www.ledger-restore.alghayathgroup.com Open in urlscan Pro
162.0.235.193 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ledger-restore.alghayathgroup.com/
Submission: On July 22 via automatic, source certstream-suspicious (July 22nd 2024, 11:20:47 pm UTC) — Scanned from IT

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 28 HTTP transactions. The main IP is 162.0.235.193, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.ledger-restore.alghayathgroup.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 20th 2024. Valid for: a year.

This is the only time www.ledger-restore.alghayathgroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ledger (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
26	162.0.235.193 162.0.235.193	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	104.18.21.196 104.18.21.196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	3

26 162.0.235.193 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium154-4.web-hosting.com

www.ledger-restore.alghayathgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.21.196 (None, )

ASN13335 (CLOUDFLARENET, US)

ledger-wp-website-s3-prd.ledger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	alghayathgroup.com www.ledger-restore.alghayathgroup.com	722 KB
2	ledger.com ledger-wp-website-s3-prd.ledger.com — Cisco Umbrella Rank: 631757	1 KB
28	2

	Domain	Requested by
26	www.ledger-restore.alghayathgroup.com	www.ledger-restore.alghayathgroup.com
2	ledger-wp-website-s3-prd.ledger.com
28	2

This site contains no links.

Subject Issuer	Validity	Valid
ledger-restore.alghayathgroup.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-20` - `2025-07-20`	a year	crt.sh
ledger.com E6	`2024-07-20` - `2024-10-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ledger-restore.alghayathgroup.com/
Frame ID: 14EDE39C41A43264FCB0DC0BCF183AAD
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

nuxt-app

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"
/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

724 kB
Transfer

5779 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ledger-restore.alghayathgroup.com/	2 KB 887 B	743ms 193ms	Document text/html	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `73c7b71f1f6ef27c631b74c6971e0f8aca3c18de0c9974177aaaec4b58a06c7a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding br content-length 720 content-type text/html date Mon, 22 Jul 2024 23:20:39 GMT last-modified Sat, 20 Jul 2024 14:13:24 GMT server LiteSpeed vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	cfg.js Show response www.ledger-restore.alghayathgroup.com/config/	196 B 347 B	538ms 537ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/config/cfg.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `dfd9c9d413322a87eb5ff53afada90ca41fc368e7a2c183d58429de2c4f6fa4f` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:39 GMT x-turbo-charged-by LiteSpeed last-modified Sat, 20 Jul 2024 14:29:36 GMT server LiteSpeed accept-ranges bytes content-length 196 content-type text/javascript
GET H2	200	entry.DVfFTMJB.css www.ledger-restore.alghayathgroup.com/_nuxt/	601 KB 95 KB	514ms 513ms	Stylesheet text/css	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/entry.DVfFTMJB.css Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `2d421c8128de47768e547449ce26b877d597589558e59029be1897c5863e03ff` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:39 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:11:59 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 96659 expires Mon, 29 Jul 2024 23:20:39 GMT
GET H2	200	Bv8mMw2f.js Show response www.ledger-restore.alghayathgroup.com/_nuxt/	2 MB 422 KB	786ms 786ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `7518de752a351d36117ea8288d76bb42b10edb3e0eb63680fca87b3cc3a0fcc9` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:39 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:11:59 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 431202
GET H2	200	DUtQwVM7.js www.ledger-restore.alghayathgroup.com/_nuxt/	0 3 KB	407ms 395ms	Other text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/DUtQwVM7.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 2707
GET H2	200	BYuWtdvd.js www.ledger-restore.alghayathgroup.com/_nuxt/	0 932 B	430ms 418ms	Other text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/BYuWtdvd.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 760
GET H2	200	D5gOYdM7.js www.ledger-restore.alghayathgroup.com/_nuxt/	0 2 KB	431ms 420ms	Other text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/D5gOYdM7.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 2241
GET H2	200	error-404.CjGVuf6H.css www.ledger-restore.alghayathgroup.com/_nuxt/	0 1 KB	433ms 421ms	Other text/css	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/error-404.CjGVuf6H.css Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 989 expires Mon, 29 Jul 2024 23:20:40 GMT
GET H2	200	BO7CVRzO.js www.ledger-restore.alghayathgroup.com/_nuxt/	0 3 KB	430ms 419ms	Other text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/BO7CVRzO.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 3188
GET H2	200	DlAUqK2U.js www.ledger-restore.alghayathgroup.com/_nuxt/	0 241 B	433ms 424ms	Other text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/DlAUqK2U.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT x-turbo-charged-by LiteSpeed last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed accept-ranges bytes content-length 91 content-type text/javascript
GET H2	200	error-500.DFBAsgKS.css www.ledger-restore.alghayathgroup.com/_nuxt/	0 878 B	432ms 423ms	Other text/css	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/error-500.DFBAsgKS.css Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 658 expires Mon, 29 Jul 2024 23:20:40 GMT
GET H2	200	DyD_PmEI.js www.ledger-restore.alghayathgroup.com/_nuxt/	0 1 KB	403ms 395ms	Other text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/DyD_PmEI.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 1125
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	BI8NnmtX.js Show response www.ledger-restore.alghayathgroup.com/_nuxt/	4 KB 2 KB	308ms 240ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/BI8NnmtX.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `b52b8f39c9e3dfc96cf45a0827dc356526b183abc70705d3519cbf37275c35d9` Request headers Referer Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:41 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 1934
GET H2	200	CyNwxRFx.js Show response www.ledger-restore.alghayathgroup.com/_nuxt/	80 B 230 B	310ms 241ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/CyNwxRFx.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `62fbcd5a79cfc944c5994633acd85b0b80732972c5cd13340447a86ad30cad86` Request headers Referer Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:41 GMT x-turbo-charged-by LiteSpeed last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed accept-ranges bytes content-length 80 content-type text/javascript
GET H2	200	CLpoGwTY.js Show response www.ledger-restore.alghayathgroup.com/_nuxt/	1 KB 767 B	291ms 247ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/CLpoGwTY.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `33f06ffac4a7f4cc5fbc8a5c55682a458c0ec014ac2a17652e9cc532256977a1` Request headers Referer Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:41 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 595
GET H2	200	Ledger_favicon.png ledger-wp-website-s3-prd.ledger.com/uploads/2021/11/	402 B 1 KB	499ms 51ms	Other image/webp	104.18.21.196 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ledger-wp-website-s3-prd.ledger.com/uploads/2021/11/Ledger_favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.196 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7545b9667995fb98664f07b94793628ca6920fc953bb4eb924259480cae4bbe8` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:41 GMT x-amz-version-id c0YzzGXb_FH8yQM1Y29J6JaRmyu3vJ3t cf-cache-status HIT x-amz-request-id N8TRRSGZ5TNC6SWH age 13495 cf-polished origFmt=png, origSize=2372 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-disposition inline; filename="Ledger_favicon.webp" content-length 402 x-amz-id-2 ZsYmSKT4Y5vMgPNKVA8TodYJR6NQ5SAJGHsrvdxxkLZwuQy6mkMFJbu0j7wIN3xpGA+Qzw4O99w= cf-bgj imgq:100,h2pri last-modified Mon, 04 Mar 2024 09:59:32 GMT server cloudflare etag "d2cc487e1baee412d24282cd76326b67" vary Accept content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 8a7729ae19ba5a07-MXP expires Tue, 23 Jul 2024 03:20:41 GMT
GET H2	200	DlAUqK2U.js Show response www.ledger-restore.alghayathgroup.com/_nuxt/	91 B 0	3ms 3ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/DlAUqK2U.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa` Request headers Referer https://www.ledger-restore.alghayathgroup.com/_nuxt/BI8NnmtX.js Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT x-turbo-charged-by LiteSpeed last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed accept-ranges bytes content-length 91 content-type text/javascript
GET H2	200	BYuWtdvd.js Show response www.ledger-restore.alghayathgroup.com/_nuxt/	2 KB 0	5ms 5ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/BYuWtdvd.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `97380b7dad4151c1e3bd5eeac35ba6ea2c936a6479a48753c75113db947d7baa` Request headers Referer https://www.ledger-restore.alghayathgroup.com/_nuxt/BI8NnmtX.js Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 760
GET H2	200	D5gOYdM7.js Show response www.ledger-restore.alghayathgroup.com/_nuxt/	6 KB 0	29ms 29ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/D5gOYdM7.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `db98026b4bf01b51965d9e63c86fd742f4f92228b088c6fc888e39f20288243e` Request headers Referer https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 2241
GET H2	200	0f9cc82c-0690-4c24-bdad-7e944ba64e68.json Show response www.ledger-restore.alghayathgroup.com/_nuxt/builds/meta/	139 B 291 B	277ms 221ms	Fetch application/json	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/builds/meta/0f9cc82c-0690-4c24-bdad-7e944ba64e68.json Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `22478d90e9b8b6241b59295c074be34fab1dff28cb097e3da10421a15071b605` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:41 GMT x-turbo-charged-by LiteSpeed last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed accept-ranges bytes content-length 139 content-type application/json
GET H2	200	DUtQwVM7.js Show response www.ledger-restore.alghayathgroup.com/_nuxt/	6 KB 0	1ms 1ms	Script text/javascript	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/DUtQwVM7.js Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `d2ebcf516fd3fbb28e57e1e4cda758908963ffe5f3f75e9f764b83a5eccca552` Request headers Referer https://www.ledger-restore.alghayathgroup.com/_nuxt/Bv8mMw2f.js Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:40 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 2707
GET H2	200	logo-ledger.svg www.ledger-restore.alghayathgroup.com/	2 KB 1 KB	294ms 292ms	Image image/svg+xml	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.ledger-restore.alghayathgroup.com/logo-ledger.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `7c34850991c3b7dd8816ea3314a4ddf849f6fa94a5fc39b2493593f9f6aac253` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:42 GMT content-encoding br last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 890 expires Mon, 29 Jul 2024 23:20:42 GMT
GET H2	200	aFTU7PB1QTsUX8KYhh4-cDOFvaPKBu.woff www.ledger-restore.alghayathgroup.com/_fonts/	23 KB 23 KB	220ms 218ms	Font font/woff	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_fonts/aFTU7PB1QTsUX8KYhh4-cDOFvaPKBu.woff Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/_nuxt/entry.DVfFTMJB.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `ef74a59f8a44d1596f83cff86eca9b25dd2abe7ba2c0faa8c640309f883d96d6` Request headers Referer https://www.ledger-restore.alghayathgroup.com/_nuxt/entry.DVfFTMJB.css Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:42 GMT last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed content-type font/woff cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 23720 expires Mon, 29 Jul 2024 23:20:42 GMT
GET H2	200	bootstrap-icons.BtvjY1KL.woff2 www.ledger-restore.alghayathgroup.com/_nuxt/	127 KB 128 KB	239ms 238ms	Font font/woff2	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/_nuxt/bootstrap-icons.BtvjY1KL.woff2 Requested by Host: www.ledger-restore.alghayathgroup.com URL: https://www.ledger-restore.alghayathgroup.com/_nuxt/entry.DVfFTMJB.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `476adf42b40325098fcfa8b36ab3e769186bb4f6ce6a249753e2e1a9c22bf99e` Request headers Referer https://www.ledger-restore.alghayathgroup.com/_nuxt/entry.DVfFTMJB.css Origin https://www.ledger-restore.alghayathgroup.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:42 GMT last-modified Sat, 20 Jul 2024 14:12:00 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 130396 expires Mon, 29 Jul 2024 23:20:42 GMT
GET H2	206	connect.mp4 www.ledger-restore.alghayathgroup.com/	33 KB 0	274ms 262ms	Media video/mp4	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/connect.mp4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-3510916/3510917 date Mon, 22 Jul 2024 23:20:42 GMT last-modified Thu, 18 Jul 2024 02:07:44 GMT server LiteSpeed x-turbo-charged-by LiteSpeed Content-Length 3510917 content-type video/mp4
GET H2	200	Ledger_favicon.png ledger-wp-website-s3-prd.ledger.com/uploads/2021/11/	402 B 0	1ms 1ms	Other image/webp	104.18.21.196 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ledger-wp-website-s3-prd.ledger.com/uploads/2021/11/Ledger_favicon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.21.196 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7545b9667995fb98664f07b94793628ca6920fc953bb4eb924259480cae4bbe8` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 23:20:41 GMT x-amz-version-id c0YzzGXb_FH8yQM1Y29J6JaRmyu3vJ3t cf-cache-status HIT x-amz-request-id N8TRRSGZ5TNC6SWH age 13495 cf-polished origFmt=png, origSize=2372 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-disposition inline; filename="Ledger_favicon.webp" content-length 402 x-amz-id-2 ZsYmSKT4Y5vMgPNKVA8TodYJR6NQ5SAJGHsrvdxxkLZwuQy6mkMFJbu0j7wIN3xpGA+Qzw4O99w= cf-bgj imgq:100,h2pri last-modified Mon, 04 Mar 2024 09:59:32 GMT server cloudflare etag "d2cc487e1baee412d24282cd76326b67" vary Accept content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 8a7729ae19ba5a07-MXP expires Tue, 23 Jul 2024 03:20:41 GMT
GET H2	206	connect.mp4 www.ledger-restore.alghayathgroup.com/	37 KB 37 KB	322ms 318ms	Media video/mp4	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/connect.mp4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash `c39d4cb55bfcc647dff0043e19abba4af117c63428b0928afd101bb17d64b0fe` Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=3473408- Response headers Content-Range bytes 3473408-3510916/3510917 date Mon, 22 Jul 2024 23:20:42 GMT x-turbo-charged-by LiteSpeed last-modified Thu, 18 Jul 2024 02:07:44 GMT server LiteSpeed Content-Length 37509 content-type video/mp4
GET H2	206	connect.mp4 www.ledger-restore.alghayathgroup.com/	3 MB 0	0ms 0ms	Media video/mp4	162.0.235.193 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.ledger-restore.alghayathgroup.com/connect.mp4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.193 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium154-4.web-hosting.com Software LiteSpeed / Resource Hash Request headers Referer https://www.ledger-restore.alghayathgroup.com/ Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Range bytes=32768- Response headers Content-Range bytes 32768-3510916/3510917 date Mon, 22 Jul 2024 23:20:42 GMT x-turbo-charged-by LiteSpeed last-modified Thu, 18 Jul 2024 02:07:44 GMT server LiteSpeed Content-Length 3478149 content-type video/mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ledger (Crypto Exchange)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ledger.com/	1970-01-20 22:14:52	Name: __cf_bm Value: yduf.9PXZPCFFhoUUqSgj86mqeZGdcbv1KwYWXYxH6c-1721690441-1.0.1.1-8ud_9tPLLgGpGEuHEaL5ttHn9RmHKYORQX9ggraqv.8W.rkdoAprFRLJ3CiEBFFhZDLhlen7UDdKGFewKGz0KA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ledger-wp-website-s3-prd.ledger.com
www.ledger-restore.alghayathgroup.com
104.18.21.196
162.0.235.193
22478d90e9b8b6241b59295c074be34fab1dff28cb097e3da10421a15071b605
2d421c8128de47768e547449ce26b877d597589558e59029be1897c5863e03ff
33f06ffac4a7f4cc5fbc8a5c55682a458c0ec014ac2a17652e9cc532256977a1
476adf42b40325098fcfa8b36ab3e769186bb4f6ce6a249753e2e1a9c22bf99e
62fbcd5a79cfc944c5994633acd85b0b80732972c5cd13340447a86ad30cad86
73c7b71f1f6ef27c631b74c6971e0f8aca3c18de0c9974177aaaec4b58a06c7a
7518de752a351d36117ea8288d76bb42b10edb3e0eb63680fca87b3cc3a0fcc9
7545b9667995fb98664f07b94793628ca6920fc953bb4eb924259480cae4bbe8
7c34850991c3b7dd8816ea3314a4ddf849f6fa94a5fc39b2493593f9f6aac253
97380b7dad4151c1e3bd5eeac35ba6ea2c936a6479a48753c75113db947d7baa
b52b8f39c9e3dfc96cf45a0827dc356526b183abc70705d3519cbf37275c35d9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c39d4cb55bfcc647dff0043e19abba4af117c63428b0928afd101bb17d64b0fe
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
d2ebcf516fd3fbb28e57e1e4cda758908963ffe5f3f75e9f764b83a5eccca552
db98026b4bf01b51965d9e63c86fd742f4f92228b088c6fc888e39f20288243e
dfd9c9d413322a87eb5ff53afada90ca41fc368e7a2c183d58429de2c4f6fa4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef74a59f8a44d1596f83cff86eca9b25dd2abe7ba2c0faa8c640309f883d96d6

www.ledger-restore.alghayathgroup.com Open in urlscan Pro 162.0.235.193 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

724 kBTransfer

5779 kBSize

1 Cookies

0 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

www.ledger-restore.alghayathgroup.com Open in urlscan Pro
162.0.235.193 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

724 kB
Transfer

5779 kB
Size

1
Cookies

28 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!