d177f9d84e7547978cacc1","sha512":"372bbe4c16a201a2c9ccd2e15c22562f525d7b2f1b8fcb20d7aa8abe609ba7102cf4fd793f25a9cdfb49856e24e6c5edeab50e64c2cdddcea777cd23121b8a74","ssdeep":"768:hIgKWScZ6YRnGOLuVcPJodwCApLYRzFTV5rgsAyn7hZAYbKNLE5VHLWg:hIz6hRnvLu2PJodVWLGzFTV5gsAynvX5","tlshash":"1af2f1a68268eb6596a357bf7cf8d3dcbd6362eb6c8ed01a19010cb5480f06ce7d0056","first_seen":"2026-06-20T13:45:56.781457Z","last_seen":"2026-06-28T11:55:54.624146Z","times_seen":3,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":2,"connect":16,"send":0,"wait":41,"receive":23,"ssl":268},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ledger.com.ks.ua/favicon.ico","fqdn":"ledger.com.ks.ua","domain":"com.ks.ua","tld":"ks.ua"},"ip":{"addr":"136.243.14.123","port":80,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ledger.com.ks.ua/","date":"2026-06-20T13:45:29.203Z","timestamp":1781963129203,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: ledger.com.ks.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ledger.com.ks.ua/\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.20.2\r\nDate: Sat, 20 Jun 2026 13:45:29 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":209,"size_decoded":391,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"18ffb59b61525f781cf9251045be575d","sha1":"bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d","sha256":"b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642","sha512":"a032f853abd9492232e1183d1cb1d14110b623f2e9dec56b7b64dd576a0317dda8d51125763e11d6642433c5364b2bd10a994ee4f1514629a4950bbab3aba499","ssdeep":"","tlshash":"ebd0229ea083228f452321903ac211d2a54d23a6bc7a42e83c83a88a921893dc4ca29d","first_seen":"2023-04-05T03:16:16Z","last_seen":"2026-06-28T23:55:23.250176Z","times_seen":37371,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.com.ks.ua/","fqdn":"ledger.com.ks.ua","domain":"com.ks.ua","tld":"ks.ua"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T13:45:26.222Z","timestamp":1781963126222,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ledger.com.ks.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-29T00:32:18.388813Z","times_seen":16809459,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ledger.com.ks.ua/","fqdn":"ledger.com.ks.ua","domain":"com.ks.ua","tld":"ks.ua"},"ip":{"addr":"136.243.14.123","port":80,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T13:45:28.959Z","timestamp":1781963128959,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: ledger.com.ks.ua\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.2\r\nDate: Sat, 20 Jun 2026 13:45:29 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13575,"size_decoded":13730,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (359)","md5":"8af6ab1649a98ffd5975e49eee7beef2","sha1":"476065aa0fc5b7a556da22d6102fe7f0447ca38f","sha256":"b0b5d5766f70d62a2a0394bbb96e35bc294c5cc62d86a0fcbedb2fa575c457c1","sha512":"b127098027f6d47d37270f905d2bd7cf543031fe4f49e767adfe3936276b9ee4c160cfc8fa0218de25e89551dfd4387de223db352b9a1ddd8dcd03943600a27b","ssdeep":"384:NO0Cy+QgL7l4RI4+cmBUOpClPozO4v72Rn:NOnL7l4i4+cmBUOpCKO4j2B","tlshash":"5b520673a2e151363127e1c077e8179e7a70e493d81b4388b9ad425dcfc7ae35a53b88","first_seen":"2026-06-20T13:45:56.787622Z","last_seen":"2026-06-20T13:47:00.669628Z","times_seen":2,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":3,"connect":37,"send":0,"wait":45,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play-lh.googleusercontent.com/-59PvpvC2WLv4wYWOZOtFKRVD-35bZP17HeZT6Kwd_GZSVSuTEP6FBwdA91Aj81M0QK68k-JltAyaOFtMcqYVA=w526-h296","fqdn":"play-lh.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.86","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ledger.com.ks.ua/","date":"2026-06-20T13:45:29.178Z","timestamp":1781963129178,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edgestatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:18 GMT","end":"Mon, 17 Aug 2026 08:36:17 GMT"},"fingerprint":{"sha1":"EA:A9:57:E7:4D:AB:CB:FA:8A:F9:27:C2:68:F5:EB:13:F9:9C:F8:67","sha256":"EE:E8:BE:E3:9D:16:79:90:5F:3F:23:DC:64:39:52:60:AA:80:6D:3F:50:4B:61:A5:FB:D1:FC:74:23:E4:24:A4"}}},"request":{"raw":"GET /-59PvpvC2WLv4wYWOZOtFKRVD-35bZP17HeZT6Kwd_GZSVSuTEP6FBwdA91Aj81M0QK68k-JltAyaOFtMcqYVA=w526-h296 HTTP/1.1\r\nHost: play-lh.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ledger.com.ks.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncross-origin-resource-policy: cross-origin\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\netag: \"v1\"\r\nexpires: Sun, 21 Jun 2026 13:45:29 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnamed.png\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 20 Jun 2026 13:45:29 GMT\r\nserver: fife\r\ncontent-length: 92632\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":92632,"size_decoded":93194,"mime_type":"image/png","magic":"PNG image data, 166 x 296, 8-bit/color RGBA, non-interlaced","md5":"62813e2ef9294b76acda046546b67b8a","sha1":"8969422af0495025fd9f1950fcfcc1cd14cd454d","sha256":"8cfe62783cb3cce9319b9d347b241f55e4a23bc02f8b00cd96cfafd8b152199b","sha512":"c7c52b2f4fc9255480a29ea3bcba1971fc35b431f72fd7e7dbb1edb9c07b6176b6293f6c43cbd9c87426a5edadef6850eed7b502bae4021cf6800c5960d0ba07","ssdeep":"1536:9EcMkC54sWFWnGxbzkj2jg/iMviYoLKwtmZ92qL2vdTZGuc:9ua4Azk1Nv7OTtBqa/c","tlshash":"519312f3d0c02c7609b13a8d1d975a562b747fc25f03a4ad3476aa2e63fd086f16538a","first_seen":"2026-06-20T13:45:56.790272Z","last_seen":"2026-06-28T11:55:54.621955Z","times_seen":3,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":2,"connect":15,"send":0,"wait":156,"receive":31,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play-lh.googleusercontent.com/JohkNh0NquAS5tnsGZUOXXgcJcSg_qdgOmyVouOpkkPDdajb1K99P3WXaNjCgNuhchz8KC75qh2caskMzHt41A=w526-h296","fqdn":"play-lh.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.86","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ledger.com.ks.ua/","date":"2026-06-20T13:45:29.182Z","timestamp":1781963129182,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edgestatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:18 GMT","end":"Mon, 17 Aug 2026 08:36:17 GMT"},"fingerprint":{"sha1":"EA:A9:57:E7:4D:AB:CB:FA:8A:F9:27:C2:68:F5:EB:13:F9:9C:F8:67","sha256":"EE:E8:BE:E3:9D:16:79:90:5F:3F:23:DC:64:39:52:60:AA:80:6D:3F:50:4B:61:A5:FB:D1:FC:74:23:E4:24:A4"}}},"request":{"raw":"GET /JohkNh0NquAS5tnsGZUOXXgcJcSg_qdgOmyVouOpkkPDdajb1K99P3WXaNjCgNuhchz8KC75qh2caskMzHt41A=w526-h296 HTTP/1.1\r\nHost: play-lh.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ledger.com.ks.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/png\r\ncross-origin-resource-policy: cross-origin\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\netag: \"v1\"\r\nexpires: Sun, 21 Jun 2026 13:45:29 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnamed.png\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 20 Jun 2026 13:45:29 GMT\r\nserver: fife\r\ncontent-length: 49892\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":49892,"size_decoded":50434,"mime_type":"image/png","magic":"PNG image data, 166 x 296, 8-bit/color RGB, non-interlaced","md5":"5a7f045f1ec4b385e896c0c8c3b9e773","sha1":"63c83608f7461bf674d3b9971779a4bf150ca7df","sha256":"145ef54d5fddd3321aa1b6d85fd59234a635a70c96f39de82e5f8287c5247dc6","sha512":"0119eebf5eeb40a735ac10742b173494efbf060f0b2d658ea9362f9eb9f66b047dda351a0724222f41d2b72616518c521b79576e9aea8af8653cc488479a3891","ssdeep":"1536:BSu7oKEH+B8+/jdfnwTtB497Ml3Q3BjGpm9:b7mHd+/jdKtBE7Mlg3lGg9","tlshash":"1d23f15dd2db42bfa92db70a21b8e55809fc8cec61c10169e95bd7acc4742a76c3d2a0","first_seen":"2026-06-20T13:45:56.792789Z","last_seen":"2026-06-28T11:55:54.62264Z","times_seen":3,"resource_available":false,"data":null}},"time_used":703,"timings":{"blocked":-1,"dns":2,"connect":16,"send":0,"wait":395,"receive":21,"ssl":266},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play-lh.googleusercontent.com/0T3GrFX4MJCy-M08qu3cAhpoxqxNiu_O4PWR6rTcAzRfv9TvumbaZCkwYk4cRBtSYsOFCrHbKZiJCXrqb0ZeUQ=w526-h296","fqdn":"play-lh.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.86","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ledger.com.ks.ua/","date":"2026-06-20T13:45:29.183Z","timestamp":1781963129183,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edgestatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:18 GMT","end":"Mon, 17 Aug 2026 08:36:17 GMT"},"fingerprint":{"sha1":"EA:A9:57:E7:4D:AB:CB:FA:8A:F9:27:C2:68:F5:EB:13:F9:9C:F8:67","sha256":"EE:E8:BE:E3:9D:16:79:90:5F:3F:23:DC:64:39:52:60:AA:80:6D:3F:50:4B:61:A5:FB:D1:FC:74:23:E4:24:A4"}}},"request":{"raw":"GET /0T3GrFX4MJCy-M08qu3cAhpoxqxNiu_O4PWR6rTcAzRfv9TvumbaZCkwYk4cRBtSYsOFCrHbKZiJCXrqb0ZeUQ=w526-h296 HTTP/1.1\r\nHost: play-lh.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ledger.com.ks.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: image/png\r\ncross-origin-resource-policy: cross-origin\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\netag: \"v1\"\r\nexpires: Sun, 21 Jun 2026 13:45:29 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnamed.png\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 20 Jun 2026 13:45:29 GMT\r\nserver: fife\r\ncontent-length: 44509\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":44509,"size_decoded":45051,"mime_type":"image/png","magic":"PNG image data, 166 x 296, 8-bit/color RGB, non-interlaced","md5":"c89d24a614058ddf559b39a218312541","sha1":"abb89ceae51938e00f0633cd66712a1f3c5d77b1","sha256":"d4f8f1a7876cab39c147c122ff7cdedcdd47b0c49cdd4cf92018ecea160e956e","sha512":"fbbb3685680eec53dd569319a25c74587298d6fbb1fd38fef5a88d416c0b17c4f338b8bd9bd629584a074eec8fafdc40ea9cf63240dd9c2dd2b1b5480cc7fd74","ssdeep":"768:IRYB/qGC1vdh4I1xvPKsveCECFWdFsKtnIdwYzlhm9x+K0VeRKwV4Vj:ITGC3hf8sGCZF0mKtnPYz3m9YktV4J","tlshash":"bc130286bb9a643fc9ba4b52c6e45f8240fd730ce3a534744c279c7aa4448c67452d7c","first_seen":"2026-06-20T13:45:56.79548Z","last_seen":"2026-06-28T11:55:54.623454Z","times_seen":3,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":2,"connect":16,"send":0,"wait":285,"receive":36,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"play-lh.googleusercontent.com/tuSbqEt4rgzpGM3M0m2pUAhBEcO40vkHBadGKTMLlMIdtUDDi026S_xRV-7_xFzkgJGjbwtX4VB-9YkI02fe2g=w526-h296","fqdn":"play-lh.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.178.86","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://ledger.com.ks.ua/","date":"2026-06-20T13:45:29.184Z","timestamp":1781963129184,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edgestatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:18 GMT","end":"Mon, 17 Aug 2026 08:36:17 GMT"},"fingerprint":{"sha1":"EA:A9:57:E7:4D:AB:CB:FA:8A:F9:27:C2:68:F5:EB:13:F9:9C:F8:67","sha256":"EE:E8:BE:E3:9D:16:79:90:5F:3F:23:DC:64:39:52:60:AA:80:6D:3F:50:4B:61:A5:FB:D1:FC:74:23:E4:24:A4"}}},"request":{"raw":"GET /tuSbqEt4rgzpGM3M0m2pUAhBEcO40vkHBadGKTMLlMIdtUDDi026S_xRV-7_xFzkgJGjbwtX4VB-9YkI02fe2g=w526-h296 HTTP/1.1\r\nHost: play-lh.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://ledger.com.ks.ua/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/png\r\ncross-origin-resource-policy: cross-origin\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\netag: \"v1\"\r\nexpires: Sun, 21 Jun 2026 13:45:29 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnamed.png\"\r\nx-content-type-options: nosniff\r\ndate: Sat, 20 Jun 2026 13:45:29 GMT\r\nserver: fife\r\ncontent-length: 32893\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":32893,"size_decoded":33455,"mime_type":"image/png","magic":"PNG image data, 166 x 296, 8-bit/color RGB, non-interlaced","md5":"ec695406af2454322a07c87c878fb739","sha1":"a63435132bd73cf7a9aa143d745b21ad27df44f6","sha256":"89970fdcc5db09f0b4e5bae15626428f9aeb2bf38383d046016b182685a51d3a","sha512":"927c503c0582f80758b1b23a94c320032b5a5451965ff3c0237fb14008bed3bfd8c62f27b80437ad714889c5a521cfe7e6498417f43471ec09306ab26f032e3e","ssdeep":"768:Uviypql0O+DnigEBVjZjDuNg10kWXxt6dibs9DTaInJ:UvrpNOmPEBLvuNAabsE4J","tlshash":"8be2f1c6f7589e63dc9bb8a08cbf60576a021d01e97bb4583d0973e9471aa05c3f1b81","first_seen":"2026-06-20T13:45:56.797627Z","last_seen":"2026-06-28T11:55:54.63004Z","times_seen":3,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":-1,"dns":2,"connect":16,"send":0,"wait":265,"receive":4,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}