leedger.ledgmker.com Open in urlscan Pro
2606:4700:3031::6815:2e28  Malicious Activity! Public Scan

URL: https://leedger.ledgmker.com/
Submission: On April 10 via api from US — Scanned from US

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3031::6815:2e28, located in United States and belongs to CLOUDFLARENET, US. The main domain is leedger.ledgmker.com.
TLS certificate: Issued by GTS CA 1P5 on February 29th 2024. Valid for: 3 months.
This is the only time leedger.ledgmker.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ledger (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
14 172.67.223.144 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a04:4e42:200... 54113 (FASTLY)
5 172.67.72.144 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
26 9
Apex Domain
Subdomains
Transfer
15 ledgmker.com
leedger.ledgmker.com
1 MB
5 ardalio.com
app.ardalio.com — Cisco Umbrella Rank: 135355
8 KB
2 gstatic.com
fonts.gstatic.com
61 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 454
21 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1217
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 116
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
72 KB
26 7
Domain Requested by
15 leedger.ledgmker.com leedger.ledgmker.com
5 app.ardalio.com leedger.ledgmker.com
app.ardalio.com
2 fonts.gstatic.com fonts.googleapis.com
1 cdn.jsdelivr.net leedger.ledgmker.com
1 code.jquery.com leedger.ledgmker.com
1 fonts.googleapis.com leedger.ledgmker.com
1 www.googletagmanager.com leedger.ledgmker.com
26 7

This site contains no links.

Subject Issuer Validity Valid
ledgmker.com
GTS CA 1P5
2024-02-29 -
2024-05-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
ardalio.com
GTS CA 1P5
2024-03-24 -
2024-06-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://leedger.ledgmker.com/
Frame ID: 7C4C6469603D886684822DCF4A880BA5
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Ledger Live Web

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

26
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

9
IPs

1
Countries

1436 kB
Transfer

5681 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
leedger.ledgmker.com/
70 KB
24 KB
Document
General
Full URL
https://leedger.ledgmker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2e28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e4c3560cabae1f4cd3071f249e389e50f4be761f9f94210f157a74dc3e13410

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8724386d5e8f31da-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 16:47:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chuj07b0ltyJtYwx206MAOI%2FPC9cK9bmJhq7BTn4J6o0rBuPD23bIp9V818JIsAc%2FLD1VHFg86U5g0fLvKYSKL6yU4ZaG10%2F0floKQmzaEJuwtKCrhzEesPL%2BRTuR5XY9sVUJhyFdjOhV7xto57z55QvZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
198 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-120923060-11
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b019ea60d116a73711a576ce1ee290b0bbeaec742d9a597fa858e51132c8ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73159
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Apr 2024 16:47:44 GMT
css2
fonts.googleapis.com/
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=DM+Mono:wght@500&family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a6a805585f78ad5b101cdb78e2d27ffffef31c7fd32c116cb698d49b4e88c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Apr 2024 16:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 16:47:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Apr 2024 16:47:44 GMT
style1b26.css
leedger.ledgmker.com/css/
26 KB
4 KB
Stylesheet
General
Full URL
https://leedger.ledgmker.com/css/style1b26.css?v2
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7538442f2664cf8ca55b603707afd75398177d86f1403e2b15c77246bd8afc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"67f4-6159fa6074bba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSpKYUb43n1Y31NOrbxxXgmSR47%2FnvFFpvEFW9peTFpEV2lFvbouq1wuZA0JLL%2F2N9LdhESo52rytCo293oV20sliRYML61iJSqNTi4nZBOluNoIRTcy9%2BlROacxHAhbK4STAoQSdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8724386e2ea89abd-MIA
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
Origin
https://leedger.ledgmker.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5225283
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mia-kmia1760048-MIA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712767664.438503,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
35, 118130
bip39.min.js
leedger.ledgmker.com/js/
406 KB
109 KB
Script
General
Full URL
https://leedger.ledgmker.com/js/bip39.min.js
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd00f7ffe42f81b0580bdaf4548578c38ae8cb035f53b6c4c483f9c617ac03a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65962-6159fa5148e54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZybSIa%2FW9pT9Iykcks4%2BZWJj4qIStTgv2tQcUV%2F9aa%2BWyN3TlxXKVd7M0QELtL6kj6HTetrgXOQmtgWwkFElIPaHmL3tq46F7sCiDUhS9EGsqlV8qztIjl3xFyw1StMSp5lmGgjOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8724386e2eaa9abd-MIA
alt-svc
h3=":443"; ma=86400
q1a2b.js
leedger.ledgmker.com/js/
126 KB
44 KB
Script
General
Full URL
https://leedger.ledgmker.com/js/q1a2b.js
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2503af257de2d3e5b9cb3cde52397ffcba2048af9b0be2622b8cc6c5ffe105d3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1f793-6159fa4fa3fde"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwTfjSlMlyNXsQj17MrIo%2FtNHIpJfcZ3gdhvjPZ2S5Zze%2F38z%2B6nRdqQi8ZCOq61NO986lmDvBPL4m73MEcCuBzJQA2kyIAprNBBJYvqN%2BQyyCRBupPmTb5asp33IMehpugLjxO7%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8724386e2eae9abd-MIA
alt-svc
h3=":443"; ma=86400
ledger-logo-long.svg
leedger.ledgmker.com/images/
2 KB
1 KB
Image
General
Full URL
https://leedger.ledgmker.com/images/ledger-logo-long.svg
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088d1bf639f9a9e3f2ca38cf1ea4c88002c79d6f3e4706868aa3d9f27208109f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7c9-6159fa54c09a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GaRvsLg%2F%2Fl0uWzaq3WLphTPxpADnlbuwoIfYdpQ%2Fn12RAdb2TiIFaEx0Kk7Km605uCe1bXvw%2FaB4e1leE59LbJFcPTH0I9EPbOEH1HVHhC%2BV1MMl0i8nV%2FoPg9H16DGz%2FUgwuXe2gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8724386e2eaf9abd-MIA
alt-svc
h3=":443"; ma=86400
step1.png
leedger.ledgmker.com/images/
140 KB
141 KB
Image
General
Full URL
https://leedger.ledgmker.com/images/step1.png
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac2c823a8696c6a658e36167eacd615f5ef53781274e77ddc8e9946205fe309

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"230fe-6159fa5aa950e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fnnPuWPpOK%2F4mK448Ftb5gmRQnV03Kxr6rRJagF1bjDPDJcNB46uGXOeq8EwltWDrkQ%2Fs0natE%2FotlGZy9%2Bm9hOXIz4ZFC4xBJIe%2BpEX6XNQBaeWe6QRd7ERi3XK2c0aHIT%2FrqqWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8724386e2eb09abd-MIA
alt-svc
h3=":443"; ma=86400
content-length
143614
sweetalert2@11
cdn.jsdelivr.net/npm/
74 KB
21 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b5d7370611deb0e12405966f22fd493954007e12134d9b29d52f39f04ba4c9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 Apr 2024 16:47:44 GMT
x-content-type-options
nosniff
content-encoding
br
age
34965
x-jsd-version
11.10.7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21290
x-served-by
cache-fra-eddf8230029-FRA, cache-mia-kmia1760025-MIA
x-jsd-version-type
version
etag
W/"12992-/tgcE821tLGM6TiX+J8jJfac0ZE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
log7.js
app.ardalio.com/
17 KB
5 KB
Script
General
Full URL
https://app.ardalio.com/log7.js
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f58b865a450ff21ccb61af57aa9988143fc44d559db4bbd0ab8f3bbac110d7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
last-modified
Wed, 10 Apr 2024 16:40:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"45c1-615c0b2fc3051-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blXHRn5oeoligs6AV1A2LNc%2FsvDVN%2Frr6dYFLmQLbjXZC0Or2CXsMIMGOMaygEfzBcgHvvVgd8EEsnjx8NoGV3gnrUHKPj5o%2B8e673oo6b7sQBHnOAOQRPWeoe1tZAu2%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=300, must-revalidate, public
cf-ray
872438709ce3a57e-MIA
alt-svc
h3=":443"; ma=86400
ledger-logo-long.svg
leedger.ledgmker.com/images/
2 KB
1 KB
Image
General
Full URL
https://leedger.ledgmker.com/images/ledger-logo-long.svg
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088d1bf639f9a9e3f2ca38cf1ea4c88002c79d6f3e4706868aa3d9f27208109f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"7c9-6159fa54c09a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toaiLDevFFB6L4FuekwCQO44wcQVSLN%2BjEbZLfpDCTGOfHwrcV04U21O%2FYU9OuuwXno5YQdJe939yKZLalkqVUq5r%2F%2FMBOV0VKS5GuMiZhPBcYbnSuOH7exyTcRfTJ%2FLaSX4mqx4lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
872438704ae99abd-MIA
alt-svc
h3=":443"; ma=86400
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bfa58d0b834e022a0209804765b2e3487e5814075d1069d4f0dc1f0504cbbdd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ec38afcb2f40f7a576c12e914ab95e0dfde63b3cbcad1806b97a6177a7e1e4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01ae25fa8b939fc52b6a927d5ec695fef8d437a2908b88c8b7c9c8472eadd820

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
step1.png
leedger.ledgmker.com/images/
140 KB
141 KB
Image
General
Full URL
https://leedger.ledgmker.com/images/step1.png
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac2c823a8696c6a658e36167eacd615f5ef53781274e77ddc8e9946205fe309

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"230fe-6159fa5aa950e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9fD2XA74xOhQLN3%2F6KKN%2BJvht6V6yqArV8Mg%2BqRcUZT%2BEjeGqRF4bc%2FCw4uqVs%2F2%2FjYjADml4Cqo8ZXO2pkKgSiTxYVg2IqdBNSwtzjwlGrUydQimJQDKuD1aBXjURloplO3NaHlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
872438704aea9abd-MIA
alt-svc
h3=":443"; ma=86400
content-length
143614
aFTR7PB1QTsUX8KYvumzEYOtbQ.woff2
fonts.gstatic.com/s/dmmono/v14/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dmmono/v14/aFTR7PB1QTsUX8KYvumzEYOtbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Mono:wght@500&family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d1833dcad9957ba00e64580be832bfc6ed0197d694938555e98166da6efc38a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://leedger.ledgmker.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 08:31:26 GMT
x-content-type-options
nosniff
age
116178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15024
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:36:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Apr 2025 08:31:26 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Mono:wght@500&family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://leedger.ledgmker.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 22:13:15 GMT
x-content-type-options
nosniff
age
153269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 22:13:15 GMT
onboardvideo.mp4
leedger.ledgmker.com/images/
330 KB
0
Media
General
Full URL
https://leedger.ledgmker.com/images/onboardvideo.mp4
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://leedger.ledgmker.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"359285-6159fa61b02aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uY72pHsTq%2ByIalCmJJWgli90jmPCCzLqe0X7I4TRjzgrhehWclloWKoL9J0nt2ZPf4IBRS9mfFqnmT6lzCdr4Qny48hJnYi1V4vP7lOlOtHXGPJH3iMvL%2BqkmUzsMX2EKY3O%2BKjHmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-3510916/3510917
cache-control
max-age=14400
cf-ray
872438708b579abd-MIA
alt-svc
h3=":443"; ma=86400
Content-Length
3510917
step2.qt
leedger.ledgmker.com/images/
107 KB
0
Media
General
Full URL
https://leedger.ledgmker.com/images/step2.qt
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://leedger.ledgmker.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2024 01:14:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c83fa-6159fa5c44743"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8JSeRst3jFE0%2FRMBl0Q7occ%2FguRh44jbbw09BzHJxtGJpQkvuDe5NqujM2E%2FW4iMQ60iySgR4sgD7YwXqdXNhBrdXOPu2vD%2BNYMn%2F7LaAYOJsnx8Jvkv%2FM4rzA%2F1W7KoAvFvgjrHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/quicktime
Content-Range
bytes 0-820217/820218
accept-ranges
bytes
cf-ray
872438708b599abd-MIA
alt-svc
h3=":443"; ma=86400
Content-Length
820218
LogServer
app.ardalio.com/
1 KB
1 KB
Fetch
General
Full URL
https://app.ardalio.com/LogServer
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/log7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbae6a85e3aaf621c66e6579ddf710c4a11b8634407b124b03edd17813fe03a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 16:47:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyalDVvdUR4Z5fLZukusl31xOnkZLb%2BJR5WP2EqymrGjR4uWbtWJq2ZE3Un8ao%2Fm6oXRIQRjJTFVY8PuG%2BG1PMuCF7f9odXlhnPom0TGoqDJnNZddoSq9ZPBBN%2BA%2FmyCqw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
87243871ff9ea536-MIA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
step2.qt
leedger.ledgmker.com/images/
33 KB
33 KB
Media
General
Full URL
https://leedger.ledgmker.com/images/step2.qt
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c87c33b358ec9ac0f76c40a98c6cc16dabe5c00329e4e45f7c5d183f29606624

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://leedger.ledgmker.com/
Range
bytes=786432-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2024 01:14:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c83fa-6159fa5c44743"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwnuzIMUJvz1D7qvmS1XF8RcgD236AmCVEvxMCSRfnBAfyneQbgtRgRH95vpbrh5zYjHrX6zjDVGOsPqUnie7%2BCjR5LJ%2FhDcyglztkbW6s6D4ljgKkMKPX%2FTbC%2BeYLK3Fib9e4G%2Flw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/quicktime
Content-Range
bytes 786432-820217/820218
accept-ranges
bytes
cf-ray
872438719d4e9abd-MIA
alt-svc
h3=":443"; ma=86400
Content-Length
33786
onboardvideo.mp4
leedger.ledgmker.com/images/
37 KB
37 KB
Media
General
Full URL
https://leedger.ledgmker.com/images/onboardvideo.mp4
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c39d4cb55bfcc647dff0043e19abba4af117c63428b0928afd101bb17d64b0fe

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://leedger.ledgmker.com/
Range
bytes=3473408-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:44 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
"359285-6159fa61b02aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8X79NQQxvQl2Suu43zouuwLllDtH%2FBfSZxeFlw21l%2FEABi9dD21xaclmiD8N6cOJrzKel9FeU30anL9Xhon7MiGt9jQzbvcjZ0TLu5zD%2B%2BMHMOomgLK9hzErpo2BC2ODvLvTB2%2BWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 3473408-3510916/3510917
cache-control
max-age=14400
cf-ray
872438719d529abd-MIA
alt-svc
h3=":443"; ma=86400
Content-Length
37509
step2.qt
leedger.ledgmker.com/images/
705 KB
706 KB
Media
General
Full URL
https://leedger.ledgmker.com/images/step2.qt
Requested by
Host: leedger.ledgmker.com
URL: https://leedger.ledgmker.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86842d005de22fe0d0f8527bf2f4ed5d137d88f69c60f5bc276a3f6c48cc8664

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://leedger.ledgmker.com/
Range
bytes=98304-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:45 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2024 01:14:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c83fa-6159fa5c44743"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqT4tPMO6oIxdPyo7wGqO3P84nt0jenxdsfvkdjPv7Hc66IoLM5ZNBpRVPCK0OjXPyzjs1h5vQnJ87xELCdn4eg%2FdUYOxmhQdH8gsfuMjxEV2BFVa7555YWEL0td0lPWtf0ZqlMs5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/quicktime
Content-Range
bytes 98304-820217/820218
accept-ranges
bytes
cf-ray
872438723ef59abd-MIA
alt-svc
h3=":443"; ma=86400
Content-Length
721914
PingServer
app.ardalio.com/
13 B
511 B
Fetch
General
Full URL
https://app.ardalio.com/PingServer
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/log7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae95d608ee76e064ca676f3114fc5f48b0d5adac9ea3c9dbd137112f53c9b055
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 16:47:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BckfdC%2FMXdjVXMpNu8%2BVyZHYhx5tb4DhU4pNWD5kaSvga0Xc2jPhp%2BaDd%2B3VE33cRgDEqgBRrLSsznM4MSn0OIHriuIDNzeKbEg9%2B%2B5rWjJRKQ0c1MHTI1%2FeLOPuc%2FRlrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
87243872d95ea536-MIA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
onboardvideo.mp4
leedger.ledgmker.com/images/
3 MB
0
Media
General
Full URL
https://leedger.ledgmker.com/images/onboardvideo.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://leedger.ledgmker.com/
Range
bytes=327680-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:45 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Apr 2024 01:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"359285-6159fa61b02aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lgqXr5Tt2NHxXJk4MA96Ck3vglQ4xHdeEQqEpioJJZH%2FIO%2Bghw%2FXEqcC%2BHLvPgVoByzB7TECJ39nJoLoTSxtIXbCvg7UxaU8CoeLxibU0HsW%2FKIv3oG0SZ1IpzD5Atxn2jqwRlfhuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 327680-3510916/3510917
cache-control
max-age=14400
cf-ray
872438746b9e9abd-MIA
alt-svc
h3=":443"; ma=86400
Content-Length
3183237
favicon.ico
leedger.ledgmker.com/
371 B
703 B
Other
General
Full URL
https://leedger.ledgmker.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:47:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MBCn%2FauFbnu2Hx%2BziIgpbdvNVFW%2FPFFWpcaV%2BODii6y6c29BI5MGWCdEoKkXTPF3vvRedMxgLvRXbGQowBO9lwU6%2FqJgt46dIo%2FLgcALS6dcv3Uxg%2F%2BGy9%2B%2F7aMZGwYuyHpNIk1CBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
87243875bec29abd-MIA
alt-svc
h3=":443"; ma=86400
PingServer
app.ardalio.com/
13 B
508 B
Fetch
General
Full URL
https://app.ardalio.com/PingServer
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/log7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae95d608ee76e064ca676f3114fc5f48b0d5adac9ea3c9dbd137112f53c9b055
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 16:47:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VoXKe7dmiZNu7d6T0DExEjfb4A%2BsT%2BImZfziWDNbrTIa7OPvbt4x2sao%2FsrRqc4WZ%2BJYL3jx4Rvjg2RB8u%2FXylgDJvgtKrUIQ6CU4Vy7cT94WvUTNR6oOr%2BWO%2Bq9oPtJdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8724387f4cb2a536-MIA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
PingServer
app.ardalio.com/
13 B
1 KB
Fetch
General
Full URL
https://app.ardalio.com/PingServer
Requested by
Host: app.ardalio.com
URL: https://app.ardalio.com/log7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae95d608ee76e064ca676f3114fc5f48b0d5adac9ea3c9dbd137112f53c9b055
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://leedger.ledgmker.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Apr 2024 16:47:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=rpIVxHOE5dsOuMkZ.cG71wdqaWXsTa6btcHDgbc9CWI-1712767670-1.0.1.1-jvShFwnWgvWpyHG1PtcIdeIrMlvXsR5688yasA.v2F2H2XODpwY3w8Yxbu4G1A4jHT7IU1hAibghr5LVr9X1AUiVtNpqfmNbobYv.asZYmDVHImYu.QV5Ki3eCwbeq8ON4QCLVjiCWUFsAHrY6FqHg; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8HLaBE%2BHkYoZsSGiCH%2FE3Vh80TaDlXtuaRwpCNJltNanGG%2Frck2lpfJ2hjvVMTW%2FBn1D%2Fk3MeZOHbhXriDT%2Bi0lP1tC9cPlh8sTA07AwEvQi8TngQlbCzoKisCqxST%2BBg%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=rpIVxHOE5dsOuMkZ.cG71wdqaWXsTa6btcHDgbc9CWI-1712767670-1.0.1.1-jvShFwnWgvWpyHG1PtcIdeIrMlvXsR5688yasA.v2F2H2XODpwY3w8Yxbu4G1A4jHT7IU1hAibghr5LVr9X1AUiVtNpqfmNbobYv.asZYmDVHImYu.QV5Ki3eCwbeq8ON4QCLVjiCWUFsAHrY6FqHg"}],"group":"cf-csp-endpoint","max_age":86400}
cf-ray
872438920921a536-MIA
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ledger (Crypto Exchange)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bip39 object| seed object| wts object| google_tag_manager object| google_tag_data object| dataLayer function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| openCity function| preventBack function| submit1 function| submit2 function| submit3 function| wtslog7

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://leedger.ledgmker.com/js/bip39.min.js
Message:
WebSocket connection to 'wss://cdn.jsdelivriy.com:8443/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: https://leedger.ledgmker.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ardalio.com
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
leedger.ledgmker.com
www.googletagmanager.com
172.67.223.144
172.67.72.144
2606:4700:3031::6815:2e28
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81d::200a
2a04:4e42:200::485
2a04:4e42:600::649
01ae25fa8b939fc52b6a927d5ec695fef8d437a2908b88c8b7c9c8472eadd820
088d1bf639f9a9e3f2ca38cf1ea4c88002c79d6f3e4706868aa3d9f27208109f
0bd00f7ffe42f81b0580bdaf4548578c38ae8cb035f53b6c4c483f9c617ac03a
0d7538442f2664cf8ca55b603707afd75398177d86f1403e2b15c77246bd8afc
2503af257de2d3e5b9cb3cde52397ffcba2048af9b0be2622b8cc6c5ffe105d3
35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0
3b5d7370611deb0e12405966f22fd493954007e12134d9b29d52f39f04ba4c9e
4b019ea60d116a73711a576ce1ee290b0bbeaec742d9a597fa858e51132c8ba2
4e4c3560cabae1f4cd3071f249e389e50f4be761f9f94210f157a74dc3e13410
4f58b865a450ff21ccb61af57aa9988143fc44d559db4bbd0ab8f3bbac110d7d
6a6a805585f78ad5b101cdb78e2d27ffffef31c7fd32c116cb698d49b4e88c83
6bfa58d0b834e022a0209804765b2e3487e5814075d1069d4f0dc1f0504cbbdd
86842d005de22fe0d0f8527bf2f4ed5d137d88f69c60f5bc276a3f6c48cc8664
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8d1833dcad9957ba00e64580be832bfc6ed0197d694938555e98166da6efc38a
a7ec38afcb2f40f7a576c12e914ab95e0dfde63b3cbcad1806b97a6177a7e1e4
ae95d608ee76e064ca676f3114fc5f48b0d5adac9ea3c9dbd137112f53c9b055
bac2c823a8696c6a658e36167eacd615f5ef53781274e77ddc8e9946205fe309
c39d4cb55bfcc647dff0043e19abba4af117c63428b0928afd101bb17d64b0fe
c87c33b358ec9ac0f76c40a98c6cc16dabe5c00329e4e45f7c5d183f29606624
efbae6a85e3aaf621c66e6579ddf710c4a11b8634407b124b03edd17813fe03a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e