Report Overview
Visitedpublic
2026-02-11 17:29:26
Submit Tags
URL
ledger-wire.irssoftwares.com/
Finishing URL
ledger-wire.irssoftwares.com/
IP / ASN
91.92.241.15
Title
Ledger Live Dashboard
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
3
Threat Detection Systems
5
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
ledger-wire.irssoftwares.com 18 alert(s) on this Host | unknown | 2026-01-02 | 2026-02-11 | 2026-02-11 | 1.9 kB | 229 kB | 91.92.241.15 | |
api.ipify.org | 8166 | 2014-01-05 | 2014-10-06 | 2026-02-09 | 421 B | 271 B |  172.67.74.152 |  |
api.telegram.org | 206724 | 2003-12-15 | 2015-06-25 | 2026-02-06 | 1.1 kB | 1.3 kB |  149.154.166.110 |  |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Nginx:1.18.0 (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 172.67.74.152 | ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI | |
| low | Client IP | 149.154.166.110 | ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) | |
| low | Client IP | 149.154.166.110 | ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI) |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | ledger-wire.irssoftwares.com/assets/index-Cv3-HRmd.js | malware | Detects file containing Telegram Bot API |
| DigiCert UltraDNS | ledger-wire.irssoftwares.com | malicious | Sinkholed |
| OpenDNS | ledger-wire.irssoftwares.com | phishing | Phishing Block |
| Cloudflare DNS | ledger-wire.irssoftwares.com | malicious | Sinkholed |
| DNS4EU | ledger-wire.irssoftwares.com | malicious | Sinkholed |
Telegram Bot detected (1)
URL
ledger-wire.irssoftwares.com/assets/index-Cv3-HRmd.js
IP / ASN
91.92.241.15
Token
8408193667:AAEM29LnFybvRzXWicUrmWibj7Cujz1mVX8
Bot Overview
User ID8408193667
UsernameLed_MZN_bot
First Nameled_Mzn
Last NameN/A
Chat Info
Chat ID-1003387679645
Chat Typechannel
Titleled_MZN
User Count2
Admins2
Pending Msgs1
JavaScript (1)
No JavaScripts
HTTP Transactions (7)
| URL | IP | Response | Size |
|---|