{"report_id":"ecc1e48f-447b-4db7-937d-2820c22c4970","version":6,"status":"done","tags":[],"date":"2026-04-19T15:57:04Z","url":{"schema":"http","addr":"ledger.xzbya.com","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.212","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"ledger.xzbya.com/","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"title":"Ledger Live 管理 加密货币钱包应用程序 | Ledger","dom":{"size":151430,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2442)","md5":"d202efe4b382ed2889784340dc5432c9","sha1":"47a01155a982ea15f86dc944b71436cf7b21ce74","sha256":"9f2fb8e2f699743ca077767a8d685d81e25d072f5be599cd28ba0127cea50adb","sha512":"5509268aebd37b3a26c99660209b8a65e9ef32a784d3fee7cc436dd50084ee2e723a6863643a3e202092e9f2a059254e200b22ad3fd6f11553c51308132028ed","ssdeep":"768:Zc/lTh7Ij1hAxcaTKw+rI+rH6M5J3/ToGXv0psim8kQsVxmzFH2tltctnwcOMCrg:Z9r4MD/3Xv0pbm8oxs1wbDw","tlshash":"4ce3e771a1f085a72043c791e776362a7fb9e093ca4ade84b2ec97d49f92cd18d0791c","dom_hash":"domhash3419f2408ebe6216c46490d5088137fb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ledger.xzbya.com","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.212","port":0,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-24T15:57:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-19T15:56:42Z","timestamp":1776614202,"ip_dst":{"addr":"Client IP","port":36924,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"severity":"medium","alert":"ET DROP Spamhaus DROP Listed Traffic Inbound group 26","source":"{\"timestamp\":\"2026-04-19T15:56:42.062030+0000\",\"flow_id\":1890352465798850,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"143.92.39.211\",\"src_port\":443,\"dest_ip\":\"172.18.0.23\",\"dest_port\":36924,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.Evil\",\"ET.DROPIP\"]},\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2400025,\"rev\":4421,\"signature\":\"ET DROP Spamhaus DROP Listed Traffic Inbound group 26\",\"category\":\"Misc Attack\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Any\"],\"created_at\":[\"2010_12_30\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Minor\"],\"tag\":[\"Dshield\"],\"updated_at\":[\"2025_08_01\"]}},\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":1,\"bytes_toserver\":74,\"bytes_toclient\":74,\"start\":\"2026-04-19T15:56:41.812738+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"op.zzneg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ledger.xzbya.com","ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":97,"request_count":97,"received_data":6359657,"sent_data":44617,"comment":"","tags":null,"fingerprints":[{"name":"Yoast SEO:26.1.1","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"ledger-wp-website-s3-prd.ledger.com","ip":{"addr":"104.18.34.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1994-09-19","domain_rank":4505517,"first_seen":"2024-08-20T20:24:25Z","last_seen":"2026-04-18T06:18:19.329159Z","alert_count":0,"request_count":2,"received_data":3029,"sent_data":960,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-12T22:16:45.621325Z","alert_count":0,"request_count":3,"received_data":148101,"sent_data":1668,"comment":"","tags":null,"fingerprints":null},{"fqdn":"use.typekit.net","ip":{"addr":"23.36.77.81","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2010-08-02","domain_rank":4054,"first_seen":"2012-07-05T01:42:39Z","last_seen":"2026-04-13T01:27:30.478152Z","alert_count":0,"request_count":1,"received_data":3654,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"op.zzneg.com","ip":{"addr":"154.211.71.141","port":443,"asn":399077,"as":"TERAEXCH","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-05T00:42:53.986867Z","last_seen":"2026-04-05T00:42:53.986867Z","alert_count":1,"request_count":1,"received_data":27136,"sent_data":424,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-12T22:20:19.752051Z","alert_count":0,"request_count":1,"received_data":23429,"sent_data":495,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"p.typekit.net","ip":{"addr":"23.36.77.57","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2010-08-02","domain_rank":4638,"first_seen":"2012-05-23T14:28:57Z","last_seen":"2026-04-13T00:03:42.661136Z","alert_count":0,"request_count":1,"received_data":340,"sent_data":491,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/events.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9b0756e647dadaf8f6eb3aeb3f2abab","sha1":"3b414c42da139787f751e1ed34b7d3a4d9d4fc79","sha256":"30c1a5b30865a4972945e10a4f1b3b9c71300d07f710dd4524839585a91a5784","sha512":"6bf2f733622575d8f291119c6248f4711cc50e62b5afd881c514d5e71e66cc49dda6e5661af96c4ff906eeb9c1dc4d6430d4cf87f1731dd40e7145470f2d8186","ssdeep":"192:zIvn1Zkc0IOnqXfveYqilYS+A1UxzSj/D13vw6DeF73NfgC:okc0IOqKQ4/79fgC","tlshash":"921201be0515548fd1e48e53631a6a0299bd287fc020b6c5a3bac398357f52743ebb0e","size":9031,"data":"","first_seen":"2026-03-30T14:47:15.698214Z","last_seen":"2026-04-19T15:57:19.51929Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/zcpt.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"e432714e140fa19bf955e79743398c0c","sha1":"fdf73e454552a77bce1f6bc5d95a6f0cc20065ea","sha256":"191dafdb471b63abc2ce04277f21ff4eedb752d40c4b1b1491ff3b0f96aafb2d","sha512":"527cc814d14c63d4d3212e09a05e8a7257c94ae1020364fe478a86d802bd985399ed7416753d76c30be1c03356f6a3bf152b2bc63af1186468926cc2516b6ad8","ssdeep":"384:g7Mhaj+k/mKd6B0r2xNYCpNCVfIbVcSBND2NUErVc6mmEeN96zX8xXrOA1q:8Mhaj7/mXxHpIVfEc4NU5c5ghxXxo","tlshash":"cbb294cdbad9b1b803e364b1453f2a0ab33e2a19284d8094a151d5e13db9e4f5733fb5","size":24276,"data":"","first_seen":"2026-03-30T14:47:15.610108Z","last_seen":"2026-04-19T15:57:19.489251Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/A3238801-f82b-4109-932d-bf396d31cc2d1.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d586176ab46ead9262fdcc4d1996c70","sha1":"14d96c6c9ed3f60a431eea94f7e7515943751371","sha256":"10e0266eac8cb51b1a73e7e38aceb722f28d157a8b49dd9f0967bca2c90a8457","sha512":"65010a87f6b83d0c4d49e282ddb534f3ddb036029c7064700e97fc219ee8b87f8163970906077bd879938f71075383f27bf010cd7970478423900e62219dc6b5","ssdeep":"768:+MCyCh6YMhqIBCQYQXS+ZP2jXtG48i9eXCg3k/W/:+yCfTK9ZP2jXti3D0q","tlshash":"702308cd7ed2706a4f63b0e4042f6049717b1e513cfdaad1c292e5986c78a8d4163fad","size":47300,"data":"","first_seen":"2025-06-21T10:40:41.933101Z","last_seen":"2026-04-19T15:57:19.499373Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/pixel.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb14bcfa4187fe74e1313ae206093ff7","sha1":"886a2f0ba365fd0671378a010ddfff0fd736eb46","sha256":"da56228570704e43f5b3f0cf89d88ff2e4fb302aa9eb246f258c42ff6df86143","sha512":"0793c0b2d58fe421de7d1677fba44681e3674f2436d534d84b738001a16d27787133a6acafe6c18c5bc8a8d6938e363f3a639a9c2cd674fac9c7378d167875fb","ssdeep":"1536:2jR2XUSQvo3Kvo3lvo3RibBhwxkhfwiEEvo3MYv:2jRw7KRiPwiEFR","tlshash":"3d83e78cb2c3f06653a72961513f500bf23a3956bc8e8151d669d4e1bcb898f9237f2d","size":84141,"data":"","first_seen":"2025-10-08T20:43:11.268474Z","last_seen":"2026-04-19T15:57:19.504015Z","times_seen":2242,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/main.MTE0NjY3MDc0MQ.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"b48fae4409f3fe7eda4acd4771638f41","sha1":"071b424e3df93969eed20ecfe7c5cecb6c6df552","sha256":"be1a10cba34f01406ecf1e35fcf05d38753b197802eff086d20eaf009dfb6fb4","sha512":"b18dce376f582f23aa49ddbeefa897392e4c41f5df8ae1282f8a45564b2b2277fbc6b8b4f0736d92e8a16cda42c004ea1b838af290a62f9440227a305d444c64","ssdeep":"3072:Vv+OY39P9XDmNV8/Iix4lMPLV8j8XdDBmsBqe1O4hH1g/fOjN5eAxQXjTzuPew4h:tu9dQC/P4lMPagsCCWjN5eC0u4UtARmm","tlshash":"4f94eac9f2d6f02503e36261942f110bf23b6a59b44ec498e265e4d1bcb858bd127fbd","size":442009,"data":"","first_seen":"2025-10-02T22:06:42.277493Z","last_seen":"2026-04-19T15:57:19.52079Z","times_seen":314,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-19T22:00:06.075627Z","times_seen":727122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"op.zzneg.com/pixel/vlggcix4psJE28O3","fqdn":"op.zzneg.com","domain":"zzneg.com","tld":"com"},"ip":{"addr":"154.211.71.141","port":443,"asn":399077,"as":"TERAEXCH","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"91a129dd3a1616f62a414194c0e574c4","sha1":"62f7c7bf96a6e2c2cc7ed4b632739b12fdc15c5a","sha256":"4ff6fccbcc8fecf9aaef1ad9328a2fb939f4b0793c4b82a70ce75f06b6ead616","sha512":"c169245ab091898ee30dda314c43da77f748c5f391bcb2a342945800931cb35da0484b77d5f80a7b48582f3f27de03a7a8809b46ca157c8b8f59a0b0cdac9c37","ssdeep":"384:pbpvD2A4JyZEUWjo2a8zRyAorY9jgh8niXPpZR+kXrrM5N:nD2A42qk2a8dorZBFrrW","tlshash":"b5c293595be61233515b6b6e7baeb080f137d15f36841a08bd4c0e802f49b7da2e0bf4","size":26861,"data":"","first_seen":"2026-04-19T15:57:19.487842Z","last_seen":"2026-04-19T15:57:19.487842Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"eeab06c71f63e6bd621c830e521e6b6c","sha1":"60d6fa758ffdfd0cb876d659863f3f1839e2e066","sha256":"bac68d6838d8689935de9289dfe65272ce1bc4412c519f89384eb54d319aa4c6","sha512":"40b32ed7807eb32b9719e4845f43588e76ecebf498f8a0f8d41dddaa81add2e05cdd88991a3f78f54ed6b57c0a36aba290214d5ed3a675366805065a58b1c372","ssdeep":"","tlshash":"979002054d508a3d48da1ac752d947c565901c9ee849205500a5a90919409d5a6606d5","size":57,"data":"","first_seen":"2023-03-10T12:47:25Z","last_seen":"2026-04-19T15:57:19.521921Z","times_seen":225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/237213137153741","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"84662f7a44e4cf921b5c94cfe3bd2e1e","sha1":"95a4505d7de4bf58364c9cfb395af0b079177b59","sha256":"88c8d74afcdb9f90b2058ef3f3b2eacb84b9a5afc02867db35ad787d45020dc8","sha512":"fe7c8eb348fee8e4aeeb72152d594fb0feed03abbb45360143aa45f9015415017e6743034698206fe19995aa94f9025e0b0fcbc524ac17a9fb86b658337b4fa2","ssdeep":"3072:RT4h73Xb51u2K2hv5+JEclRZ9D7etimuZ:Rkh7nb51u2KUv5+JEclRZ9D7C38","tlshash":"f6c3a685b1d1b06382b6b969a67f410b75f999a3b0c4c920d58cdcc43fa90f94173fab","size":126147,"data":"","first_seen":"2026-03-30T14:47:15.594476Z","last_seen":"2026-04-19T15:57:19.502653Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/scevent.min.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d84829ccef6d698ac34e345706303efd","sha1":"abbc641fc35a435deda02f1691a325f05e324862","sha256":"8453f0141197fff21afdc7480eccebff81d400131cf65d1155c3e21a9543a556","sha512":"66f93308b3b4cdc42c42ed1a962ed7dd5abd371e7f4759cd3343248003a8824d7329608a343b552c1604afe4e7fc8ca7d1f059aa64e65752c4da20b4e653d021","ssdeep":"1536:lBuR4naj0tzuODUxNtfM7Ohw3qve1sToVUF8/HxCkeAeYN:juMbUxNbh3fAea","tlshash":"e543d78df3aaf02103973476497f541be37bba646c0b8650c126e5883d7c69ea237d9c","size":57668,"data":"","first_seen":"2025-10-09T21:15:27.826598Z","last_seen":"2026-04-19T15:57:19.422902Z","times_seen":541,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/js","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"8dc30876ed3522b21b1364aad598e2a8","sha1":"8142bbe93f990d9dd35167407422ec23b32eb26f","sha256":"d4496b98263014272b4211f33b62d0f2778aec07869c34a4fa733ce47f9f0a8f","sha512":"8d7e94cf0791c5c59e46551265287c858aa2e54046a66da103000fbb302f0ee0d84447ad9d094ab134e67ab7d38a47c1c029a0c079db0ab2a49cb3ae1aa97caf","ssdeep":"6144:FBM/yp2RUtk0uwbWF5JQk+Nju5204OAN9JdXA/8:75YWm0KzJW0ej","tlshash":"34a4099e73d674225396f078502f01cba97b28a2b45cc8aaf1c9cdf12d7469a4127f7c","size":464359,"data":"","first_seen":"2026-03-30T14:47:15.573547Z","last_seen":"2026-04-19T15:57:19.439731Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/gtm.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"72425a82bafe6be02d3f5cb7270dbefd","sha1":"62da2bb49a120b3e4292fd9ffe014aa01f4bbe98","sha256":"3287cf077206d5da88e0103a3e37b3df71ce15f297d8eda00d7480a27445cea7","sha512":"cb861f82b2860b8a697ae9d50d65162ccc7e076f6fec4aa200f040bac3e07df29733742144bb9f6d3785c88afa662b23fdade251349df7f38407004424794164","ssdeep":"6144:ckvL21r5v/LpHWhk0uwbWFiJQk+Nju5204OQl7Nmypts:vL21rFMC0KIJW0qmz","tlshash":"02c42bceb3c674758396a424543f018e693f24e2b54c9895f0d9cce42e746ba2163fbe","size":571297,"data":"","first_seen":"2026-03-30T14:47:15.567013Z","last_seen":"2026-04-19T15:57:19.479488Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ytc.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"cca96295b6201a4ce80988bdae868775","sha1":"bde2df3c3022bb932b0cf39d2e8fc5f622d6cd16","sha256":"de25ff38288676dc79292a95d410944c2045e6e09c5e4563c40d08c615a20c54","sha512":"5f20765f1e840973ed1f3a3cc3d290dd0c1a36abcebb9699e74c34aec9d903da67bb83635ba33871e65a68b7958f7f172bbaadcf1b8aa00d90ec38805a60df4d","ssdeep":"384:s40C/yFxBacZb9QInrzOZVRjR8rSxnkhNgyyS82Xo44P:VuBacZqIXOvRHkrPyW8","tlshash":"7c92c989f7d5f0a503e3a1b1613fa90a7279192c1c6e9560b112dbc43c7cacb9223e7d","size":19829,"data":"","first_seen":"2025-02-10T19:17:35.519869Z","last_seen":"2026-04-19T21:15:56.284609Z","times_seen":34973,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"8fb1b64ad57f69f8f37156c11ff12a03","sha1":"14f87a2d48b767fa08f0c29fe193826a23edc17c","sha256":"c3cf1cc0f3f78af0f455bd46a42e17d2c5b6ea3739dfd269e436f4e17d0303cb","sha512":"706a1067aef0a4b5a7d19cb3c872cb293646b7b5792b47b5ec3323b6ba46795ced28693864a4508d600cc9f18aa97b265d3eb864d610a177138c9621bf99a398","ssdeep":"","tlshash":"04415c6e70e148244137b1390f6f820c752a10672489dd78bf5d87706f65a2797f77c9","size":2155,"data":"","first_seen":"2024-12-10T16:50:02.996597Z","last_seen":"2026-04-19T15:57:19.522612Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/identify_4e6f0095.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c2d6fd948198c24ce9dcd25751e9663","sha1":"1cd2bf39730788764a4456b06298cc07d8ebda30","sha256":"f01b82daeb7f9668082e10f62b4bb8efe99d7bdf6e6765083f0fa2858b77d26f","sha512":"8c71abd8f57f3723eeff43a133ad8082884821142972b26580092d5c523bd4e64061b677a7569f7cd35a5c6fd18ecd551e2cbe811d3de5bf339409052ae3f376","ssdeep":"3072:RFISBOU03o4PwjhIBVT39uwZCsJLErU0iAh:P7BXhKVT8wZlLaU0b","tlshash":"64e3a7b77a40bb2771b13b088e1ae28fafdc9c56dc48908c97e7c8db5c60921607d759","size":155449,"data":"","first_seen":"2025-10-02T05:33:12.239883Z","last_seen":"2026-04-19T15:57:19.523344Z","times_seen":585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/teads-fellow.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"1406350af50007678740e07934ca5539","sha1":"da1bb5998df12a667f0f57fd67ed8a7c80af1bff","sha256":"7189ffd22c444beec2e717742d6dc3728e4afd69fff9dcd8ea800f16ff17c137","sha512":"91c73ed8cfb29c63da2e99f126b87ff20424703eb7bd5e6be357338be623dddef128bb368d2905c2ca4e66de7e1edefd9874ea231b00decc98b5639277925a90","ssdeep":"768:uPHRQhDA7I6qNSla4az5hIpjDFE4VY6K6Lg9pi2He5vcHWFWcgQ6N2KPfeEZdc:upfkAla4azvIpjD64VVTvjEg","tlshash":"b0e2c9897995f47816b76065833bb310b32937213849d450a32eec943b15e9bf1a3fed","size":32934,"data":"","first_seen":"2026-03-30T14:47:15.613068Z","last_seen":"2026-04-19T15:57:19.468965Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/fbevents.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ac58ebfed5ec22986ad71ea6e0578f8","sha1":"59e782696ca21fc17822e5b8f924047936c98f27","sha256":"27da9cf46700841a6def729f7474a08b0bb40d58a4abd9f04a0b845fa38b11f7","sha512":"00263dc471be050ff2e01a5ce536de783a1d3f514ffe4611dd94e98b721132580a2bcfcdee2be2198473891a6adc234e47a669c90f6f4a7a71d3561d60cc344a","ssdeep":"6144:RZLeu8xwDkLBTrbEJixLNaZgVOvw6Kia3ZY/ncQfNvQ:NgLUVNvQ","tlshash":"0e64b98975d1b09247b678ac926f4007b1bb99e6b0c8c930d59dedc43e784ed5033faa","size":329460,"data":"","first_seen":"2025-10-10T22:03:20.956818Z","last_seen":"2026-04-19T15:57:19.440421Z","times_seen":2736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/30433690750.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac5925e362904bffe0a911b3cb687a63","sha1":"6f16b5c9eb3cd999863066d695d2ff01fe852f97","sha256":"ec54b4a710a3c225e40f1dd17f1b8fad1bc8a886a11ffb0751097e40abb4d084","sha512":"5d8c096fa668f3fa81bf642670eb82ed6eef44749d0825c05e8292686337f32795d413596f4c9af387382fd049290e9e68a7726587b3c464c8db12562908b63a","ssdeep":"6144:EA9Yim4aAVELV9TqobhSrGOsPLS1VI9iLm:EYc799WJGxGk","tlshash":"5454089c75c1703707a370a4542f500aa23b6996a8dca0a4fa56f9d53d3d98ea337f3c","size":288593,"data":"","first_seen":"2025-08-11T22:43:56.647578Z","last_seen":"2026-04-19T15:57:19.481995Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/main.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"7b90093807953532f3fdfb8f3e5b9c87","sha1":"e49fae395e8f5207e7db6c69f8360a0af0a582a8","sha256":"00ed171e672008f342169f1c9d4f5e748bb3f6f6df556ed6c1052660092f1594","sha512":"22a27039081f71ffc9b1b55960e3d3b50c0bd4a7499c3b771878291ad8c7d0609c4a4c61ea67ef36bdf1f3689528d509725fbc954593cdcc8035876f3a555bda","ssdeep":"192:VaqUQRTkk750how73yRqWDBJA5bI78i7k:c/Ekk7lcAA5O8X","tlshash":"0ff1a666b61864fe01fb62a3f17f3370323b1557fb9144941426d4a62dace9802b3fda","size":7548,"data":"","first_seen":"2025-06-21T14:06:44.311309Z","last_seen":"2026-04-19T15:57:19.511657Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/language.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"325912ad023c3761ba77a58c3ed6c962","sha1":"6ba2a9df348553109c5145e39e471b47b6d9a103","sha256":"e02fc6ccd35d37cf28a5ebbe3f655cc69524bebe740826bc8513e40c96a3993b","sha512":"f45597afa496c35e5dbb5d0658519975e0579ff2bbc27c80b48b3958c326d6fefc53b0d9eb3c41ee79ad01a448228604819ed761aebfb59200238e04e1dd26f2","ssdeep":"96:ttd6zr95qnps9DCpZCLuXLDU4Dpvspi52TCJvhXS:ttEzp5OpACpZ3X/ZDpvspi5ewc","tlshash":"46b1b6ed31c0f432069711b2503f760ff1791a65a85df8448225ecf4a8b9d9b42b6f6b","size":5243,"data":"","first_seen":"2025-06-21T14:06:44.355463Z","last_seen":"2026-04-19T15:57:19.493539Z","times_seen":99,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/otBannerSdk.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ecc3e562bffb3a0279c708d980e164e","sha1":"21e09375a078200ee860c6cabffd3ee791c8cb6d","sha256":"ea345fff49064976d477cba358fa7a9b7d44fe3f2603ece439ec7cceca25b0ae","sha512":"d91bbf4d5c9754e559f4f35031b56399e43bd38b695ea2e56e5466329e46b7fd93549d1fc9faa228341b0d20bdcd762936c691776b6ca3cc2e4ce7198c54e154","ssdeep":"6144:3/o0pPx/UGE7q2E0jUzj2AfBldf9u6IRbPcqY2JTb+hjHC:3XPx/UGE7q2wjIRLJTC8","tlshash":"b8a4088d75a0753547e752b8c02b514aba3574adac85806cb40cc5f90ff9f821aa3fbb","size":471790,"data":"","first_seen":"2024-11-28T09:59:39.249996Z","last_seen":"2026-04-19T15:57:19.524585Z","times_seen":3108,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ytc.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"cca96295b6201a4ce80988bdae868775","sha1":"bde2df3c3022bb932b0cf39d2e8fc5f622d6cd16","sha256":"de25ff38288676dc79292a95d410944c2045e6e09c5e4563c40d08c615a20c54","sha512":"5f20765f1e840973ed1f3a3cc3d290dd0c1a36abcebb9699e74c34aec9d903da67bb83635ba33871e65a68b7958f7f172bbaadcf1b8aa00d90ec38805a60df4d","ssdeep":"384:s40C/yFxBacZb9QInrzOZVRjR8rSxnkhNgyyS82Xo44P:VuBacZqIXOvRHkrPyW8","tlshash":"7c92c989f7d5f0a503e3a1b1613fa90a7279192c1c6e9560b112dbc43c7cacb9223e7d","size":19829,"data":"","first_seen":"2025-02-10T19:17:35.519869Z","last_seen":"2026-04-19T21:15:56.284609Z","times_seen":34973,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/uwt.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"76a4a1b90eaf763f4a6ebf05f1de741a","sha1":"5d649fb6036d2c97cd1b189b93ab01329605584f","sha256":"15ac7c79df675a4e07c8f59b54ed2d978cbebe6af18372265677cd46b95365fb","sha512":"37e371f4defe0cb39f231805c200954f72f3f83b26427a083c49f807ef4615af7bc661f4a79902c57fb98079b523eca37ae927f909283ecd958bedf9cd24644a","ssdeep":"1536:buo99dwkLYPs/lEGF94zSnnJpSFD8No5/g:buQdwpslF94zSnnJpSFDZ5/g","tlshash":"4443d5c8f6d5f0a543d776a6903f211bf23a6819704e8490e325e8d2bcb895e9133e7d","size":58201,"data":"","first_seen":"2025-09-11T19:44:38.876513Z","last_seen":"2026-04-19T15:57:19.428575Z","times_seen":1034,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/bat.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"fcf49473e99cec5f13ecef1a0fa58663","sha1":"12079a27fd46a80f92a0f002472f7fdbd7693364","sha256":"0214c2153bf5416172db410ef5aca88104454fcb77e06345c44e132b161118f3","sha512":"655a0c0260ab03f7beea91265c9c089dc5cd121fc936b3e39428a01d1cbd9f795234ba80b75b8d4d144baf94bf50cc9af331fefc2aa818eda22f034c40905111","ssdeep":"768:Y7MOThic5rueIh+Q43mT1OoLQBDjf6y+GV/Oj7hu4Z:6MOTkc5fV3ULMjf6y+GhuR","tlshash":"47330a4333509a7645f9419c786a2903a336570e30be70ec7a8cf8e6945de4b7237b7a","size":53342,"data":"","first_seen":"2025-09-09T22:27:59.022721Z","last_seen":"2026-04-19T15:57:19.525206Z","times_seen":17870,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/destination","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"9591bf4312af33495a9b6cf75ed47d00","sha1":"c87f8bdf218ddce6e48c4ac6fd9d1e3b4788d268","sha256":"c14545ee2ab800245c36c3733f2957ec860696a1f40cca43570943da17b7c0cf","sha512":"40d3b7f0dcab089dab2bdb7d46ffb75e68085440f8a0dceb235b8784108748f3f2c1ffc008f1d7fedd53a0913f9342e196959d434fa9a674cdbb56d91e62fc98","ssdeep":"3072:LAU5LBam+So4ypmB06s6VIkDcajIu1yeZGbQ9FiJ2Rh/8PWNjxW55204O/XYAmCA:t/ypmUhk0uwbWFiJQk+Nju5204ObtW/","tlshash":"777419cd73d674624393a578503f008bb17b6892b84cc899f186dee52e70a9a4277f7c","size":343448,"data":"","first_seen":"2026-03-30T14:47:15.569602Z","last_seen":"2026-04-19T15:57:19.43009Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"7065ff0a431a231b194179f4c112e375","sha1":"ff0db3299a53e631e2e552cdabf39a4dc177fb2c","sha256":"ca3d9e3c82970e9fb2f14000f93ef270d29dea106ac8bbfd926a448856eb9581","sha512":"74891d2b3d14496b4e32b2c41da591c634f120c1cfe74c2678ee0a389d4bf9c97711fdee5c309d5061a737cdb3eb6d8cb064fa793eebd58152edb28dac41173b","ssdeep":"","tlshash":"f6218b4a96e385065533356c8b5f320870b3a017dc55dc827a8e8bdc2f664332289fac","size":1373,"data":"","first_seen":"2026-03-30T14:47:15.697349Z","last_seen":"2026-04-19T15:57:19.526841Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/5fefacb2-108d-4d83-8c43-7b198bce2a67.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"191effeb52d97e714ae2b758c4b301e6","sha1":"1bd4266d9cc34f8495d3def47d0bbd71ce3ea6ca","sha256":"7675b58524d7afe522fc4f4fa3817acad86b7e3bbfc1e1f3b34d37cbb24f6ff0","sha512":"07897e0fb6ed5cc0e6d6af67336d2e796bc066f545ad0c88593c297dd68893c21d70c849d440b9b2ef98fc209cde1fb2662eadcbb5ffd7e02dc828b2c3d8fc57","ssdeep":"","tlshash":"9cd02264b5a804162d4b64d18067ce8060ff722a44c4962a5f880d4c57dc6bbca78062","size":206,"data":"","first_seen":"2026-03-30T14:47:15.593696Z","last_seen":"2026-04-19T15:57:19.514396Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/scevent.min.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/scevent.min.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:44 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 57668\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-e144\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57668,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (57641)","md5":"d84829ccef6d698ac34e345706303efd","sha1":"abbc641fc35a435deda02f1691a325f05e324862","sha256":"8453f0141197fff21afdc7480eccebff81d400131cf65d1155c3e21a9543a556","sha512":"66f93308b3b4cdc42c42ed1a962ed7dd5abd371e7f4759cd3343248003a8824d7329608a343b552c1604afe4e7fc8ca7d1f059aa64e65752c4da20b4e653d021","ssdeep":"1536:lBuR4naj0tzuODUxNtfM7Ohw3qve1sToVUF8/HxCkeAeYN:juMbUxNbh3fAea","tlshash":"e543d78df3aaf02103973476497f541be37bba646c0b8650c126e5883d7c69ea237d9c","first_seen":"2025-10-09T21:15:27.826598Z","last_seen":"2026-04-19T15:57:19.422902Z","times_seen":541,"resource_available":true,"data":null}},"time_used":1693,"timings":{"blocked":1399,"dns":0,"connect":0,"send":0,"wait":290,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/swiper-bundle.min.css","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/swiper-bundle.min.css HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Mon, 30 Mar 2026 09:02:10 GMT\r\nETag: W/\"69ca3c12-45f3\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17907,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17653)","md5":"8f1466ab740d33fd9870d24bc5565378","sha1":"f2ed0ba668e294c3d4be0f6378a572612d06c685","sha256":"53e05ab85d78b92fa96ffe4b348e57c6c292350ffe2c8895ce32c0ea4a4d4599","sha512":"25ad68c629cc9844417a8917c7e9db41555778d5fbef5b6751259638ae261886c302f32b59c46c8ad791c933f6ae076617c6f08cb7442400c8c1d317400e5c72","ssdeep":"192:q6mUJbiKne0JlXZHZ+SMS4nxep/a2GZb0Q5nfufKlAYfg5fyeesedOJ9A5Pz+c3y:qHUbe0JdZHZ+1nZ24tlWfF4XYz","tlshash":"958244a86300282753274f364b71cbb9dd7444d20f9389ae91c0ee48d7f6db9136f6a9","first_seen":"2023-04-05T13:09:42Z","last_seen":"2026-04-19T15:57:19.424775Z","times_seen":498,"resource_available":false,"data":null}},"time_used":1950,"timings":{"blocked":1683,"dns":0,"connect":0,"send":0,"wait":267,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/partners_desktop.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/partners_desktop.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 144738\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-23562\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":144738,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"31af3a351a25446a5490874a32970fc1","sha1":"6ccc488d21cdc78edd411d9e287ad45934b9e768","sha256":"023713d4141624b5c02f0f95ac76ed14349ada5fd0370b34363959e76e5375ff","sha512":"640625dfe47f8531596fefadb7aaf2585bfb0d280873ea5b75b65c227c6f04f064bc09bf14c1696c3533c8b37d5a13380a22834780048f535973db205bf67aaf","ssdeep":"3072:5WRCPv7ZTaZh7xgjF7HCC7BDpQbCgNoI1wsCNLQIeLoYy4l:5cMlU5yjhBDpYEI1E8m4l","tlshash":"bae31215ee62453bc093a2c360725cc77247b6ad439409c24b8b6f778647ef10e6bf89","first_seen":"2025-11-10T05:54:16.002434Z","last_seen":"2026-04-19T15:57:19.425762Z","times_seen":10,"resource_available":false,"data":null}},"time_used":4797,"timings":{"blocked":4279,"dns":0,"connect":0,"send":0,"wait":258,"receive":260,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Cardano-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Cardano-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1234\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:50 GMT\r\nETag: \"68ea2316-4d2\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1234,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bb48e94647673ab8d13806359ecc5a34","sha1":"780ad3974f2f11df789cd359cb52ecef7c21d492","sha256":"8bcda425b6a5dc497ebd1ccfbe779ebbcf15ce53e306c428aa407a9317981bba","sha512":"a59bbe08b9074a4e5ec0f4b4d000b6159d3909d83d992b6a4083b1907a8d83a8c68b30d6927e19e0746cda41242c1c023aec10af43e0f716c2b66f3ccb456973","ssdeep":"","tlshash":"ac21e7adfc086ab942d3b85ecf30b7898269231c5a8d3d2d543df8c1556d06cd3202db","first_seen":"2025-05-06T13:57:35.262131Z","last_seen":"2026-04-19T15:57:19.426626Z","times_seen":337,"resource_available":false,"data":null}},"time_used":3219,"timings":{"blocked":2962,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger-wp-website-s3-prd.ledger.com/uploads/2021/11/Ledger_favicon.png","fqdn":"ledger-wp-website-s3-prd.ledger.com","domain":"ledger.com","tld":"com"},"ip":{"addr":"104.18.34.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:48.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 11 Apr 2026 10:32:23 GMT","end":"Fri, 10 Jul 2026 11:32:10 GMT"},"fingerprint":{"sha1":"BC:36:D3:AD:3E:3B:DB:64:DB:92:E7:5C:EE:73:63:5D:DD:9D:50:7E","sha256":"97:42:87:20:1F:86:EB:0C:05:20:EC:34:3B:0F:A0:72:6D:70:A9:AB:90:60:53:AF:66:6C:F5:D6:E7:17:AC:37"}}},"request":{"raw":"GET /uploads/2021/11/Ledger_favicon.png HTTP/1.1\r\nHost: ledger-wp-website-s3-prd.ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Apr 2026 15:56:48 GMT\r\ncontent-type: image/webp\r\ncontent-length: 402\r\nx-amz-id-2: t1ju8rBZ29YdRCc6KxvqindG1X7a8NEozhqELlvgtgnBZPnaYB6NuJwGicYT9Fm6MAQmKrg36VVa+82NbTQs7D/f1mfbDJa0\r\nx-amz-request-id: R2JJP95865VDEZKG\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 04 Mar 2024 09:59:32 GMT\r\netag: \"d2cc487e1baee412d24282cd76326b67\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: c0YzzGXb_FH8yQM1Y29J6JaRmyu3vJ3t\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-bgj: imgq:100,h2pri\r\nset-cookie: __cf_bm=j_xX1H3B5RzxKt02oDhVWP2bsWE7h2IzdiyUfJ2JGbA-1776614208.821687-1.0.1.1-0sAJLEvBuwQlm0FQ.Yxx6avTvpEG5uAccm7Q7vDMwtCaQJ1iaFTSb3Q42xoeI.mah6sq5Goy5K8gpZrC5hgBzMqYC2HqEAqzYQw1KvURyHV6N9Er8A2b8J4tD6qkVZlD; HttpOnly; Secure; Path=/; Domain=ledger.com; Expires=Sun, 19 Apr 2026 16:26:48 GMT\r\ncf-polished: ok, orig_size=2372\r\npriority: u=4;i=?0,cf-chb=(37;u=2;i=?0 421;u=5;i=?0)\r\nvary: accept, accept-encoding\r\nage: 12498\r\nexpires: Sun, 19 Apr 2026 19:56:48 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9eed19f52fa956be-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":402,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ae21ecb25616d3be96e987fe7af84d6e","sha1":"db559bfa16b130ab1b8c0b9b8693c807e29b3503","sha256":"7545b9667995fb98664f07b94793628ca6920fc953bb4eb924259480cae4bbe8","sha512":"02bbd8bdb2e77a6b39b14712828b719e7c036e006c792dd8f2d0150b09324dd2b2e7892cdbbe05cf7dc6d1d162af3ccadd65099806e857821de738228f2c3ef4","ssdeep":"","tlshash":"ede0f17081776c782de418f412ff520303ac0d5ed211021b43b5b82020f47d6134d193","first_seen":"2023-05-25T12:23:00Z","last_seen":"2026-04-19T15:57:19.427774Z","times_seen":1155,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":21,"connect":1,"send":0,"wait":15,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/uwt.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/uwt.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:44 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 58201\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-e359\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":58201,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (58201), with no line terminators","md5":"76a4a1b90eaf763f4a6ebf05f1de741a","sha1":"5d649fb6036d2c97cd1b189b93ab01329605584f","sha256":"15ac7c79df675a4e07c8f59b54ed2d978cbebe6af18372265677cd46b95365fb","sha512":"37e371f4defe0cb39f231805c200954f72f3f83b26427a083c49f807ef4615af7bc661f4a79902c57fb98079b523eca37ae927f909283ecd958bedf9cd24644a","ssdeep":"1536:buo99dwkLYPs/lEGF94zSnnJpSFD8No5/g:buQdwpslF94zSnnJpSFDZ5/g","tlshash":"4443d5c8f6d5f0a543d776a6903f211bf23a6819704e8490e325e8d2bcb895e9133e7d","first_seen":"2025-09-11T19:44:38.876513Z","last_seen":"2026-04-19T15:57:19.428575Z","times_seen":1034,"resource_available":true,"data":null}},"time_used":1460,"timings":{"blocked":1194,"dns":0,"connect":0,"send":0,"wait":261,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/destination","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/destination HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:44 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 343448\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-53d98\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":343448,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"9591bf4312af33495a9b6cf75ed47d00","sha1":"c87f8bdf218ddce6e48c4ac6fd9d1e3b4788d268","sha256":"c14545ee2ab800245c36c3733f2957ec860696a1f40cca43570943da17b7c0cf","sha512":"40d3b7f0dcab089dab2bdb7d46ffb75e68085440f8a0dceb235b8784108748f3f2c1ffc008f1d7fedd53a0913f9342e196959d434fa9a674cdbb56d91e62fc98","ssdeep":"3072:LAU5LBam+So4ypmB06s6VIkDcajIu1yeZGbQ9FiJ2Rh/8PWNjxW55204O/XYAmCA:t/ypmUhk0uwbWFiJQk+Nju5204ObtW/","tlshash":"777419cd73d674624393a578503f008bb17b6892b84cc899f186dee52e70a9a4277f7c","first_seen":"2026-03-30T14:47:15.569602Z","last_seen":"2026-04-19T15:57:19.43009Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1985,"timings":{"blocked":1420,"dns":0,"connect":0,"send":0,"wait":284,"receive":281,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/lnsp.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/lnsp.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 52333\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-cc6d\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52333,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"d3f54d39164057b37452cfa9f6133daf","sha1":"93a027056527892b3761a7a61a8a147c8d036366","sha256":"1397fe6e6ee6cf1c1b2832c95eaceb4046d88f753f8748f4c7e9a28dcc6b8f88","sha512":"3389d48ec011292ec035af1c3badbb03300245ef508f6219a1e52feb60e59007cd9aaf13554b6160ecaabcb72a1578a7b0f70b05ce8d7fb19f6e5357ce286eac","ssdeep":"1536:VZuBNf2EWd8zVo15Ow4A9VkRl/nCLvf14Qj:uZWOwzIl/ns3We","tlshash":"a333f2c50184e293a5827b4dd8b06f48dff9d55006bc39172524a1bed620b72bbafb71","first_seen":"2025-09-01T20:50:57.042233Z","last_seen":"2026-04-19T15:57:19.432355Z","times_seen":14,"resource_available":false,"data":null}},"time_used":4228,"timings":{"blocked":3972,"dns":0,"connect":0,"send":0,"wait":253,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/lrk_mobile.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/lrk_mobile.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 21518\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-540e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21518,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"eefcd3269d51514fa1b321ab1a1fa392","sha1":"e4084f25c6efce026971723707108a52608c750b","sha256":"69fba80e62173d21dcf04faa45f78646cdd836c783c4beb163b3b0af49ad41d5","sha512":"c9c913a3ae9c523164e1174b9f1ab7d808f93ba04ac4350381e507072924c78eb2a13cc78b5a1a136948345652aa113b8a2bef15b3651fe4aaaa02bc706834f8","ssdeep":"384:kXq58VwqH99SMZXJ7xe3NGHYxBvJc7BdkKb+tTbVPDZi527GJmefY64l8SiZX+Im:p58ZHCQJl0keBOXks+tnVPVKBkm4OS8q","tlshash":"04a2e1d8508701c74fabc630b432d2451df14b02d53ba26edf7b231adb3b2996289f92","first_seen":"2025-09-26T17:58:47.863678Z","last_seen":"2026-04-19T15:57:19.433069Z","times_seen":6,"resource_available":false,"data":null}},"time_used":4795,"timings":{"blocked":4538,"dns":0,"connect":0,"send":0,"wait":256,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/academy.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/academy.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 23516\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-5bdc\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23516,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"9d0d27b864f866d16f5b4d9d2a9ac22f","sha1":"ae44af8493f0217990842596e086a3719759f7ac","sha256":"e42e28452f34c58c6e45bbc5bd2b61beee0b76b16a8b2bb89c4314961293c6d9","sha512":"2ac34a3889a800f6ba4e152fcf55f159e0e94f6869917aaddf261d3551b810a230b7043130b73a830b4c36132f97cd5359db08a7df95daf83c53ee4e7dd94e0b","ssdeep":"384:kDbyfA8T9fizkUko8cTWsDVyD0dkSxDuQdMmQYmeCYZI/NW9QMxKlEr+pc:mA9azkU5TNRywdkkD6mQY1PZiW9DxKlW","tlshash":"72b2e123f4796a5dd278006685b07424068fa14deeafcc8564bf5b63f0d06aff16d0a2","first_seen":"2025-09-01T20:50:57.080722Z","last_seen":"2026-04-19T15:57:19.437027Z","times_seen":18,"resource_available":false,"data":null}},"time_used":4971,"timings":{"blocked":4717,"dns":0,"connect":0,"send":0,"wait":253,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/blog_mob.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/blog_mob.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 15487\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-3c7f\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15487,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"e32e89d031b3b3a9f57c2c0d6c286815","sha1":"84cdb5bcfd9e4d578995903995eb5135f3b96839","sha256":"1206c0b9679dfe5a3bbeb7c71482cf363bd4270372ff96babb8e5f7c00a5e30f","sha512":"0d2d0429cb8e3a62e91117443c9b774f956217b1524f1aa6f3b102767f78c9efc9fbd4b0cdf8085e6ecf053905a01e763c8296af5fcacfea33e27ea209e9d4e2","ssdeep":"384:kgzQnDa/+llHhNQ8U9A815PXtb06YUs2sD:ZzQeo7UP1tXi6YLD","tlshash":"2662bec8d66615089dcde4ae7c9fcf1cd072eb24367bc9992426da32dec124b0fc48a0","first_seen":"2025-11-10T05:54:15.958089Z","last_seen":"2026-04-19T15:57:19.437752Z","times_seen":10,"resource_available":false,"data":null}},"time_used":5004,"timings":{"blocked":4750,"dns":0,"connect":0,"send":0,"wait":253,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/windows.svg","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/windows.svg HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 357\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:44 GMT\r\nETag: \"68ea2310-165\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":357,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5f55d8525ea1a10b08a5516420648186","sha1":"41ab6b88f1b13960b7d84860262548e59128a43b","sha256":"ab46b270159c355c53da475e47b87adcd9a3b790b548e78dca2c6ec440901473","sha512":"6ce2d497118c4800fee22dbe78d4d5977aba9646dd1fe95c2b86928b2d48cd3a02425afe8cad0221dba947fcba3fe9d1fbd8c84748c421325018740345392809","ssdeep":"","tlshash":"29e026b61004a830d5b6c338b328b4b33926b2c179b700b49caca68db56d1cd0d1b1f8","first_seen":"2025-01-23T11:47:07.090196Z","last_seen":"2026-04-19T15:57:19.438416Z","times_seen":102,"resource_available":false,"data":null}},"time_used":2870,"timings":{"blocked":2620,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Wrapped-Bitcoin-logo-1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Wrapped-Bitcoin-logo-1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1496\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:52 GMT\r\nETag: \"68ea2318-5d8\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1496,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1dcdb22a4f87ffea48f0e61ceee50be0","sha1":"5a3bf3cacc8d8402b09e8965a3b69f5cd2154375","sha256":"97af0475b276a67cf1cf6700a5d7323e0191429ef59258b316e697ec15b7fcc6","sha512":"0e1ba066ed6da8093635043875468074414d003dfd3bfcd83b08b2b76fe889c5186345d83ecfa875acfec6ae17cdc4e397ae4a22aebfbdc3ffa80ac02949503f","ssdeep":"","tlshash":"ba31d70f81e2d1e6229a0c306da3da60432c963c00f2b62eb27d5e0a15b290728f9146","first_seen":"2025-05-06T13:57:35.289639Z","last_seen":"2026-04-19T15:57:19.439113Z","times_seen":335,"resource_available":false,"data":null}},"time_used":3459,"timings":{"blocked":3203,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/js","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/js HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 464359\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:34 GMT\r\nETag: \"68ea2306-715e7\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":464359,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (7335)","md5":"8dc30876ed3522b21b1364aad598e2a8","sha1":"8142bbe93f990d9dd35167407422ec23b32eb26f","sha256":"d4496b98263014272b4211f33b62d0f2778aec07869c34a4fa733ce47f9f0a8f","sha512":"8d7e94cf0791c5c59e46551265287c858aa2e54046a66da103000fbb302f0ee0d84447ad9d094ab134e67ab7d38a47c1c029a0c079db0ab2a49cb3ae1aa97caf","ssdeep":"6144:FBM/yp2RUtk0uwbWF5JQk+Nju5204OAN9JdXA/8:75YWm0KzJW0ej","tlshash":"34a4099e73d674225396f078502f01cba97b28a2b45cc8aaf1c9cdf12d7469a4127f7c","first_seen":"2026-03-30T14:47:15.573547Z","last_seen":"2026-04-19T15:57:19.439731Z","times_seen":4,"resource_available":true,"data":null}},"time_used":2523,"timings":{"blocked":424,"dns":1,"connect":257,"send":0,"wait":511,"receive":1055,"ssl":271},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/fbevents.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/fbevents.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:44 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 329460\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-506f4\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":329460,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (10296)","md5":"0ac58ebfed5ec22986ad71ea6e0578f8","sha1":"59e782696ca21fc17822e5b8f924047936c98f27","sha256":"27da9cf46700841a6def729f7474a08b0bb40d58a4abd9f04a0b845fa38b11f7","sha512":"00263dc471be050ff2e01a5ce536de783a1d3f514ffe4611dd94e98b721132580a2bcfcdee2be2198473891a6adc234e47a669c90f6f4a7a71d3561d60cc344a","ssdeep":"6144:RZLeu8xwDkLBTrbEJixLNaZgVOvw6Kia3ZY/ncQfNvQ:NgLUVNvQ","tlshash":"0e64b98975d1b09247b678ac926f4007b1bb99e6b0c8c930d59dedc43e784ed5033faa","first_seen":"2025-10-10T22:03:20.956818Z","last_seen":"2026-04-19T15:57:19.440421Z","times_seen":2736,"resource_available":true,"data":null}},"time_used":1405,"timings":{"blocked":884,"dns":0,"connect":0,"send":0,"wait":254,"receive":267,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/main.css","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/main.css HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Mon, 30 Mar 2026 09:02:10 GMT\r\nETag: W/\"69ca3c12-3c279\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":246393,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (755), with CRLF line terminators","md5":"8109a21b2c111dbefe7a1d5294898bae","sha1":"6f52063c0c97a93e0341d446b23bf424a0851d56","sha256":"dc6e77f9a48070f74a1dc40c3c0412f426102027bb1f6dd4d187b12ba0121af5","sha512":"eb556cda4284ffd3c6de109abab699317c50a1102d1f56ed058dce7d2a701a39712cc87b4b3081c20ca00d9e6686f6b364c1c2beb6ade9f6a03b3a00dac9f5bb","ssdeep":"3072:KTAWYgtcUJJifBczQBqrIeX7yC851WpnX:NWYgcfBAQBqrIeF","tlshash":"863481505f0721095337eb76fb926624ff688072db4716e6fae1a00ce7d86644226fcd","first_seen":"2026-03-30T14:47:15.582361Z","last_seen":"2026-04-19T15:57:19.441541Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1961,"timings":{"blocked":1686,"dns":0,"connect":0,"send":0,"wait":264,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/entries_visuals_mob.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/entries_visuals_mob.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 38668\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-970c\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38668,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"b843fa8566b5d6ad81abdc409889865b","sha1":"ad6e6ad0717c239ed0dbeeac3391cd0ba2e95205","sha256":"4c9b6fe386ae4cdbbab443a2040eff0a33a0ee5974862c81bc0d4738cb694a22","sha512":"055234c19d26f9600b99499b4ca1636d1eeea39c0b873d417e404e19f260fc3ea94b684b9920ce0c4683c180aa9e763f0e2855e3d8f54a1f5ee7a20dc2fd4d29","ssdeep":"768:rVSARwlrPjs+wGEWDbGONhTMzmtj32Pu5g4y/bZDUV4LbMgCc1cIz:ryrPA+wxWDCONhTPdoX9/FDUCLb1fb","tlshash":"0e0302f51fd1ade76e134f393c144b1af12107124745a360b1826b519f91bc8eeaea37","first_seen":"2025-09-01T20:50:57.040177Z","last_seen":"2026-04-19T15:57:19.442736Z","times_seen":18,"resource_available":false,"data":null}},"time_used":5429,"timings":{"blocked":5178,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/lrk_desktop.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/lrk_desktop.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 22041\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-5619\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22041,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"5e51d1565991f7c2eada093d95f5b867","sha1":"94aecd5c20b86cda40dc04d4449b44c4e4442ca5","sha256":"d5b36c39bd7ebe09e29ff10c65c3a2cf9c995ee7fc808d471a0a9467d1fa78ec","sha512":"e78edc4c45a8382c24bbfa4ab017f1c7d8721b8cd2652062c8676a6e8d9b270766f3b25efbd8b2e4bf080c7323bc26fb65322a71737480447167af40ee0d3cfb","ssdeep":"384:FegFI74jDvja3YreQM2M7EOGx2egYWdAyl/4ToRB2VzC9AL+n61+wp6cIC:EgF0yDba3Yy2yEd2egYWdxl/4rVG9A6g","tlshash":"77a2d0b949291d8dc97ec1353d618af0caa2a3ec83aaf7ba584e73064d65fc344b44c4","first_seen":"2025-09-26T17:58:47.869681Z","last_seen":"2026-04-19T15:57:19.444197Z","times_seen":6,"resource_available":false,"data":null}},"time_used":4239,"timings":{"blocked":3989,"dns":0,"connect":0,"send":0,"wait":249,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/recover_mobile.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/recover_mobile.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 27881\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-6ce9\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27881,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"2119c270106daac5ba7a4c3d3407ecf0","sha1":"7182d037744d618da42f0618f8686a1f1857d66b","sha256":"7ee00a05f5038db9e5907c4582f594d0edf0b12e5e66a175ed5ed2f21388ce02","sha512":"5a6f5e0ce9ec55e74913336c8b6629822e82944cf86458726d02bef20a9e793b8725704b797aa91204e3f6b74fe7bc7f7e74408e02b2404075bef7d2d62bad2d","ssdeep":"768:g4ri67H3NbDsQBG+819WysS5c+DX3xfdDaS4iibRY:tW6aiXWIy4kSZ3bRY","tlshash":"d9c2e037f1005fcf78f48779dc31a3a6bd1a06d0d9b2a809907563717aa2a14c6c9caf","first_seen":"2025-09-26T17:58:47.926591Z","last_seen":"2026-04-19T15:57:19.445589Z","times_seen":6,"resource_available":false,"data":null}},"time_used":4753,"timings":{"blocked":4501,"dns":0,"connect":0,"send":0,"wait":250,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ton_symbol.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ton_symbol.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 5278\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-149e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5278,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a4ffe7173fc2d440ac4f730e052733bb","sha1":"e08dca6f894aaa21788c0ba5648e12b6cdd971ac","sha256":"351f470ff31d258f19306111d4fb90b5e1512b691cd7fbaaa6892462440fb1bb","sha512":"1203f593050c237622e91e2255f221d1b1a732966ecb8d4ca6de4e21283512504da10d03ff915d63bf9ac628f2083b9015107f1c702ca81ba8e1951296863531","ssdeep":"96:TXyAD/pD164YfjstCjGiyDx8ZCO0I9T4cyGfdw6:T3TdsWCjlyDMCO0I9T4BGq6","tlshash":"55b17d282b1960c4e92b9faa752447718b85602418a24ffec5b5502d1ee2e5b0264fff","first_seen":"2025-06-26T01:55:20.430628Z","last_seen":"2026-04-19T15:57:19.446786Z","times_seen":17,"resource_available":false,"data":null}},"time_used":3845,"timings":{"blocked":3595,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/manage-1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/manage-1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 84166\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-148c6\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84166,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5cfd174d5b5e745ac4af58f5f4448c42","sha1":"10897c7399ec24a9322c80f247ce352f6544a1a7","sha256":"8a0a86cca57cf06c7522e20a43b6da4eb7f5940da011d0ed5d4770f49599a02b","sha512":"c8f8245a9f383add9feda2fd9104def0f297b61cf53dfcf365653d743d041f2f6286c1c056741e5bc7d840b7a0722e83034bc7b7de1c87d848e7af98d3d6197b","ssdeep":"1536:XcfqgChk6n8Z3S3MrpgOJSttOeQSf/mjWS71c8q1MUYQ81Z60DkExd:tk33S3rcoOe52jr1c8LhkExd","tlshash":"4983127b35c2a681f61e6d7a4924daf2950e730a2bb9b386770fcc1178c34e270547e4","first_seen":"2025-09-12T00:51:18.625371Z","last_seen":"2026-04-19T15:57:19.447407Z","times_seen":9,"resource_available":false,"data":null}},"time_used":5184,"timings":{"blocked":4925,"dns":0,"connect":0,"send":0,"wait":252,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/main.MTE0NjY3MDc0MQ.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/main.MTE0NjY3MDc0MQ.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 442009\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:34 GMT\r\nETag: \"68ea2306-6be99\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":442009,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T21:59:57.282302Z","times_seen":13949743,"resource_available":true,"data":null}},"time_used":2256,"timings":{"blocked":422,"dns":1,"connect":253,"send":0,"wait":502,"receive":808,"ssl":268},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/XRP-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/XRP-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 914\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:46 GMT\r\nETag: \"68ea2312-392\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":914,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cca29cc82f5ca28787e33f7d4f91b1a3","sha1":"83d7518517cd9199fc43d9ee5baab9dc62a15695","sha256":"7f6806d4063f271566f3d51f9203e0b8d8f10fb04424b75e695626e80795b22b","sha512":"5b87ffd4a68c57865390461ca96001ec2df094ed9c8d3475c7ace0ffe2cf97c4ff2b9f7b8a172310cbc9bad5a145a525a8fd808e7e39d6442dae85ec05c5e636","ssdeep":"","tlshash":"e111843e3b8757fe765e70536f9124e490d8164a712031425602ecb7d0192b3640e220","first_seen":"2025-05-06T13:57:35.161145Z","last_seen":"2026-04-19T15:57:19.448697Z","times_seen":337,"resource_available":false,"data":null}},"time_used":3112,"timings":{"blocked":2862,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/litecoin.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/litecoin.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 3996\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:52 GMT\r\nETag: \"68ea2318-f9c\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3996,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"32bc100d8c906d7f234f9307858b1eff","sha1":"cbe91411d6b5a901b7894dc1d69f0066d3d57158","sha256":"5baf49bbab196cf63b0bb296d0d7c0a03b1521b41f9d7b2295404ce7951e1d5a","sha512":"9ae39b326c4518816b3ac5ba6f2dfe693d030ffbf7b26c7e6586b0671037639acf551a459413664725d4e3f0e1b242be6a8dbf575e7fed697824b5eb567005a2","ssdeep":"","tlshash":"23817be8aeb64aa87c1c798020ec8a05c11e3116e2b14ff2cdf84b54437a8437cdc86e","first_seen":"2023-05-14T08:25:50Z","last_seen":"2026-04-19T15:57:19.449308Z","times_seen":464,"resource_available":false,"data":null}},"time_used":3472,"timings":{"blocked":3214,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/undefined","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /undefined HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nCookie: _scid=AYEhakTkERldWVwemZXliTSW7e_3l8qp; _scid_r=AYEhakTkERldWVwemZXliTSW7e_3l8qp\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"d47b646093dd84d34885a714ce4bd74e","sha1":"c4df23671b6440e29159093dc52cb8c4aa184597","sha256":"6807c84bf35d67496e020c1528303b87d4759933c09817e514a7159ac689d352","sha512":"906fb89d5ec9dc4338f9d5e26fdc9ccc041225157a8f114465449106128d69e9fbc7723b2bcdd56a17c74c29983f7126a1d970b24e3902a3c4e817834f21f338","ssdeep":"","tlshash":"29c08c2d25137c4c8563217432c36080c086832764aa42128440800331cb2a98ac7396","first_seen":"2023-04-15T19:52:36Z","last_seen":"2026-04-19T18:59:52.397297Z","times_seen":5207,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://ledger.xzbya.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 321788\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-19T21:57:06.575092Z","times_seen":147371,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":110,"dns":0,"connect":20,"send":0,"wait":21,"receive":4,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger-wp-website-s3-prd.ledger.com/uploads/2021/11/Ledger_favicon.png","fqdn":"ledger-wp-website-s3-prd.ledger.com","domain":"ledger.com","tld":"com"},"ip":{"addr":"104.18.34.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:48.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 11 Apr 2026 10:32:23 GMT","end":"Fri, 10 Jul 2026 11:32:10 GMT"},"fingerprint":{"sha1":"BC:36:D3:AD:3E:3B:DB:64:DB:92:E7:5C:EE:73:63:5D:DD:9D:50:7E","sha256":"97:42:87:20:1F:86:EB:0C:05:20:EC:34:3B:0F:A0:72:6D:70:A9:AB:90:60:53:AF:66:6C:F5:D6:E7:17:AC:37"}}},"request":{"raw":"GET /uploads/2021/11/Ledger_favicon.png HTTP/1.1\r\nHost: ledger-wp-website-s3-prd.ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 19 Apr 2026 15:56:48 GMT\r\ncontent-type: image/webp\r\ncontent-length: 402\r\nx-amz-id-2: t1ju8rBZ29YdRCc6KxvqindG1X7a8NEozhqELlvgtgnBZPnaYB6NuJwGicYT9Fm6MAQmKrg36VVa+82NbTQs7D/f1mfbDJa0\r\nx-amz-request-id: R2JJP95865VDEZKG\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 04 Mar 2024 09:59:32 GMT\r\netag: \"d2cc487e1baee412d24282cd76326b67\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: c0YzzGXb_FH8yQM1Y29J6JaRmyu3vJ3t\r\naccept-ranges: bytes\r\nserver: cloudflare\r\ncf-bgj: imgq:100,h2pri\r\nset-cookie: __cf_bm=52M_IpCH9cLOCmBl3eSHeQ8Qr52ncuefI72HLw9V8qw-1776614208.8234081-1.0.1.1-0gLWQUmDf.iLfmkgKRWTVChqQd9irhCzYL_hxGBgqTWV_uCDl5ai.NRH_ADbIcltfNRAkCYYQqS7jxIIhmVUl2EnlV9jlkSbFgJRQAv4_GRqX1CKIuY1SyFt_U2rYSQ7; HttpOnly; Secure; Path=/; Domain=ledger.com; Expires=Sun, 19 Apr 2026 16:26:48 GMT\r\ncf-polished: ok, orig_size=2372\r\npriority: u=4;i=?0,cf-chb=(37;u=2;i=?0 421;u=5;i=?0)\r\nvary: accept, accept-encoding\r\nage: 12498\r\nexpires: Sun, 19 Apr 2026 19:56:48 GMT\r\ncache-control: public, max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9eed19f52fad56be-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":402,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ae21ecb25616d3be96e987fe7af84d6e","sha1":"db559bfa16b130ab1b8c0b9b8693c807e29b3503","sha256":"7545b9667995fb98664f07b94793628ca6920fc953bb4eb924259480cae4bbe8","sha512":"02bbd8bdb2e77a6b39b14712828b719e7c036e006c792dd8f2d0150b09324dd2b2e7892cdbbe05cf7dc6d1d162af3ccadd65099806e857821de738228f2c3ef4","ssdeep":"","tlshash":"ede0f17081776c782de418f412ff520303ac0d5ed211021b43b5b82020f47d6134d193","first_seen":"2023-05-25T12:23:00Z","last_seen":"2026-04-19T15:57:19.427774Z","times_seen":1155,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":-1,"dns":20,"connect":3,"send":0,"wait":13,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/sassy-social-share-public.css","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/sassy-social-share-public.css HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Mon, 30 Mar 2026 09:02:10 GMT\r\nETag: W/\"69ca3c12-2994\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10644,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (10644), with no line terminators","md5":"ba4cc2135d79faefe28d070ad9d25a43","sha1":"b66e5c5078b6039830caa941dfb0c24c3605aba6","sha256":"35c4a28b795f7eb020fbbd51320c5a47727040a1bf9660b40babf4e563250008","sha512":"b47575bab8f318f9684b598e278e212a390276565c264780331e8728c718829b72682599bc71e3c416cfe30293eb63422b0d7d609d6c68d3db50ede0ca17915e","ssdeep":"192:ZClNtmYGqKYsTAPqkLgT+TuTHTiaTiTdT3TUTCTrTmyrHQt/o:Ql6YsvCqrua+J74O3DrHQt/o","tlshash":"c022102bebd9157a6523ccb7f713b6bcf4282881af8708aedc01e33d474199b1a69544","first_seen":"2025-03-20T21:25:52.220271Z","last_seen":"2026-04-19T19:03:16.19914Z","times_seen":3921,"resource_available":false,"data":null}},"time_used":2199,"timings":{"blocked":1942,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/otBannerSdk.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/otBannerSdk.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 471790\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:38 GMT\r\nETag: \"68ea230a-732ee\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":471790,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T21:59:57.282302Z","times_seen":13949743,"resource_available":true,"data":null}},"time_used":2751,"timings":{"blocked":1957,"dns":0,"connect":0,"send":0,"wait":272,"receive":522,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/blog_desktop.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/blog_desktop.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 53185\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-cfc1\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53185,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"3069ffb90da1553f977f339e63739133","sha1":"56bc7ca51e3a574e39151c1ce0193ee5959cb86a","sha256":"a9694f27858691e33c67facb3abc396fb4dc6f395aea3d11df3f93e7f787ac93","sha512":"1ec2bba31cc09cf65ccf21368caaf446223e47e370b6466f4a2a45fa391c3f348b047d32d77fd874087a9c651faf4516790b7bff83270b50fc23e9a96c984a8d","ssdeep":"1536:/LRVXoT6vcv/imwATtJcN2iT+1gErKYRrpY9W5:/LjY/fhcNnmRRrpY45","tlshash":"cc33f1ece5f8c424bde3e5a794264fba37da8402e6e931d29659043e0d0ae3d0e4074d","first_seen":"2025-11-10T05:54:15.994467Z","last_seen":"2026-04-19T15:57:19.451808Z","times_seen":10,"resource_available":false,"data":null}},"time_used":4495,"timings":{"blocked":4231,"dns":0,"connect":0,"send":0,"wait":254,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/android.svg","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/android.svg HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 3189\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:44 GMT\r\nETag: \"68ea2310-c75\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3189,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e2165b4b3dde528e8e8e8b1817f87690","sha1":"f6df3a8ffa22cb22e249d5acf32de52213240ea5","sha256":"51538f4454407de13d2851738310f7159a56152f6fdf3bc90c49942d697a78af","sha512":"4b3ad8e712ecb4dd59c476afef83e75de1ace88aef7e0a1e1ecca791bcecdd8eeec424c62d9615a617c06ee64aefb3d53140bfc05156075eaa41c7604f401db6","ssdeep":"","tlshash":"b46173d532b922fcf980d7fc910390b67515b8fa3fa1d22847709e25a61246d4d76ce3","first_seen":"2025-01-23T11:47:07.079362Z","last_seen":"2026-04-19T15:57:19.452433Z","times_seen":101,"resource_available":false,"data":null}},"time_used":2922,"timings":{"blocked":2665,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/swap-1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/swap-1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 41438\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-a1de\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41438,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5432283035b4d855856e68be16ab8231","sha1":"2c30744737206ec08d55de30046238d52e90fcbf","sha256":"aae8dd7ffab9e0271525131cbf7bb67eb7149347d6cd63bf80506c00bf671e35","sha512":"98dab85110a8921c14f96508c5bbcfb6e1f35589cf5f825ca2c176702c610a10df2cfc8a40fcf97a885cfd3ded548e4c619d48616f1c23b077e3e5c63173ee03","ssdeep":"768:r+TqfDZ6hQRiHR6/pX+ENZRT1baPdo7ohHHDcTr7tBljE6DOAACnRfCtbgSs:df2QMHR6cEN5nEKPhhDOATR8bg3","tlshash":"c813e0faf24ac188f89190d12e1619c98542a543f4be9f4edfb77c2c97040f251ee4ac","first_seen":"2025-09-12T00:51:18.572347Z","last_seen":"2026-04-19T15:57:19.45308Z","times_seen":9,"resource_available":false,"data":null}},"time_used":5214,"timings":{"blocked":4959,"dns":0,"connect":0,"send":0,"wait":253,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/stake-1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/stake-1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 44394\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-ad6a\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44394,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fe981751f22dba2ba8f85267cce0d59f","sha1":"cf47a7abed9c4616ad2d1f40257c91b1615b61b2","sha256":"68bcf13b34f5781b722755d44efe91fd533e21992fbb67843112f3461b16d97b","sha512":"63f0b698b6a6d1e18406f1faef56d37c786e49a7287ff0b47d1cdd48185a02b71d31c486f68b2db4474ebbe8c0ede703e6a3e1d6c21ad359395c57a20a890426","ssdeep":"768:T+TqfDZ6hQ691Kfoyycbux3N1tiKYv5G6ZQOHZGjFI2EMVcTK446sf+YGzXXtp:1f2Q6rKfoBcbuT8JZGJGO0sf+YGzXXtp","tlshash":"0c1302cdfa1684437dcb57ed61c76258828dd1a72e2e3846fbbb4d9c2301146b28f165","first_seen":"2025-09-12T00:51:18.55918Z","last_seen":"2026-04-19T15:57:19.454445Z","times_seen":9,"resource_available":false,"data":null}},"time_used":5257,"timings":{"blocked":4999,"dns":0,"connect":0,"send":0,"wait":256,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Ledger-Live-usage.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Ledger-Live-usage.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 44338\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-ad32\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":44338,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0bdada84b5b076ea6213283078b3d970","sha1":"570b9dbd03d9fddf990ce1834b950e67db6386c2","sha256":"bef34153bac6580fe380a9596bed7afb58e65984a60e09b355b9f967e503e157","sha512":"0c5479bc1ac1205edfaa00465f9d9646e78132703e639df7d84a2057cb6b0951ed3dd477da5882a40f00c4fe7a8e7a6fc5b33cdba435317a946c689002dbe24d","ssdeep":"768:aTPSS7SnwaWn/5henGw0Rp/7nf6NF8pPV2dqVtf2i5Nt4Ef0M7eOwgXXq5LYygqj:kSnuhUG9TfUF8hoqVNJaQ0Kvbt9ycDE","tlshash":"f813f15893b48e0dc5b44879bcda4353e9922834ecdeac086c1fdd5262afbd0967513c","first_seen":"2025-06-22T21:32:22.358746Z","last_seen":"2026-04-19T15:57:19.455466Z","times_seen":32,"resource_available":false,"data":null}},"time_used":4667,"timings":{"blocked":4413,"dns":0,"connect":0,"send":0,"wait":253,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/donwload-desktop-1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/donwload-desktop-1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 31604\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-7b74\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31604,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"283088cbd5d278e3fd04dfcc7e9c7de2","sha1":"3ca2d232b638d6430a8cd876f55d4023268fb904","sha256":"27ccedfe4ed856ba63227d72ace8eeb474650d6335139b80337e598b2b1efaa1","sha512":"dc78ca7aa45a43c39a05a3975dc618bf992a721c82f183b7dff2bdb5cc303995c2668b783c33692eee72f1e1850bbaa3661d691ce925df2e5ebc86bf0f2a07ad","ssdeep":"768:IzpWfcCVmWhyVDsjWz44BzW7CRu9fNAE5Le:IzY1s28siz44M+Y9jLe","tlshash":"94e2f16f440a8a36c635a4140459b3c2edbf495c9e183f623dddd39dc42392f652bae4","first_seen":"2025-09-12T00:51:18.577561Z","last_seen":"2026-04-19T15:57:19.456611Z","times_seen":9,"resource_available":false,"data":null}},"time_used":3905,"timings":{"blocked":3651,"dns":0,"connect":0,"send":0,"wait":253,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/identify_4e6f0095.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/identify_4e6f0095.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 155449\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:34 GMT\r\nETag: \"68ea2306-25f39\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":155449,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T21:59:57.282302Z","times_seen":13949743,"resource_available":true,"data":null}},"time_used":915,"timings":{"blocked":153,"dns":0,"connect":0,"send":0,"wait":254,"receive":508,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.262Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/jquery.min.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 87553\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:38 GMT\r\nETag: \"68ea230a-15601\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87553,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-19T22:00:06.075627Z","times_seen":727122,"resource_available":true,"data":null}},"time_used":2317,"timings":{"blocked":1975,"dns":0,"connect":0,"send":0,"wait":335,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ledger-stax-face.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ledger-stax-face.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 32828\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-803c\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32828,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"577511237148049b0d2e44950ccfa9d4","sha1":"15e84f9e774a87f901093af801138b903ce5f6ae","sha256":"56f09c2b3d88b7fb675b096e4a952e9ecc9915bb6a90a9024563823ed74a76f8","sha512":"2f1e760bb3658f0d85c5e72035f6a1e8cf97038dc13904bf5fd78e4e8abb6428c5d75ce161ddf670d087a00151040cc03c0c89859f8f1d8b662b409a01f13054","ssdeep":"768:H+TsCskMQrHneRNiNdAvHBAKxFABwRLKNzSm8hgO/jlNMPhpJQn7A:ysKrH7NdSHBrABaLK9T8hgejlNMLKc","tlshash":"eee2d18b9030d1508d7f2e36ec4cae6f5327053606e8e651e4fd966cd8d6e91c9ace88","first_seen":"2025-09-01T20:50:57.074366Z","last_seen":"2026-04-19T15:57:19.458649Z","times_seen":22,"resource_available":false,"data":null}},"time_used":4050,"timings":{"blocked":3791,"dns":0,"connect":0,"send":0,"wait":258,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/visual.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/visual.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 10476\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-28ec\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10476,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"462529eec48a9134c2a4358085f3fa0c","sha1":"860b7d1555fbb0c81792c07c0b8917fe4841f26a","sha256":"4518bf3368238e010247b5f9dea5d3f1e6dd5b2d8214bd6e085713d998f06655","sha512":"8caaa97c85cef13ee3c1a1bd09df256b6bc102546b74c083cfbfb5e462e7fbd50e1b7b3262e5250851495005a411a06d5b4d0beb003c88aebef702f81f62bc05","ssdeep":"192:zwTZ7oqhOcE0G9Spj+kFbxlX4R0UI6zRv2PItC8G6ImIoMHv:zwT5hOQG9Spjltxh4R0UI6tvRC8G6ImK","tlshash":"8922cf52b3d7502ddbdc23b160a349eff49c3eb9d7526b0380708906077a9e9e71962d","first_seen":"2025-05-06T13:57:35.228091Z","last_seen":"2026-04-19T15:57:19.459402Z","times_seen":66,"resource_available":false,"data":null}},"time_used":2557,"timings":{"blocked":2303,"dns":0,"connect":0,"send":0,"wait":253,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/enterprise_9a3e3afb-5112-4fb8-aa8e-bcaa1e238bc3.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/enterprise_9a3e3afb-5112-4fb8-aa8e-bcaa1e238bc3.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 124748\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-1e74c\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":124748,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"1859ddb2aae00114ebc581a360896aab","sha1":"a0379c6a9fe71213075459ff25ffc618c5b75007","sha256":"3e9b1a0a3c9e77873547c94c9c692c81d0666feea43c317b09b5fb423dec6e79","sha512":"ae7d04e95c79ef44c77f3d6ac005fe632f5d7804ec8cfaed8690eaeafb4dfbb61a3058cf19d963de61bbe85b4a607e5b307b9ea0e27291c6902de7ba0536a854","ssdeep":"3072:h5a5nW5nqi/1qTsUkAX5+J/wQ5F8Ql/RNtYERb51Dw:hCW5nhUIA54vD8uRQEZM","tlshash":"75c31286639da7af97e22053c326094f1eac50df6d1fa8520845b2d24843b48bf17f9b","first_seen":"2025-11-10T05:54:15.981652Z","last_seen":"2026-04-19T15:57:19.460144Z","times_seen":10,"resource_available":false,"data":null}},"time_used":4526,"timings":{"blocked":4260,"dns":0,"connect":0,"send":0,"wait":256,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/download-mobile-1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/download-mobile-1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 23538\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-5bf2\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23538,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ab51ec78ffa2a7aeb8b70c76fa836dc8","sha1":"94d67705f39509c1449d26f6ef6780d27d3cab24","sha256":"f90eacb0d12d9a9b76b98eae322cdc7fc42009bf3e481dda84e6ec679b1f463a","sha512":"54f4e473ef8a427934a48db9109499f288d5e9d1092a5606160895af2cbaacb0ef2598fa7dc447dbf057b45f851a85d3d343b91b1089f7d66741a83dc95e69f3","ssdeep":"384:HCMQj9UBO3i/NM+19H6ycpRdyB4BnFTJsShCju/RDiOGwNnc6aYyuhLShFMTxttq:JQWBO3i/Z1NtmU4rmSB9iJ8nc6aMMhFZ","tlshash":"35b2e11450cc0d9c307ea953518dd0a541ae7e689ba2dfb78927313ef8dfb91ad9434c","first_seen":"2025-09-12T00:51:18.616738Z","last_seen":"2026-04-19T15:57:19.460904Z","times_seen":9,"resource_available":false,"data":null}},"time_used":3929,"timings":{"blocked":3678,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/fonts/HMAlphaMono-Medium.otf","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /fonts/HMAlphaMono-Medium.otf HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/index_files/main.css\r\nCookie: _scid=AYEhakTkERldWVwemZXliTSW7e_3l8qp; _scid_r=AYEhakTkERldWVwemZXliTSW7e_3l8qp\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\nServer: cdnbl\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"d47b646093dd84d34885a714ce4bd74e","sha1":"c4df23671b6440e29159093dc52cb8c4aa184597","sha256":"6807c84bf35d67496e020c1528303b87d4759933c09817e514a7159ac689d352","sha512":"906fb89d5ec9dc4338f9d5e26fdc9ccc041225157a8f114465449106128d69e9fbc7723b2bcdd56a17c74c29983f7126a1d970b24e3902a3c4e817834f21f338","ssdeep":"","tlshash":"29c08c2d25137c4c8563217432c36080c086832764aa42128440800331cb2a98ac7396","first_seen":"2023-04-15T19:52:36Z","last_seen":"2026-04-19T18:59:52.397297Z","times_seen":5207,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/banner_bg2.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/banner_bg2.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 9550\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-254e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9550,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9dd4fd003dd4927b6d2e8db5e95ec359","sha1":"895ab674f3e257a8087e859f1d8bbde6f6ba0c5a","sha256":"049fbfa2514eb85da59d8acf9ca92c3d9cd9f9154d16e393a612822c8723b681","sha512":"690c560a5b477e8a450351c0048a133fbc6afb39d9feae78c27324cd4a203477fe23cc8b27a327a63699750bdbaf019a192a7dfc07b58b34533065b259afc71f","ssdeep":"192:swTmsloLpM7LUq6+9JJfY19p18UKhFfyB99blrgRaTDqiiVYfimBxM4ZJ3S:swTmsCqD9XfYPSFyZJrg06ilflBxni","tlshash":"1c12ae7d03fc22a2e475adf69e8f6be98368001ae21d790990d3899a5e1401556332ef","first_seen":"2025-05-06T13:57:35.245421Z","last_seen":"2026-04-19T15:57:19.461769Z","times_seen":117,"resource_available":false,"data":null}},"time_used":4290,"timings":{"blocked":4033,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/visual2.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/visual2.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 27758\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-6c6e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27758,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0e3b03832dbd6f5d9cdab48ef113bbdc","sha1":"5b93fc5bad9f122b7ef2b8b6415cd1d02ee7d338","sha256":"c8a946444064116d4ff7a7a03a214976ad1b8a5c7f7b010d280a4ac197908123","sha512":"9fa74c6c38dfd79c6b1d6c10b16fe79c515f4e16632e660c649004933993ff331b9a00808dfd502a05a9b30f0692ba9dd8190e6ba3284b54c8f5b403a65e5f96","ssdeep":"768:qTi3c+xvzIyFlMqxBCw5GPVxG19+2AXOAag43QCP9:pMsTMq3R54S/ABadP1","tlshash":"86c2e1ba9746a62adf811df9c62543519348f28f7c27c93dd0803d5e8a0e7c83f85662","first_seen":"2025-05-06T13:57:35.284153Z","last_seen":"2026-04-19T15:57:19.462538Z","times_seen":117,"resource_available":false,"data":null}},"time_used":4399,"timings":{"blocked":4148,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/hero-ll.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/hero-ll.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 42280\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:44 GMT\r\nETag: \"68ea2310-a528\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42280,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"70fd360707960d9c5943e8469a557f22","sha1":"521d88d1c3beb8ca49d159d758ad57d65ec3e7f5","sha256":"10095730fcdac25d925c66aeba250f6b7ad6d885f23910d1d0a80c525987b2d2","sha512":"dd0745de00d61668cf920098e2323fd5f9082c717ce06c591c3f89d6319b9e4d2b5c77fb137de37ab4435cc1c708649e2e9af1e2a86bb88759264444c2e6c0dc","ssdeep":"768:X1lTDc5aNbrxeiD4344QpA41F5gzgeNw6hv2p3oT+wijIfvSd60j:X1lTDvnUt44AAwF5EteCv2p3+tzfqsi","tlshash":"7713f18cf1951a16dba6ee6973a80dd613d86b31c038d6209ef9e4951703d66a304afc","first_seen":"2025-09-10T07:08:02.382779Z","last_seen":"2026-04-19T15:57:19.46322Z","times_seen":10,"resource_available":false,"data":null}},"time_used":2807,"timings":{"blocked":2552,"dns":0,"connect":0,"send":0,"wait":253,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ledger-academy-face.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ledger-academy-face.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 20094\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-4e7e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20094,"size_decoded":0,"mime_type":"image/webp","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 504x480, components 3","md5":"56104b597955a0fac81452b10470294b","sha1":"40957fc082df3821cb49366fdf715a369daf7e05","sha256":"d4760bcece2ae3abfa80cb455fd01e52b90b2847bdbe56acfdfc8335fa9c966f","sha512":"9ebbce48c3d2b275bce70589ea3828ab7c6545f1ad306cf38876f4b1964b28a56d9cf3de4d777c4e3f0916790de908f3843cbbd7f6be37e230bf252a4fa0aac5","ssdeep":"384:tkanhh2x5lj8VMnc4Z3IOhlCZhzimIX4kn3Xo0et+uIUBdO5ITrvJJMG2b:WanYV8Vt4Z4IMZhzimIIk3Xo7wnUBdOB","tlshash":"3392d176efd08ac2fc32a778cabf534665572df3ba48a58232065e042a7131ecd4d644","first_seen":"2025-09-01T20:50:57.084958Z","last_seen":"2026-04-19T15:57:19.464699Z","times_seen":18,"resource_available":false,"data":null}},"time_used":4466,"timings":{"blocked":4212,"dns":0,"connect":0,"send":0,"wait":253,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/quest_mobile.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/quest_mobile.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 71400\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-116e8\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71400,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"a1652c5d9cfdc8933101f6334c943419","sha1":"c24d0204edd27614e635135fa54dffb3df1a6a19","sha256":"0d6e5d911168769f1fd97b841dba65fa47c8eed64c31195212747455a7959013","sha512":"aba0408242047f43cdfb4fceaba3bedbc2a2678fa2cb0560faeb8618ee4b17fec266bb7b10b5bd7afb2a0ceec9c08f6e4b325e8e157aaefc5bec4782df759e17","ssdeep":"1536:QAzffU/RvpQOznhhnbbcK4tvYLjnVqCRmIIjmZyCAwKI:QAzHmRBQOhJjnV5R+m44r","tlshash":"4d6312c642f1fe1b81a56b76de2f168ec5b659104034cade2574d1f8a5ac31b7201f2e","first_seen":"2025-09-26T17:58:47.865303Z","last_seen":"2026-04-19T15:57:19.466218Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5001,"timings":{"blocked":4746,"dns":0,"connect":0,"send":0,"wait":250,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/cobranded_desktop.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/cobranded_desktop.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 105513\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-19c29\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":105513,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"4c904b1f83122372be1245b7a49d37d7","sha1":"c7069d63fc664aabfe7328e468ba02d26f48b9d9","sha256":"7cd28c70a460f3b6e190bc990bd7937d8e62fbe976a9e43535d68d12348727ce","sha512":"cca96997a548f75fb2dbbba7bcff9a79b16f4bdfc35e7d00709b60c234ecea6a4a8597dd945be734616ae52e85502cc88d3d390edc12ed75b25db18b2d8c7020","ssdeep":"3072:3aJbfNJlI1wVNBTGg5yjpNsCC7T8XR7Hp8p:u5Jlue5yjpNsAXVpo","tlshash":"78a3127cb2dc0a8dffa2b914e8e8ba1b90df4488593f1a54341bf226d81467418753bf","first_seen":"2025-11-10T05:54:15.983382Z","last_seen":"2026-04-19T15:57:19.467556Z","times_seen":10,"resource_available":false,"data":null}},"time_used":4646,"timings":{"blocked":4387,"dns":0,"connect":0,"send":0,"wait":250,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/teads-fellow.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.238Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/teads-fellow.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:44 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 32934\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-80a6\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32934,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (32934), with no line terminators","md5":"1406350af50007678740e07934ca5539","sha1":"da1bb5998df12a667f0f57fd67ed8a7c80af1bff","sha256":"7189ffd22c444beec2e717742d6dc3728e4afd69fff9dcd8ea800f16ff17c137","sha512":"91c73ed8cfb29c63da2e99f126b87ff20424703eb7bd5e6be357338be623dddef128bb368d2905c2ca4e66de7e1edefd9874ea231b00decc98b5639277925a90","ssdeep":"768:uPHRQhDA7I6qNSla4az5hIpjDFE4VY6K6Lg9pi2He5vcHWFWcgQ6N2KPfeEZdc:upfkAla4azvIpjD64VVTvjEg","tlshash":"b0e2c9897995f47816b76065833bb310b32937213849d450a32eec943b15e9bf1a3fed","first_seen":"2026-03-30T14:47:15.613068Z","last_seen":"2026-04-19T15:57:19.468965Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1196,"timings":{"blocked":927,"dns":0,"connect":0,"send":0,"wait":267,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/events.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/events.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 9031\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:34 GMT\r\nETag: \"68ea2306-2347\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9031,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ISO-8859 text, with no line terminators","md5":"f2cf144288f8bfea64074a28d56785e4","sha1":"7e8059218d4ecf351773d688fcad4fb1ad8e4fec","sha256":"a920af56c8749e8055876a6c4ef106cbb4083dee1b2b02836240dc24d174098f","sha512":"a688ed0c1cd788d3a169ed2d83467641b42b9522a104beb3801f8916943241a9d3ce3a5e2d945731b3785543e5c46ee9136b9a158f40599f55a8d27a1d34f390","ssdeep":"","tlshash":"c72000000000000000000000000000000000000000000000c0000000000000c0000003","first_seen":"2023-05-18T19:02:57Z","last_seen":"2026-04-19T21:16:25.177124Z","times_seen":398,"resource_available":false,"data":null}},"time_used":1210,"timings":{"blocked":421,"dns":1,"connect":255,"send":0,"wait":258,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/flex_1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/flex_1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 37966\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-944e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37966,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"7295c61d3c68bcf0b0860b347d71a8e3","sha1":"16a0cc3ad44f1a94ecac6e50db0b57ced6d827d6","sha256":"ca9f86b39e0a0cff5caa253faa77f89c7208253f641be08eef454564903f582e","sha512":"65875aca25b751bcf58648e6c9229cc33b9f003ce58f8f87ae4a64eb2d7d64334c57c62bf59fbbc6d088314d0052d7e8b762fe5b0bb136c88c5d1104e5e8140d","ssdeep":"768:qlU9X6KfiqThssMv/q9inzrtSq04ukxEJMy4:q6ymXWYinzxO4ukxMF4","tlshash":"6703f166908d8ca6032141b05a41cd3a16b214c26456edfbf70eff7087a91bc87e5f76","first_seen":"2025-09-01T20:50:57.043286Z","last_seen":"2026-04-19T15:57:19.471553Z","times_seen":14,"resource_available":false,"data":null}},"time_used":5340,"timings":{"blocked":5081,"dns":0,"connect":0,"send":0,"wait":257,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/recover_desktop.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/recover_desktop.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 86974\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-153be\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86974,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"a7cde31ec47d104245b7061fbebf7848","sha1":"aacd4d9644de38156a74d9aa5a13a9b02172ae9f","sha256":"9cdcc38bd6db0216abac5b881d62c4298e137928544928e25cc6f38bfb6716a5","sha512":"d8ebef95e4ddb33991397f61d27324fa0f5d6469d8fae7dc28db1f1402fe28634770cdd3c02b2d8bab1674e7905593420e993c47bf8ab86043cf570e6e319fdf","ssdeep":"1536:ouD7YkZGS301rNkY1dNVY1+JiKrw1AZ+OF7uPrLQm7OlsxQ4+08EfYIB8H0:BEkZGS3/Y7QyzMwXZuPPbQ4J8Ef58U","tlshash":"368302e31e34817998182a778fa81818d9f59503c27c619fdc4e79a8dc9aef20f3144f","first_seen":"2025-09-26T17:58:47.974607Z","last_seen":"2026-04-19T15:57:19.472907Z","times_seen":6,"resource_available":false,"data":null}},"time_used":2568,"timings":{"blocked":2302,"dns":0,"connect":0,"send":0,"wait":255,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ll.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ll.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 57067\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-deeb\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57067,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"f3be6dcd5defc365dcb38bcbb81af5f6","sha1":"25538ccb4506f2bc9bfbc030ad2b2eeeeacf4df3","sha256":"8ece04494ac877c0db83d750d11a8ae13533745d736732010548ce3a812b5669","sha512":"c143f295aef954f651985b63ec0120bca3ddf3d4de36a93ab84365948792661e9d151f54de05a52a08898717699bfd24a59457701f99658822d28496c1131dab","ssdeep":"1536:pSYiVoqo2272kr5I8CM8+yzw+XmOTR/RCuP:dmoBND8HzwX8ZCuP","tlshash":"0243028e1436a1a3e62518f65347673d0af31e18796072d74ad8f3ca5c8bfb84dd02b6","first_seen":"2025-09-01T20:50:57.049111Z","last_seen":"2026-04-19T15:57:19.474212Z","times_seen":18,"resource_available":false,"data":null}},"time_used":4759,"timings":{"blocked":4501,"dns":0,"connect":0,"send":0,"wait":253,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ledger-flex-face.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ledger-flex-face.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 37246\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-917e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37246,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"dbc7f1640fd13c022a45f775cd99426a","sha1":"3e2ed4da87420b23b90bd0aef41785cfcb5b5cc6","sha256":"cbbcaa532698641012d3c58f8adc03239be315f5ae089a64c39ff95e3c782a7f","sha512":"ee5c8e752693ef2b753c63ff2e4a31926de74057875be88aed80d8bb77a7e26cfde284311144a678da718aa7590470819f2092ea60c81106f9f19463257eeeac","ssdeep":"768:RmMepdOJJuwTcfifBIvB2t6c/KIylI/eqdGYEORwP8ggFOaYjVNr3:sdI8ObfBI81/z13TRqv9jVl3","tlshash":"2cf2f17260a63f017a7d2f7fe112323e2757671a082851669a76700b8febf5c0a8ed44","first_seen":"2025-09-01T20:50:57.047603Z","last_seen":"2026-04-19T15:57:19.475064Z","times_seen":14,"resource_available":false,"data":null}},"time_used":4032,"timings":{"blocked":3774,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/SizeXL-TypeCoin-AssetUSDT.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/SizeXL-TypeCoin-AssetUSDT.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 560\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:48 GMT\r\nETag: \"68ea2314-230\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":560,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cd53f84f6e70450efcca5e46d568f38d","sha1":"1515a6d05c6fda40dbad8197f7f6ec92c740fd1a","sha256":"2852d2f1d57955c86999ae5b141da011992217db46b140d086af52beae3b3315","sha512":"d79709faa3145d5553c15bc8051889fa483b5f8542108b0b128b6dcd60d7af8cc5aca83a32e8b46398326608371de5992c622a3c3b5c3d5576213cd404fbb695","ssdeep":"","tlshash":"06f041860140091ab8cf2a0ef022c20a80224006c8c2caf29342b063bafdec4a911d9a","first_seen":"2025-05-06T13:57:35.301026Z","last_seen":"2026-04-19T15:57:19.476331Z","times_seen":337,"resource_available":false,"data":null}},"time_used":3168,"timings":{"blocked":2916,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Doge-Logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Doge-Logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1014\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:50 GMT\r\nETag: \"68ea2316-3f6\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1014,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"543d65e670d876c84732f514ad97f32e","sha1":"089a44db5438955fc5569504be0c975508688ad9","sha256":"f3d364665d9bf70838a2d825043b70a343a1bdef9ce9d73203d4733527e85223","sha512":"3f5d1686d46cfbcb0cd67f3385d57702a4f99175a7ca76ac8eb572cd23207ee426007d55c09b0bf21b1c066e31b0015c4ae17294335b4d2d69e34d72a792cebb","ssdeep":"","tlshash":"b611a88a55f34b0a2765f7b96e10cb1f91ae570021912c399fe77f1d3076431d40e457","first_seen":"2025-05-06T13:57:35.218716Z","last_seen":"2026-04-19T15:57:19.476955Z","times_seen":338,"resource_available":false,"data":null}},"time_used":3357,"timings":{"blocked":3107,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Chainlink-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Chainlink-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1032\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:50 GMT\r\nETag: \"68ea2316-408\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1032,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f75d2ef06922bf55a01596fcb4eb7036","sha1":"1494b78ec1a05a0e0e69b4b6219a35001ff5f349","sha256":"88dc65667008c89f31bbc28c701f47b23bbf784744532ac1ee7f8e3ce402d7b7","sha512":"06687829d3d23aa90e2e4b6cacec8f08b7916f9240d867575dd9d9b22e81fb1cde923a486848a4f7387d9d69108080ebbb1f6218166d48a412d6cb521e1ed607","ssdeep":"","tlshash":"8a11b205a0cc8828aa8216fe0911ff88675c5b2a8ad61a60ae9b6b30f6263f100c4894","first_seen":"2025-05-06T13:57:35.295318Z","last_seen":"2026-04-19T15:57:19.477564Z","times_seen":337,"resource_available":false,"data":null}},"time_used":3409,"timings":{"blocked":3156,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Arbitrum-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Arbitrum-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 2782\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:54 GMT\r\nETag: \"68ea231a-ade\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2782,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e64b75bf8d9c3e74a9f578596ce0d758","sha1":"1b9b5d5d2951d593187e10ed93492de0fd89f9c1","sha256":"9ef715adabad33b1057770961765ab7c627bed30f6a6cd732bbe26d826e6297a","sha512":"d0ccd8bf6b6c3f6400bb66c0dd662b1297724167d1d0fd7fa1b44b304350dfbb0c2a95b84fbc69b023babbe9406646c5e25b0ea1bf2d38188aa960503021a4d7","ssdeep":"","tlshash":"ad517c039b3c413a6e64f8671d7919cfca07210584070af2c268d7ea52bce01ef1a79e","first_seen":"2025-05-06T13:57:35.155184Z","last_seen":"2026-04-19T15:57:19.478191Z","times_seen":335,"resource_available":false,"data":null}},"time_used":3708,"timings":{"blocked":3452,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"use.typekit.net/vli5gyn.css","fqdn":"use.typekit.net","domain":"typekit.net","tld":"net"},"ip":{"addr":"23.36.77.81","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.typekit.net","organization":"Adobe Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 12 Dec 2025 00:00:00 GMT","end":"Tue, 12 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"83:B4:8D:3E:B4:3E:71:49:9A:8F:71:32:96:68:3A:1D:23:DB:38:B8","sha256":"F3:E4:84:49:06:CC:99:20:A8:A3:BB:DC:8E:3D:31:69:7A:CA:6F:5B:21:C4:0B:4A:3D:32:2B:D0:BF:07:62:69"}}},"request":{"raw":"GET /vli5gyn.css HTTP/1.1\r\nHost: use.typekit.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: text/css;charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains;\r\ncache-control: private, max-age=600, stale-while-revalidate=604800\r\ntiming-allow-origin: *\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\ncontent-length: 792\r\ndate: Sun, 19 Apr 2026 15:56:45 GMT\r\nakamai-grn: 0.6f4d2417.1776614205.e552ad9\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3183,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (516)","md5":"4c29a5eadc4aae2ac506115ee58db393","sha1":"eb7ea297e9f58e5ebc7ef93f5b85fc5a261f5a61","sha256":"c06158dd80917fbbf8df314eda48057cb3ec21884d73cfa708f82221f33ffb93","sha512":"8a613f93823d134a3342aa8196594d07a677b5714d013778a9b3c3089a56434969c8dd6564c9d6bd22048cda09cab826b1a8427a405c6606f1bcca1757920a3d","ssdeep":"","tlshash":"b661db61094841e2d0e44eb676cebb58a41f312e29d0dc9281758cb4dd7aeb7b341fad","first_seen":"2026-01-22T04:24:37.606422Z","last_seen":"2026-04-19T15:57:19.478858Z","times_seen":295,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":74,"dns":51,"connect":1,"send":0,"wait":34,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/fonts/icomoon.ttf?ovw2pd","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /fonts/icomoon.ttf?ovw2pd HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/index_files/main.css\r\nCookie: _scid=AYEhakTkERldWVwemZXliTSW7e_3l8qp; _scid_r=AYEhakTkERldWVwemZXliTSW7e_3l8qp\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\nServer: cdnbl\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"d47b646093dd84d34885a714ce4bd74e","sha1":"c4df23671b6440e29159093dc52cb8c4aa184597","sha256":"6807c84bf35d67496e020c1528303b87d4759933c09817e514a7159ac689d352","sha512":"906fb89d5ec9dc4338f9d5e26fdc9ccc041225157a8f114465449106128d69e9fbc7723b2bcdd56a17c74c29983f7126a1d970b24e3902a3c4e817834f21f338","ssdeep":"","tlshash":"29c08c2d25137c4c8563217432c36080c086832764aa42128440800331cb2a98ac7396","first_seen":"2023-04-15T19:52:36Z","last_seen":"2026-04-19T18:59:52.397297Z","times_seen":5207,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/gtm.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/gtm.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 571297\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-8b7a1\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":571297,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (34199)","md5":"72425a82bafe6be02d3f5cb7270dbefd","sha1":"62da2bb49a120b3e4292fd9ffe014aa01f4bbe98","sha256":"3287cf077206d5da88e0103a3e37b3df71ce15f297d8eda00d7480a27445cea7","sha512":"cb861f82b2860b8a697ae9d50d65162ccc7e076f6fec4aa200f040bac3e07df29733742144bb9f6d3785c88afa662b23fdade251349df7f38407004424794164","ssdeep":"6144:ckvL21r5v/LpHWhk0uwbWFiJQk+Nju5204OQl7Nmypts:vL21rFMC0KIJW0qmz","tlshash":"02c42bceb3c674758396a424543f018e693f24e2b54c9895f0d9cce42e746ba2163fbe","first_seen":"2026-03-30T14:47:15.567013Z","last_seen":"2026-04-19T15:57:19.479488Z","times_seen":4,"resource_available":true,"data":null}},"time_used":2166,"timings":{"blocked":1649,"dns":0,"connect":0,"send":0,"wait":254,"receive":263,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ledger-card-face.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ledger-card-face.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 12746\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-31ca\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":12746,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"09cc2c31b56d7bc94f60959a2e9fd956","sha1":"9d3e4edc5404aab1a7595948c4ab9c5b2a3777c5","sha256":"87d9e4db38d19c22ba7202043bee27c9a52a6ec7454a1e26f883472c6e7d5d77","sha512":"3136ef6e2ae09741df62815af29e0bf96e5711e890bbdabb5f5d01f225bb053b7a2a17f90d8f2092eb972ad866d166930a4e5529088e297a8ff108a70d6fc4c6","ssdeep":"384:Fg4ufzdnD6RzcYviDL2Zga+Bv5rFF2mPaN1:1ufp4BM2Zga4vjF/P6","tlshash":"a042bfdfaf955a9fcbf202700af76b193b2165480a249cd716a1a74f7717348e89ed00","first_seen":"2025-09-01T20:50:57.088852Z","last_seen":"2026-04-19T15:57:19.480701Z","times_seen":18,"resource_available":false,"data":null}},"time_used":4274,"timings":{"blocked":4018,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Optimism.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Optimism.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 8238\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:54 GMT\r\nETag: \"68ea231a-202e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8238,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"98b7d247460497b1ca826672466e714f","sha1":"5c45301b370cb223e08ec6030d97b49e82fe80dc","sha256":"a6ec953e943b74ea84774846d976e90900244cb423948f7ab457602fe46fdd18","sha512":"3b9715ec85b0f8a4880cc0997871a971896cded3819d6e3de03caceee4d7fde30fd722f39b1a098693e8dcca8b7efa9d862413062cb1cfe16350419cb55e4c86","ssdeep":"192:4Bt1e7ANy5Jiy7zQgJTuV+/d0XOHdlqJTiWiPuy:ot1eUNmpsSwO9YJeW2uy","tlshash":"b002bf2a35170c875c6442c0d0f2c6ca8fa30d1ae03f1beadd03a6c251aff71b218116","first_seen":"2025-05-06T13:57:35.16277Z","last_seen":"2026-04-19T15:57:19.481367Z","times_seen":323,"resource_available":false,"data":null}},"time_used":3686,"timings":{"blocked":3437,"dns":0,"connect":0,"send":0,"wait":249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://ledger.xzbya.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 321788\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-19T21:57:06.575092Z","times_seen":147371,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":254,"dns":10,"connect":22,"send":0,"wait":9,"receive":4,"ssl":226},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/30433690750.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/30433690750.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 288593\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:38 GMT\r\nETag: \"68ea230a-46751\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":288593,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65468)","md5":"ac5925e362904bffe0a911b3cb687a63","sha1":"6f16b5c9eb3cd999863066d695d2ff01fe852f97","sha256":"ec54b4a710a3c225e40f1dd17f1b8fad1bc8a886a11ffb0751097e40abb4d084","sha512":"5d8c096fa668f3fa81bf642670eb82ed6eef44749d0825c05e8292686337f32795d413596f4c9af387382fd049290e9e68a7726587b3c464c8db12562908b63a","ssdeep":"6144:EA9Yim4aAVELV9TqobhSrGOsPLS1VI9iLm:EYc799WJGxGk","tlshash":"5454089c75c1703707a370a4542f500aa23b6996a8dca0a4fa56f9d53d3d98ea337f3c","first_seen":"2025-08-11T22:43:56.647578Z","last_seen":"2026-04-19T15:57:19.481995Z","times_seen":21,"resource_available":true,"data":null}},"time_used":2230,"timings":{"blocked":1945,"dns":0,"connect":0,"send":0,"wait":260,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ledger-logo-long.svg","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ledger-logo-long.svg HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1993\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-7c9\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1993,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bab631a2479c23c7727cf637c7e005e4","sha1":"8314d7bb128be21c1b40ce9de4c76b524b651bcf","sha256":"088d1bf639f9a9e3f2ca38cf1ea4c88002c79d6f3e4706868aa3d9f27208109f","sha512":"f9cc6d7447d4ab817cbb5e516eb4f28982a1f30fc727f8551eab06ebb772b269b0e0afe95b28bb56a3d9ef31d59a0b3e491963fe6a2480f7b1ee5dcb0119a2fa","ssdeep":"","tlshash":"a941b4d84ab002fdcc58e9fe0b68312c696651e5f409449df7e39e2ead9844c8c4a2f2","first_seen":"2023-07-02T01:08:01Z","last_seen":"2026-04-19T15:57:19.48345Z","times_seen":602,"resource_available":false,"data":null}},"time_used":2660,"timings":{"blocked":2410,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ledger-nano-x-face.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ledger-nano-x-face.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 49893\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-c2e5\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49893,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"623de35d389312fb975d6580ceab0bc4","sha1":"51e47b3beba6753825c896665469d3c2d9fac753","sha256":"5e1800b12bf4db398b94face3ac118133f4f75acb93fcd63b2751cc2f23058b8","sha512":"538c7d448af428813559d9a675753830458b48db45d0484f12421cae1b51707cb0c818ef321f28584af749ace3ecdbbc8ac6348b915988b753450626ef24f9ef","ssdeep":"768:/v/KfDqklLZ1LQBZp+atPe3Nble+ZHeQEZXGghi8ZQNSsh/9bK2iyOAjA:fKLq+VJQBZwT1V42g/ezh/gklA","tlshash":"012302af26f69e668ecdc1855c259e21cbb33065641b1282ce30acd766308fb740ed4d","first_seen":"2025-09-01T20:50:57.037052Z","last_seen":"2026-04-19T15:57:19.484046Z","times_seen":14,"resource_available":false,"data":null}},"time_used":4163,"timings":{"blocked":3910,"dns":0,"connect":0,"send":0,"wait":250,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/partners_mob.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/partners_mob.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 41946\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-a3da\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41946,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"d4e2d5e34ae144dadde0f26cbf3094ad","sha1":"4e5916811a30359f16933f0e8357b59836447f14","sha256":"3665618643bd832c1fac42be614a158bb12e97f12a29c45f2247269fc5005c7b","sha512":"60a808858e271d17637a1dfa162f4af2b2c21c0226dbaf0d36c60799db8188afd01d518939b9344176885dfa1ceb1e273ca79c0515e2e9b4f4a3ddebe8a31bf4","ssdeep":"768:KiolKJAS1WP+Z3+LUnb6nOy0eeal9mOuOLp4qNX/GIa00BUvvotHhjOV4I74O9:KiOWAhhKuOeeI95f1B0B1tH8V4y","tlshash":"dd13f171fa4b3673da1121b6fd9987984bdab44b750707aec33eb90bc4c84a70614f04","first_seen":"2025-11-10T05:54:16.004332Z","last_seen":"2026-04-19T15:57:19.484843Z","times_seen":10,"resource_available":false,"data":null}},"time_used":5053,"timings":{"blocked":4794,"dns":0,"connect":0,"send":0,"wait":258,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ios.svg","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ios.svg HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1499\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:44 GMT\r\nETag: \"68ea2310-5db\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1499,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c48840ea68fc5cfd38a0ccbf3ad749b8","sha1":"3c85f6a72c486226512b2c2e8e7f55dbc3dfdcf8","sha256":"1c205b2d13092a1627aa2f0c5098ded9f8f1f7f8e1edff0697f4fba66a77a1e2","sha512":"8fd1e65f9c60e6f587f6818455a5977e7e496558e04faa7740c0bb4dc7d24999fe11718ffcd0f275f32408c03100159557de174087be01167da5b630ac4904f7","ssdeep":"","tlshash":"f73172a5f3c3a17ed491afb48d3690b838035883fd31f92554e82c2b694552e8c7a8df","first_seen":"2025-01-23T11:47:07.093432Z","last_seen":"2026-04-19T15:57:19.485511Z","times_seen":101,"resource_available":false,"data":null}},"time_used":2916,"timings":{"blocked":2664,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Tron-Logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Tron-Logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1292\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:48 GMT\r\nETag: \"68ea2314-50c\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1292,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9288fc6b6d82015f031fe8ea3c0db40d","sha1":"605a61fb6d9f4c544596df8526af2d9d3e45d482","sha256":"8fbc289849e8e8527e7fb927995e01ed04b2bc02331f3dc7e3530d740b3f91b2","sha512":"1f4ecec958301048ee2a83336027db25ff875b75fbc9ca759df6ff1416847d22fafe0d56d1fd7b820e4e294351b1a86584a6f6065ac9d3abef11b1a824c77e38","ssdeep":"","tlshash":"2d21a5f1fd9184a626cffa7ac5415c84a1bb050451aed00682cb1e568865911ba6421d","first_seen":"2025-05-06T13:57:35.275267Z","last_seen":"2026-04-19T15:57:19.48613Z","times_seen":341,"resource_available":false,"data":null}},"time_used":3162,"timings":{"blocked":2909,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Polkadot-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Polkadot-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1124\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:52 GMT\r\nETag: \"68ea2318-464\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1124,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1f973069a2a0f287e4c9d28f7e99e196","sha1":"55ab5d6f90b2663df28bdea4670047221fd79b76","sha256":"6ef3606f0bff2daa61ff46eeeb605cc179b0ae89f381642edf505da05dc2bbfe","sha512":"e715529a38aee0ddfc13cdd38ab12146248823f8569e657b3610259d122f2ce30ad7f06b2254ccff0173fad0883d42d1595cc9120c9cfa3a3997575ecb8268a4","ssdeep":"","tlshash":"dd212c3d8e93700901637d41d9305f70db4462a510eacb048a7c0cc4554b55ffecf48e","first_seen":"2025-05-06T13:57:35.186302Z","last_seen":"2026-04-19T15:57:19.486631Z","times_seen":340,"resource_available":false,"data":null}},"time_used":3444,"timings":{"blocked":3191,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Uniswap-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Uniswap-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1324\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:54 GMT\r\nETag: \"68ea231a-52c\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1324,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4ab66a62d9f1ecfe2c878252d2255197","sha1":"4a23fdc98864d05a30a2487d228fb95545e96e8d","sha256":"9f0bdd5cdba94323b4afc5d8aa70931c88f9871d805cc883d0584d460f6b5a26","sha512":"01d5633dd860b21943d85c3f71e34032a18a97abd85fc1ca67b357e079e389d43257adb4831d2f72b26fca64fe32db0c21d2f7a569b121de394d469fa862d274","ssdeep":"","tlshash":"0d2108699cd2b495c2abc03fb61b80916033a2cdf89e470eddd6c7c31715e0a2ac1e0c","first_seen":"2025-05-06T13:57:35.299969Z","last_seen":"2026-04-19T15:57:19.487223Z","times_seen":336,"resource_available":false,"data":null}},"time_used":3660,"timings":{"blocked":3408,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"op.zzneg.com/pixel/vlggcix4psJE28O3","fqdn":"op.zzneg.com","domain":"zzneg.com","tld":"com"},"ip":{"addr":"154.211.71.141","port":443,"asn":399077,"as":"TERAEXCH","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"op.zzneg.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 05:18:43 GMT","end":"Sun, 28 Jun 2026 05:18:42 GMT"},"fingerprint":{"sha1":"4A:73:3B:E6:4B:63:83:0B:C0:E0:65:06:35:0C:62:B9:1C:40:AE:74","sha256":"8A:85:44:06:95:66:35:A8:7D:EE:5F:0C:B3:A5:55:8B:2E:A6:BA:B8:08:64:37:0A:9D:AD:80:83:AA:ED:90:B5"}}},"request":{"raw":"GET /pixel/vlggcix4psJE28O3 HTTP/1.1\r\nHost: op.zzneg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: NgxFence\r\ndate: Sun, 19 Apr 2026 15:56:44 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nexpires: Sun, 19 Apr 2026 15:56:25 GMT\r\npragma: cache\r\ncache-control: max-age=10\r\ncontent-encoding: gzip\r\nx-cache: STALE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26861,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2975)","md5":"91a129dd3a1616f62a414194c0e574c4","sha1":"62f7c7bf96a6e2c2cc7ed4b632739b12fdc15c5a","sha256":"4ff6fccbcc8fecf9aaef1ad9328a2fb939f4b0793c4b82a70ce75f06b6ead616","sha512":"c169245ab091898ee30dda314c43da77f748c5f391bcb2a342945800931cb35da0484b77d5f80a7b48582f3f27de03a7a8809b46ca157c8b8f59a0b0cdac9c37","ssdeep":"384:pbpvD2A4JyZEUWjo2a8zRyAorY9jgh8niXPpZR+kXrrM5N:nD2A42qk2a8dorZBFrrW","tlshash":"b5c293595be61233515b6b6e7baeb080f137d15f36841a08bd4c0e802f49b7da2e0bf4","first_seen":"2026-04-19T15:57:19.487842Z","last_seen":"2026-04-19T15:57:19.487842Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2442,"timings":{"blocked":1026,"dns":563,"connect":265,"send":0,"wait":293,"receive":0,"ssl":292},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"op.zzneg.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/zcpt.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/zcpt.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 24276\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:34 GMT\r\nETag: \"68ea2306-5ed4\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24276,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (24276), with no line terminators","md5":"e432714e140fa19bf955e79743398c0c","sha1":"fdf73e454552a77bce1f6bc5d95a6f0cc20065ea","sha256":"191dafdb471b63abc2ce04277f21ff4eedb752d40c4b1b1491ff3b0f96aafb2d","sha512":"527cc814d14c63d4d3212e09a05e8a7257c94ae1020364fe478a86d802bd985399ed7416753d76c30be1c03356f6a3bf152b2bc63af1186468926cc2516b6ad8","ssdeep":"384:g7Mhaj+k/mKd6B0r2xNYCpNCVfIbVcSBND2NUErVc6mmEeN96zX8xXrOA1q:8Mhaj7/mXxHpIVfEc4NU5c5ghxXxo","tlshash":"cbb294cdbad9b1b803e364b1453f2a0ab33e2a19284d8094a151d5e13db9e4f5733fb5","first_seen":"2026-03-30T14:47:15.610108Z","last_seen":"2026-04-19T15:57:19.489251Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1479,"timings":{"blocked":420,"dns":1,"connect":261,"send":0,"wait":514,"receive":13,"ssl":266},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/buy-1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/buy-1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 38842\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-97ba\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":38842,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e5062fe05c5efaa7aaadedf67e8991d3","sha1":"1349b7ca0eaf3270ed63872293059d7039c1ceee","sha256":"7a37e37eced4c51591ce79f1fd56b9f9e8ee64fba5dca6c613a5c87407af1603","sha512":"43fe73ba469f20eeff24543f23b9a0c468f89d638c9431ee8a5f17c9c57029d961352c2e581ab7925b937f8b385c207d9094228685660a4c9e47913819e3c113","ssdeep":"768:E+eaOFMyQWUxricQTmjZevWh24QqK+qx6HYwtQIPOjlq5q1GSV82LIhOtC:0ZFgWcSmNwWhY1x6HYw0kE82LI0tC","tlshash":"0303f1365f043be435b526e9c070da47d541f99b35eca6c84f407e36a51438e228edec","first_seen":"2025-09-12T00:51:18.557212Z","last_seen":"2026-04-19T15:57:19.490529Z","times_seen":9,"resource_available":false,"data":null}},"time_used":5206,"timings":{"blocked":4955,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ytc.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ytc.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 19829\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:32 GMT\r\nETag: \"68ea2304-4d75\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19829,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (19829), with no line terminators","md5":"cca96295b6201a4ce80988bdae868775","sha1":"bde2df3c3022bb932b0cf39d2e8fc5f622d6cd16","sha256":"de25ff38288676dc79292a95d410944c2045e6e09c5e4563c40d08c615a20c54","sha512":"5f20765f1e840973ed1f3a3cc3d290dd0c1a36abcebb9699e74c34aec9d903da67bb83635ba33871e65a68b7958f7f172bbaadcf1b8aa00d90ec38805a60df4d","ssdeep":"384:s40C/yFxBacZb9QInrzOZVRjR8rSxnkhNgyyS82Xo44P:VuBacZqIXOvRHkrPyW8","tlshash":"7c92c989f7d5f0a503e3a1b1613fa90a7279192c1c6e9560b112dbc43c7cacb9223e7d","first_seen":"2025-02-10T19:17:35.519869Z","last_seen":"2026-04-19T21:15:56.284609Z","times_seen":34973,"resource_available":true,"data":null}},"time_used":2375,"timings":{"blocked":2114,"dns":0,"connect":0,"send":0,"wait":260,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/language.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/language.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 5243\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-147b\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5243,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (5177)","md5":"325912ad023c3761ba77a58c3ed6c962","sha1":"6ba2a9df348553109c5145e39e471b47b6d9a103","sha256":"e02fc6ccd35d37cf28a5ebbe3f655cc69524bebe740826bc8513e40c96a3993b","sha512":"f45597afa496c35e5dbb5d0658519975e0579ff2bbc27c80b48b3958c326d6fefc53b0d9eb3c41ee79ad01a448228604819ed761aebfb59200238e04e1dd26f2","ssdeep":"96:ttd6zr95qnps9DCpZCLuXLDU4Dpvspi52TCJvhXS:ttEzp5OpACpZ3X/ZDpvspi5ewc","tlshash":"46b1b6ed31c0f432069711b2503f760ff1791a65a85df8448225ecf4a8b9d9b42b6f6b","first_seen":"2025-06-21T14:06:44.355463Z","last_seen":"2026-04-19T15:57:19.493539Z","times_seen":99,"resource_available":true,"data":null}},"time_used":2332,"timings":{"blocked":2079,"dns":0,"connect":0,"send":0,"wait":253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Inter:wght@100;200;300;400;500;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 19 Apr 2026 15:56:45 GMT\r\ndate: Sun, 19 Apr 2026 15:56:45 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22743,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"03d386d3d51356518f1c932bd7d1f021","sha1":"f20bdaa14bb1dba0ae6b28e1c455976bcc6e0081","sha256":"e833d17f31411e640714d4c41bd3d264b7c2b48b4740ce7ea6d7988f50e58d69","sha512":"dcbd99af933cbe40c84ba846643ac9e9e5b070e391a04d2d608a0f89f470b31aea8bee06ba7048fb2e7140eaeb75ce1c990d32444736469826bee4c96ffb2dc5","ssdeep":"192:WpNmp9pKpO3tp3pxYp5NnWjO3GAxRKNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NP:WLmXoKtZIB1OKYXuM0p2+g7GQK","tlshash":"d5a28992002ba400ab971dc233cf7f3aaece10856085d1b96ffd0dc59cead66436876d","first_seen":"2025-09-10T18:54:49.359958Z","last_seen":"2026-04-19T20:41:33.024396Z","times_seen":5656,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":169,"dns":3,"connect":20,"send":0,"wait":32,"receive":0,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://ledger.xzbya.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 15 Apr 2026 22:33:37 GMT\r\nexpires: Thu, 15 Apr 2027 22:33:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 321788\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-19T21:57:06.575092Z","times_seen":147371,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":103,"dns":0,"connect":7,"send":0,"wait":10,"receive":10,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/fonts/icomoon.woff?ovw2pd","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:46.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /fonts/icomoon.woff?ovw2pd HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/index_files/main.css\r\nCookie: _scid=AYEhakTkERldWVwemZXliTSW7e_3l8qp; _scid_r=AYEhakTkERldWVwemZXliTSW7e_3l8qp\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 153\r\nConnection: keep-alive\r\nServer: cdnbl\r\nX-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"d47b646093dd84d34885a714ce4bd74e","sha1":"c4df23671b6440e29159093dc52cb8c4aa184597","sha256":"6807c84bf35d67496e020c1528303b87d4759933c09817e514a7159ac689d352","sha512":"906fb89d5ec9dc4338f9d5e26fdc9ccc041225157a8f114465449106128d69e9fbc7723b2bcdd56a17c74c29983f7126a1d970b24e3902a3c4e817834f21f338","ssdeep":"","tlshash":"29c08c2d25137c4c8563217432c36080c086832764aa42128440800331cb2a98ac7396","first_seen":"2023-04-15T19:52:36Z","last_seen":"2026-04-19T18:59:52.397297Z","times_seen":5207,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ytc.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ytc.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 19829\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:32 GMT\r\nETag: \"68ea2304-4d75\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19829,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (19829), with no line terminators","md5":"cca96295b6201a4ce80988bdae868775","sha1":"bde2df3c3022bb932b0cf39d2e8fc5f622d6cd16","sha256":"de25ff38288676dc79292a95d410944c2045e6e09c5e4563c40d08c615a20c54","sha512":"5f20765f1e840973ed1f3a3cc3d290dd0c1a36abcebb9699e74c34aec9d903da67bb83635ba33871e65a68b7958f7f172bbaadcf1b8aa00d90ec38805a60df4d","ssdeep":"384:s40C/yFxBacZb9QInrzOZVRjR8rSxnkhNgyyS82Xo44P:VuBacZqIXOvRHkrPyW8","tlshash":"7c92c989f7d5f0a503e3a1b1613fa90a7279192c1c6e9560b112dbc43c7cacb9223e7d","first_seen":"2025-02-10T19:17:35.519869Z","last_seen":"2026-04-19T21:15:56.284609Z","times_seen":34973,"resource_available":true,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/bat.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/bat.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:44 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 53342\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-d05e\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53342,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, Non-ISO extended-ASCII text, with very long lines (53341), with no line terminators","md5":"1df5830bbe52325787226aa04f43173f","sha1":"7ee960421489c55374a499e066e51d6ba65dd49c","sha256":"4965eb432d5ccdde0fe78dba5d33a8828b7f674b11f989f1356f59a837cdd854","sha512":"a854a167bda7ca0a300f8ad0f9494cdda340194e601ab512092739ed45e36abd1930f76b731ff29f63b627dcbc8fcaaacf94ebb61c87f5e6a7ad9b670a527f77","ssdeep":"768:Y7MOThic5rueIh+Q43mT1OoLQBD7f6y+GV/Oj7hu4Z:6MOTkc5fV3ULM7f6y+GhuR","tlshash":"db330a4333509a7645f9419c786a2903a336570e30be70ec7a8cf8e6945de4b7237b7a","first_seen":"2025-11-16T01:53:50.846204Z","last_seen":"2026-04-19T15:57:19.495209Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1736,"timings":{"blocked":1448,"dns":0,"connect":0,"send":0,"wait":284,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/ledger-live-app-face.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/ledger-live-app-face.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 86906\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-1537a\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86906,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"f944d7a5ebef23c8fa172c0d16f4b358","sha1":"30ee11408e44fe61728ecae24efc6d9c862cc435","sha256":"547ffc59d5ac19bd8ec802891131818eb98dda68e9fbfbfe8a6e04d1d0c8f855","sha512":"4e66e7ace02ce3e01be2a41ff0f52f33bc319151f49b209c244be5104f56d23bee830259c3e22f3f04e113d0826a5cccc13c98e39bdd5461a6239075ccd6cd59","ssdeep":"1536:k3Dg5Hn39pz4z0xuHicxDLAnYZY7skZqgYOix/p3Pp0rYUnd1/H1wkB1yOX:dXGYuHhfAnhTPYt6Y21tx5X","tlshash":"0483026e13f2cb482a84b137ed01b7536f1bad8199f29d6e2849f0cae1013d554d6f98","first_seen":"2025-09-01T20:50:57.060153Z","last_seen":"2026-04-19T15:57:19.496556Z","times_seen":18,"resource_available":false,"data":null}},"time_used":2574,"timings":{"blocked":2303,"dns":0,"connect":0,"send":0,"wait":258,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/card.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/card.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 31197\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-79dd\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31197,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"1c7acc595602b21bee879ab89315ad48","sha1":"90a8f890e94a6f64c3f3f921ceb3c85de0980465","sha256":"b52c2bbb56e2cf20787740eaa72ad4e69dfe133b4515ad704ed623344c0d3c76","sha512":"fa28bc65c1279e48f31cd7b7b7e6e39572f93886712ac38b1bf0fd91c6c2d39cdceaf2ea142793ea5f5abedc1f7792a1315f68fef88a6f2f4e1ce97137e912db","ssdeep":"384:k9Ai2BzrESyjBVq/Iq42dIsVZ6xNkdAUVcTtXy+kWwnunpPWCRtj9hEmA/:sAiS3JyG22FVZ6XJUVcpi9undT5Z+","tlshash":"86e2e0e7b924cab9801131bd8a23075c9733aa36f455d781a32cb79072f1bcd18eb645","first_seen":"2025-09-01T20:50:57.068799Z","last_seen":"2026-04-19T15:57:19.49726Z","times_seen":18,"resource_available":false,"data":null}},"time_used":4910,"timings":{"blocked":4659,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Dai-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Dai-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1012\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:54 GMT\r\nETag: \"68ea231a-3f4\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1012,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8b3ee826f96cf7148500cbc4aff416b8","sha1":"a9b9901d7afd9dacda80b7403b3e8637530a72ad","sha256":"5de46c0b089a0c716cbb2bdad6c64bc01453e1ad5685774a38d905c472e435e0","sha512":"4e025dc425816e1c7ab323b48b5996fe016f1433853d8c7f0fe54071eba7d29f47e9fa9ebb7fb43f17fff7bc2cae9cddca6dba63f0a479cd627ddf808e6aa85f","ssdeep":"","tlshash":"df11c400cdddba6aba4fa3808690f1cc2b70184a3084029a192f5ed0f88d7c80dfdd88","first_seen":"2025-05-06T13:57:35.210135Z","last_seen":"2026-04-19T15:57:19.498757Z","times_seen":337,"resource_available":false,"data":null}},"time_used":3601,"timings":{"blocked":3351,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/A3238801-f82b-4109-932d-bf396d31cc2d1.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/A3238801-f82b-4109-932d-bf396d31cc2d1.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 47300\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:34 GMT\r\nETag: \"68ea2306-b8c4\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":47300,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (47300), with no line terminators","md5":"3d586176ab46ead9262fdcc4d1996c70","sha1":"14d96c6c9ed3f60a431eea94f7e7515943751371","sha256":"10e0266eac8cb51b1a73e7e38aceb722f28d157a8b49dd9f0967bca2c90a8457","sha512":"65010a87f6b83d0c4d49e282ddb534f3ddb036029c7064700e97fc219ee8b87f8163970906077bd879938f71075383f27bf010cd7970478423900e62219dc6b5","ssdeep":"768:+MCyCh6YMhqIBCQYQXS+ZP2jXtG48i9eXCg3k/W/:+yCfTK9ZP2jXti3D0q","tlshash":"702308cd7ed2706a4f63b0e4042f6049717b1e513cfdaad1c292e5986c78a8d4163fad","first_seen":"2025-06-21T10:40:41.933101Z","last_seen":"2026-04-19T15:57:19.499373Z","times_seen":17,"resource_available":true,"data":null}},"time_used":1428,"timings":{"blocked":669,"dns":0,"connect":0,"send":0,"wait":507,"receive":252,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/banner_bg.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/banner_bg.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 9624\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-2598\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9624,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aec7ccdabbacd2a8eccda0a94b99ecde","sha1":"f364c003059634d655fc1633cd731faeecdda307","sha256":"e8531e1e4e6c0d028746a9b9f18da30fa352318dbb256fe0347f5e8c38823c94","sha512":"ff1d3d3c5043d29db57976677b622ef75a93b9449c559004889d7e7f9cdc8e916237a33e214778cd3de6c906d48650b7ad1b49f906b2828002117b1db730b21c","ssdeep":"192:6wTmsloLpM7LUq6+9JJfY19p18UKhFfyB99blrgRaTDqiiVYfiaDPYSXGX0u5z+:6wTmsCqD9XfYPSFyZJrg06ilfdDYSXGS","tlshash":"3212af7c13fc2191e4b7bdba6e8fafe993680417e24d7b0ac19245671b044065a231df","first_seen":"2025-05-06T13:57:35.268232Z","last_seen":"2026-04-19T15:57:19.500051Z","times_seen":117,"resource_available":false,"data":null}},"time_used":4222,"timings":{"blocked":3970,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Ethereum-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Ethereum-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 1022\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:46 GMT\r\nETag: \"68ea2312-3fe\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1022,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ff691e0b0129deaa9c266de47f3260ee","sha1":"00e3e2becb57d1410948a77f5a16927d722171d2","sha256":"727b0356d4864bcd3903ffe5029eb839e0831f338c16b47258cc19af135ca569","sha512":"53198f3a5505a2741921ce2efc2b76a6befa55b57de19fa8bb0211abb6efa38e0644cecba2c18392242f791886fd8fbd6953ec1eb09bc985bc79e1731dff4bfa","ssdeep":"","tlshash":"8011a868f305d4ee566178472600be51790969904b0ae0837d538bb13b45483fe554b5","first_seen":"2025-05-06T13:57:35.132536Z","last_seen":"2026-04-19T15:57:19.50068Z","times_seen":340,"resource_available":false,"data":null}},"time_used":2958,"timings":{"blocked":2702,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/bnb-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/bnb-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 11918\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:48 GMT\r\nETag: \"68ea2314-2e8e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11918,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a897a71c2e5f4c1610050c0401df78c6","sha1":"572962f3b789be3515d69320f767ffe73218e79d","sha256":"43c954312230a84630631330eda60a2641f3987bbfae03a378d548f82ce4288c","sha512":"3858e7db7f959ddb43682ab80b6e2161291da6fb84bf99255400aabb1656dcf21e9e61f9f8988a2e6c476d71b058266219d7ea67cdfccfe2aa5f2b557d1931bc","ssdeep":"192:uFwMKyP21sLYHrtG737fDxKyldba9iosVMcJK1SixZMZnHh/yBpAAtFupMzT71mH:uFwM/QRHZUndHWiXpK1pSZnBKBpAiP7M","tlshash":"ca32c0efef8ed6ce49d87e121a3520fe0d5bca86487b4a3ee90514440c4a5fd271ad91","first_seen":"2023-06-17T15:49:31Z","last_seen":"2026-04-19T15:57:19.501415Z","times_seen":461,"resource_available":false,"data":null}},"time_used":3197,"timings":{"blocked":2947,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/shiba.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/shiba.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 11562\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:54 GMT\r\nETag: \"68ea231a-2d2a\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11562,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d8de0ed4c56491a3e369487a82c787cf","sha1":"a73a3164675c6d9440c1a28d904577e96398ef08","sha256":"9a7cf5f021050369e32bb8ac4a5603b85b42472475bba80760b45be53bc5b173","sha512":"da660ac1524b049d27a65ab7ea944f5712e2cd9d6b26783c6e777624c1fde7f2edc89d6126eef44642a01416994260841c6da2ccf839ff4693f0974ee4c61f41","ssdeep":"192:S9xq2cc919VUgQce2SUQAZsn86peSFJlFUndgUMcvMJKlkl3SJf76U:QjGcTQD86hFJLUd8yMJKlxJfN","tlshash":"5932c0b351b09ddb0e30f6dbe62c2b8a248946d3ca4456256ae3442e44737eb5ffe160","first_seen":"2025-05-06T13:57:35.28629Z","last_seen":"2026-04-19T15:57:19.502028Z","times_seen":343,"resource_available":false,"data":null}},"time_used":3657,"timings":{"blocked":3403,"dns":0,"connect":0,"send":0,"wait":253,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/237213137153741","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/237213137153741 HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 126147\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-1ecc3\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":126147,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (5221)","md5":"84662f7a44e4cf921b5c94cfe3bd2e1e","sha1":"95a4505d7de4bf58364c9cfb395af0b079177b59","sha256":"88c8d74afcdb9f90b2058ef3f3b2eacb84b9a5afc02867db35ad787d45020dc8","sha512":"fe7c8eb348fee8e4aeeb72152d594fb0feed03abbb45360143aa45f9015415017e6743034698206fe19995aa94f9025e0b0fcbc524ac17a9fb86b658337b4fa2","ssdeep":"3072:RT4h73Xb51u2K2hv5+JEclRZ9D7etimuZ:Rkh7nb51u2KUv5+JEclRZ9D7C38","tlshash":"f6c3a685b1d1b06382b6b969a67f410b75f999a3b0c4c920d58cdcc43fa90f94173fab","first_seen":"2026-03-30T14:47:15.594476Z","last_seen":"2026-04-19T15:57:19.502653Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1444,"timings":{"blocked":665,"dns":0,"connect":0,"send":0,"wait":259,"receive":520,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/pixel.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/pixel.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:44 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 84141\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:36 GMT\r\nETag: \"68ea2308-148ad\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84141,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"eb14bcfa4187fe74e1313ae206093ff7","sha1":"886a2f0ba365fd0671378a010ddfff0fd736eb46","sha256":"da56228570704e43f5b3f0cf89d88ff2e4fb302aa9eb246f258c42ff6df86143","sha512":"0793c0b2d58fe421de7d1677fba44681e3674f2436d534d84b738001a16d27787133a6acafe6c18c5bc8a8d6938e363f3a639a9c2cd674fac9c7378d167875fb","ssdeep":"1536:2jR2XUSQvo3Kvo3lvo3RibBhwxkhfwiEEvo3MYv:2jRw7KRiPwiEFR","tlshash":"3d83e78cb2c3f06653a72961513f500bf23a3956bc8e8151d669d4e1bcb898f9237f2d","first_seen":"2025-10-08T20:43:11.268474Z","last_seen":"2026-04-19T15:57:19.504015Z","times_seen":2242,"resource_available":true,"data":null}},"time_used":1659,"timings":{"blocked":1394,"dns":0,"connect":0,"send":0,"wait":254,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/live.css","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/live.css HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Mon, 30 Mar 2026 09:02:10 GMT\r\nETag: W/\"69ca3c12-c181\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49537,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (49537), with no line terminators","md5":"5c9dcf41b6e1e4fd057755430f347fd2","sha1":"1c5bd200897c622f3b2c42bbabe380304365318a","sha256":"bd8f5e01173caa7e504ec7fdfecece1a23f231caf1a48afd4c813ecd668b90db","sha512":"4c081d57a4b115619fb315ba76b684876fb3553ca4ba0376c4f6df35e4428b55ffb4c5ca971c7839450c05a355e9ac0d7a4db3b941a39e8a8859a2a843fa9486","ssdeep":"384:qSqXKiTj6bT41JyNE/+AJ+wbkmANJ1DJwTxgJvVk1U87YqaR7KDqaRQwM9qqaROE:2cKmcM9tOZYqVbwMR/Agd92wj","tlshash":"3223b713ad61723c6dbf463bb47675a89638c802eb4b5bfd88d2d629d3dc3300136999","first_seen":"2025-10-10T10:25:49.054923Z","last_seen":"2026-04-19T15:57:19.50543Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1991,"timings":{"blocked":1731,"dns":0,"connect":0,"send":0,"wait":260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/quest_desktop.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/quest_desktop.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 289947\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:40 GMT\r\nETag: \"68ea230c-46c9b\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":289947,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 504 x 480, 8-bit/color RGBA, non-interlaced","md5":"149c29b805fef62d9e84b539be20c6c1","sha1":"9364c70c83b67888dcf07f735aff5eff592bc6f3","sha256":"8c8cc6030f892e3bd855487b114dc42ef7d21bf6780f6fe5afc7a469ce109a04","sha512":"2326efa32a85465132e4dc1b5f191a420670726ffa49e743a5a0258e0c697c23fdc1077d7386b0439cabb4b6568401663449047b2718ea0d935301f156015eb1","ssdeep":"6144:ouMJ5KAFsEOa79iplUYeOcmvXmdk3X4hXtIlUjhDVbKKJGUrS:ouMJ5KOsesDqmvXmOHwq6dgKJGUrS","tlshash":"475422e3006ecd8aaf51347916644be7a89774cc91ee04b66458337ee0abc3e094a71f","first_seen":"2025-09-26T17:58:47.859444Z","last_seen":"2026-04-19T15:57:19.506045Z","times_seen":12,"resource_available":false,"data":null}},"time_used":4495,"timings":{"blocked":4212,"dns":0,"connect":0,"send":0,"wait":254,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/cobranded_mob.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/cobranded_mob.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 40791\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:44 GMT\r\nETag: \"68ea2310-9f57\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40791,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"fd426103cf4b154d85cab8b61aa90f91","sha1":"23f39e0c5ede3223efa87e4807f883a49ecebd8a","sha256":"40bbbcdb1b9afbbb98600393337ccc07d98435dce73da65ef6cd3b217202409c","sha512":"bf873a0ed53c7e04a147447d334a71421edcb83eadf2be3bc7aaeb2809c69048a2af47a42b899c3c9ad520d6db71afeb2fbb5fea6506656d9dae332b198dac39","ssdeep":"768:4DHg9KU2UnaLuOXsL5Adg9mZLauvbNexJY+IacXxgm6IOl4x372S+9:oHg9z2UaaZ6G9mFvbQPYpa6xgFx4lySw","tlshash":"d503f207963cb89e68961023c0531524e245449ddce26eff5c267fd538ab2dfe44b3e6","first_seen":"2025-11-10T05:54:15.936636Z","last_seen":"2026-04-19T15:57:19.508151Z","times_seen":10,"resource_available":false,"data":null}},"time_used":5149,"timings":{"blocked":4894,"dns":0,"connect":0,"send":0,"wait":250,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Bitcoin-Logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Bitcoin-Logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 6516\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:46 GMT\r\nETag: \"68ea2312-1974\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6516,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"343868ca9fb7701613ec9e0180184728","sha1":"9f8147e8c3667ca207f06e4704c7519f2424b448","sha256":"24851fb7592d7bbfc727b1f048bb661d8e7342fa5657c0a5f20b682137b9b433","sha512":"b7b9ff3e07f2c8fe70e43c0a3c4fd28936e938285ec3136b67d922e290591291fd63c778e5314f0387182390f27b7e1cdc5011d79b06999e9fc30ba5d3227758","ssdeep":"96:dxu8UuVsjvdT+fODGtWLbCR+Lx+IPOwgWbNo5BO8VeM7pVlAyUSwRApiMOxWu/1b:dxtUPjVfrbCMxT2wguGsmeMpGOiXZRHx","tlshash":"66d19ffc7cf38948530170a6375a478ed6af00b1aa81a3f69fe3e92e4b743c15b99540","first_seen":"2023-05-14T08:25:50Z","last_seen":"2026-04-19T15:57:19.509609Z","times_seen":538,"resource_available":false,"data":null}},"time_used":2953,"timings":{"blocked":2703,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/monitor-1.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/monitor-1.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:47 GMT\r\nContent-Type: image/webp\r\nContent-Length: 57842\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-e1f2\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":57842,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3416d62e5bf9506c2e19091bef9b0887","sha1":"7135806789e5f8693190a25713eeb324b21f3ebc","sha256":"84806279ad3bb3d8ccfa22aafed051b49192fad6f82362482e13e778a8ab496e","sha512":"eab1ee5ec199cc7f64a001326161d6c826dcc5c6c43f32da9da8de193ee240ef85f93d32340e22610f74c23b6d58c7ed6e30097edf73dfd32facbfafd9a3ba3c","ssdeep":"1536:Jf2Q01H92g3oPdFfmT6tx42UQS9aARNH0Ww0UgA9S0Q:9CJ4vfW6zIWiNHYX9SP","tlshash":"b743f1bde074b201f663e0eda54253e819d97849e75d9f45bf882b48b894cc3d880b7a","first_seen":"2025-09-12T00:51:18.546177Z","last_seen":"2026-04-19T15:57:19.510363Z","times_seen":9,"resource_available":false,"data":null}},"time_used":3904,"timings":{"blocked":3648,"dns":0,"connect":0,"send":0,"wait":253,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/main.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/main.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:45 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 7548\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-1d7c\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7548,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with very long lines (7548), with no line terminators","md5":"7b90093807953532f3fdfb8f3e5b9c87","sha1":"e49fae395e8f5207e7db6c69f8360a0af0a582a8","sha256":"00ed171e672008f342169f1c9d4f5e748bb3f6f6df556ed6c1052660092f1594","sha512":"22a27039081f71ffc9b1b55960e3d3b50c0bd4a7499c3b771878291ad8c7d0609c4a4c61ea67ef36bdf1f3689528d509725fbc954593cdcc8035876f3a555bda","ssdeep":"192:VaqUQRTkk750how73yRqWDBJA5bI78i7k:c/Ekk7lcAA5O8X","tlshash":"0ff1a666b61864fe01fb62a3f17f3370323b1557fb9144941426d4a62dace9802b3fda","first_seen":"2025-06-21T14:06:44.311309Z","last_seen":"2026-04-19T15:57:19.511657Z","times_seen":65,"resource_available":true,"data":null}},"time_used":2172,"timings":{"blocked":1910,"dns":0,"connect":0,"send":0,"wait":261,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/entreprise_mobile.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/entreprise_mobile.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 36128\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-8d20\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":36128,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"5625117325298d4aee0dcacec75ee6c3","sha1":"39369bb74418db4f078bf704195fc473e1bfbce5","sha256":"05ac21fae129131f9073a4b46ec6754659b10f017a522213b15a3f66ad35ab81","sha512":"388914447a282a852c04a427c003178a1e450c478d01a0cd726ac0456d88c0e749d9e8bda3e660f4c2f6be698c6b6bda103eea6670957947b6b4813825f30d0e","ssdeep":"768:wUwJ72yuJwVkCVjcjqi+z86o2OljZ0YA2G2NVc1ATqRn:wUWTuJwCS+X+zY2OJat20ATqRn","tlshash":"0cf2f2d8821adc3f07ec58ba27a7660e8e52f17e53850137ef0ced059a1d4cb804a75d","first_seen":"2025-09-26T17:58:47.929637Z","last_seen":"2026-04-19T15:57:19.512378Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5037,"timings":{"blocked":4780,"dns":0,"connect":0,"send":0,"wait":256,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-19T15:56:41.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:42 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Mon, 30 Mar 2026 09:02:10 GMT\r\nETag: W/\"69ca3c12-278d4\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Yoast SEO:26.1.1","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":162004,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2411)","md5":"304d560253ac9f3f4cf3c908fc28f792","sha1":"ac08a033ca7a9c2eb04058bff66bb4adfd347bf7","sha256":"b772196470128143024ad8e8cf14eee13e1bf40ea0496c448444ac6379419dfc","sha512":"6bd8a490ac81023471688f3170a2fc0cb8e1d40ea4b478565bce8390046c84e89051bc16b51f706b685708ac8c1ab6a88949062f01bde6ac915950568730a0a1","ssdeep":"768:2K/lTh7Ij1hAxcaTKw+rI+rFIM5BjZHoSXvEpsKmOu4mNm7FRutlt82Ynw7G8Mca:2Pr0MXZTXvEprmOsN6msw7/Ds","tlshash":"44f3f671a5f085e62047c791e6b7362a7fb5e063ca0ace88b1ac97d49f92cc1cd0795c","first_seen":"2026-04-19T15:57:19.513124Z","last_seen":"2026-04-19T15:57:19.513124Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2492,"timings":{"blocked":990,"dns":477,"connect":251,"send":0,"wait":499,"receive":13,"ssl":258},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/5fefacb2-108d-4d83-8c43-7b198bce2a67.js.%E4%B8%8B%E8%BD%BD","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/5fefacb2-108d-4d83-8c43-7b198bce2a67.js.%E4%B8%8B%E8%BD%BD HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:43 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 206\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:34 GMT\r\nETag: \"68ea2306-ce\"\r\nAccept-Ranges: bytes\r\nServer: cdnbl\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":206,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JavaScript source, ASCII text, with no line terminators","md5":"191effeb52d97e714ae2b758c4b301e6","sha1":"1bd4266d9cc34f8495d3def47d0bbd71ce3ea6ca","sha256":"7675b58524d7afe522fc4f4fa3817acad86b7e3bbfc1e1f3b34d37cbb24f6ff0","sha512":"07897e0fb6ed5cc0e6d6af67336d2e796bc066f545ad0c88593c297dd68893c21d70c849d440b9b2ef98fc209cde1fb2662eadcbb5ffd7e02dc828b2c3d8fc57","ssdeep":"","tlshash":"9cd02264b5a804162d4b64d18067ce8060ff722a44c4962a5f880d4c57dc6bbca78062","first_seen":"2026-03-30T14:47:15.593696Z","last_seen":"2026-04-19T15:57:19.514396Z","times_seen":4,"resource_available":true,"data":null}},"time_used":1184,"timings":{"blocked":414,"dns":0,"connect":250,"send":0,"wait":253,"receive":0,"ssl":262},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/nanos.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/nanos.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:48 GMT\r\nContent-Type: image/webp\r\nContent-Length: 34324\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:42 GMT\r\nETag: \"68ea230e-8614\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34324,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 192 x 240, 8-bit/color RGBA, non-interlaced","md5":"a819b5f7e7cc3fed3d69a68d0f1630a3","sha1":"6003894820020aa43540dd5019222454db7b217b","sha256":"8c0107e06c21f5516d12ff43da35861ea0b8464cf64bdf8f767fcac60ef47ef5","sha512":"923725159cebc50e6568ed15612f4f288e93c1f9207652be687656251967cb039b30648746e2560ab1d4d70094f7dffdefab23523a119d3059f9ede1c6582873","ssdeep":"768:eM+YvwdQtZXczOJ/xB9bGrghJuigqXITOGUaQaJ:VzaQrciJpHTy/i5aQE","tlshash":"2df2f1fbfd0c1c55db7daeaaf02f5e59d738a14a904323109801ca05ba02997ce34b6e","first_seen":"2025-09-01T20:50:57.054989Z","last_seen":"2026-04-19T15:57:19.515543Z","times_seen":12,"resource_available":false,"data":null}},"time_used":5499,"timings":{"blocked":5246,"dns":0,"connect":0,"send":0,"wait":252,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/Solana-logo.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/Solana-logo.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 926\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:48 GMT\r\nETag: \"68ea2314-39e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":926,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a828c90fb2fcb3788711b09dfb695591","sha1":"7b0fa881ce054bbe31892a1b252ebb91380e16d1","sha256":"7521112b5a6bc302a5e2102cac7f643a0a5f8f61dd20765cae1e73e5d9ef6bb1","sha512":"cbdd8cebd399178700b049ec609b4710531c3e46293605b4d9c8f67b6da6daae61e846abdb8b4658023a64b20a7e47d642454c465cff84a71f33d12cc9768d2a","ssdeep":"","tlshash":"bc11b79f157562420bf2281fb358531a0f58a2f1eec0e9df0123297baa2fca11b6595d","first_seen":"2025-05-06T13:57:35.296393Z","last_seen":"2026-04-19T15:57:19.516796Z","times_seen":340,"resource_available":false,"data":null}},"time_used":3208,"timings":{"blocked":2952,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/matic-token-icon.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/matic-token-icon.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 5902\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:50 GMT\r\nETag: \"68ea2316-170e\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5902,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8c4107feb545528edc12cdb4764c9619","sha1":"0819587079d6ae99114fa42f023d6bd9c848eeec","sha256":"115208b6ee88ae6fc995b6833ad5c19a2ac4dab8f1d85871c28ca2de46c222a6","sha512":"328c1e89892b3084260a9df2fe60cd639bc34cbd33d2398da1483a380eb80f5cc85e70eed7398669626fef2e744198a727b6ed420f86cc4c7fe64cb997618a7f","ssdeep":"96:47ivxjt7QnMAqp5vHlUmJPSaFob8DzfbyJA8LxPhFO5baLYu3shsB4TAoZi+oBR2:DvltsnMAqPHltPj88POJfX8LCciHrBbk","tlshash":"d6c19d938f3c2452a2ef1e97bc4f59ebc6c9ef91175992a25c6eb1303274f129111c8e","first_seen":"2025-05-06T13:57:35.288717Z","last_seen":"2026-04-19T15:57:19.517401Z","times_seen":106,"resource_available":false,"data":null}},"time_used":3414,"timings":{"blocked":3162,"dns":0,"connect":0,"send":0,"wait":252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ledger.xzbya.com/index_files/USD_Coin_icon.webp","fqdn":"ledger.xzbya.com","domain":"xzbya.com","tld":"com"},"ip":{"addr":"143.92.39.211","port":443,"asn":152194,"as":"CTG Server Limited","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:43.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ledger.xzbya.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 07:20:54 GMT","end":"Sat, 11 Jul 2026 07:20:53 GMT"},"fingerprint":{"sha1":"DE:96:A0:D3:F7:DD:87:CB:D4:C4:96:26:C8:D2:52:DF:EC:FD:33:24","sha256":"71:28:D2:AB:C2:62:36:28:7F:CA:25:06:12:2E:9C:EE:48:30:B1:A2:19:D8:CB:1D:27:75:99:60:52:F8:00:66"}}},"request":{"raw":"GET /index_files/USD_Coin_icon.webp HTTP/1.1\r\nHost: ledger.xzbya.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ledger.xzbya.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 19 Apr 2026 15:56:46 GMT\r\nContent-Type: image/webp\r\nContent-Length: 9348\r\nConnection: keep-alive\r\nLast-Modified: Sat, 11 Oct 2025 09:27:56 GMT\r\nETag: \"68ea231c-2484\"\r\nServer: cdnbl\r\nX-Cache-Status: HIT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9348,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"42a17d8c2dad5e493480d455b8d7e7db","sha1":"9867cb4cb68a6f40f7e400ac78370ea7a32812ad","sha256":"afcaf5f1e29f0f14827e78dabadbf27798d5475686527437cc5dc81541002ca4","sha512":"c1ad27e451a7fe22f7c96f279ffb36ac3eb8e2f79b77ff07f2b5bc72c02ee5342897d7e22660eadea61e59c7e2a93cccd757a519d4e3df65770fd61612c81b20","ssdeep":"192:Tpkn/9Z/Dn9xGeLVlOjqscRcBo6MYh8Zrl1x2VaRs1s0btWdh7O/VpMQ6xS:6n/ryOsIH2horIIRsm0btWKoE","tlshash":"9c12af2ed4e6509be44beaed6291fe468d20cca00130743855992fd277b1eeed46bcf0","first_seen":"2023-07-07T05:08:35Z","last_seen":"2026-04-19T15:57:19.518061Z","times_seen":395,"resource_available":false,"data":null}},"time_used":3725,"timings":{"blocked":3466,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-19","alert":"Sinkholed","trigger":"ledger.xzbya.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p.typekit.net/p.css?s=1\u0026k=vli5gyn\u0026ht=tk\u0026f=1982.2005.2007.2009\u0026a=82434219\u0026app=typekit\u0026e=css","fqdn":"p.typekit.net","domain":"typekit.net","tld":"net"},"ip":{"addr":"23.36.77.57","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://ledger.xzbya.com/","date":"2026-04-19T15:56:45.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"use.typekit.net","organization":"Adobe Inc."},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Fri, 12 Dec 2025 00:00:00 GMT","end":"Tue, 12 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"83:B4:8D:3E:B4:3E:71:49:9A:8F:71:32:96:68:3A:1D:23:DB:38:B8","sha256":"F3:E4:84:49:06:CC:99:20:A8:A3:BB:DC:8E:3D:31:69:7A:CA:6F:5B:21:C4:0B:4A:3D:32:2B:D0:BF:07:62:69"}}},"request":{"raw":"GET /p.css?s=1\u0026k=vli5gyn\u0026ht=tk\u0026f=1982.2005.2007.2009\u0026a=82434219\u0026app=typekit\u0026e=css HTTP/1.1\r\nHost: p.typekit.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://use.typekit.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: text/css\r\ncontent-length: 5\r\nlast-modified: Sun, 01 Dec 2024 12:58:09 GMT\r\netag: \"674c5d61-5\"\r\ncache-control: public, max-age=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccept-ranges: bytes\r\ndate: Sun, 19 Apr 2026 15:56:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"83d24d4b43cc7eef2b61e66c95f3d158","sha1":"f0cafc285ee23bb6c28c5166f305493c4331c84d","sha256":"1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb","sha512":"e6e84563d3a55767f8e5f36c4e217a0768120d6e15ce4d01aa63d36af7ec8d20b600ce96dcc56de91ec7e55e83a8267baddd68b61447069b82abdb2e92c6acb6","ssdeep":"","tlshash":"e630000000000000000000000000000000000c00000000000000000000000000000000","first_seen":"2023-03-12T07:28:04Z","last_seen":"2026-04-19T22:02:28.067272Z","times_seen":128582,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":67,"dns":41,"connect":1,"send":0,"wait":2,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}