ledgerdevicestatus.com Open in urlscan Pro
193.143.1.14 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ledgerdevicestatus.com/
Effective URL:
https://ledgerdevicestatus.com/ledgerDiagnosis.php
Submission: On November 23 via api (November 23rd 2024, 10:20:46 am UTC) from DK — Scanned from DK

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 193.143.1.14, located in Moscow, Russian Federation and belongs to proton66 Proton66 OOO, RU. The main domain is ledgerdevicestatus.com.
TLS certificate: Issued by R11 on November 20th 2024. Valid for: 3 months.

This is the only time ledgerdevicestatus.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ledger (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 22	193.143.1.14 193.143.1.14	198953 (proton66 ...) (proton66 Proton66 OOO)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
23	2

22 193.143.1.14 (Moscow, Russian Federation) 1 redirects

ASN198953 (proton66 Proton66 OOO, RU)

ledgerdevicestatus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ledgerdevicestatus.com 1 redirects ledgerdevicestatus.com	1 MB
2	gstatic.com fonts.gstatic.com	51 KB
23	2

	Domain	Requested by
22	ledgerdevicestatus.com	1 redirects ledgerdevicestatus.com
2	fonts.gstatic.com	ledgerdevicestatus.com
23	2

This site contains no links.

Subject Issuer	Validity	Valid
*.ledgerdevicestatus.com R11	`2024-11-20` - `2025-02-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Frame ID: FA2E2992FED25834492E635597E9098E
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ledger Live

Page URL History Show full URLs

http://ledgerdevicestatus.com/ HTTP 307
https://ledgerdevicestatus.com/ HTTP 302
https://ledgerdevicestatus.com/ledgerDiagnosis.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1455 kB
Transfer

8070 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ledgerdevicestatus.com/ HTTP 307
https://ledgerdevicestatus.com/ HTTP 302
https://ledgerdevicestatus.com/ledgerDiagnosis.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ledgerDiagnosis.php Show response
ledgerdevicestatus.com/
Redirect Chain

http://ledgerdevicestatus.com/
https://ledgerdevicestatus.com/
https://ledgerdevicestatus.com/ledgerDiagnosis.php

413 KB
56 KB

198ms
197ms

Document
text/html

193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1d8c17a99481aeecd5a500687c5b9f0578fcc245887887b69d9d11a532fe2509

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 23 Nov 2024 10:20:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Nov 2024 10:20:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ledgerDiagnosis.php
pragma: no-cache
server: LiteSpeed

GET
H3 200 v27IkSycp3HUcdXC.css
ledgerdevicestatus.com/nJyClqf1mj/css/ 81 KB
9 KB 116ms
116ms Stylesheet
text/css 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/v27IkSycp3HUcdXC.css
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f5ad0b38079b2f9295b3d0b85ebc4c91dc913be88013218438281171bca7fc79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Sat, 30 Nov 2024 10:20:40 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 8939
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: text/css
last-modified: Wed, 03 Jul 2024 12:36:58 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H3 404 4c4GDqqw2LaX.css
ledgerdevicestatus.com/nJyClqf1mj/css/ 0
0 116ms
116ms Stylesheet
text/html 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/4c4GDqqw2LaX.css
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: text/html
server: LiteSpeed

GET
H3 404 dDarWvCFKfUo.css
ledgerdevicestatus.com/nJyClqf1mj/css/ 0
0 114ms
113ms Stylesheet
text/html 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/dDarWvCFKfUo.css
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: text/html
server: LiteSpeed

GET
H3 404 RDIOwfsI42lX.css
ledgerdevicestatus.com/nJyClqf1mj/css/ 0
0 119ms
119ms Stylesheet
text/html 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/RDIOwfsI42lX.css
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: text/html
server: LiteSpeed

GET
H3 200 7yqtLuNSQXzh.svg
ledgerdevicestatus.com/nJyClqf1mj/img/ 2 KB
947 B 122ms
121ms Image
image/svg+xml 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/7yqtLuNSQXzh.svg
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 088d1bf639f9a9e3f2ca38cf1ea4c88002c79d6f3e4706868aa3d9f27208109f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Sat, 30 Nov 2024 10:20:40 GMT
accept-ranges: bytes
content-length: 889
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: image/svg+xml
last-modified: Sun, 12 May 2024 23:01:38 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 stax.png
ledgerdevicestatus.com/nJyClqf1mj/img/ 13 KB
13 KB 123ms
123ms Image
image/png 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/stax.png
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d91f8ba68389775028cd2bae6ba43da2cc6675c75d0522bae7776aa7e10834c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: public, max-age=604800
expires: Sat, 30 Nov 2024 10:20:40 GMT
accept-ranges: bytes
content-length: 12958
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: image/png
last-modified: Wed, 03 Jul 2024 12:39:26 GMT
server: LiteSpeed

GET
H3 200 nanoSP.png
ledgerdevicestatus.com/nJyClqf1mj/img/ 6 KB
6 KB 124ms
119ms Image
image/png 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/nanoSP.png
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a7ec38afcb2f40f7a576c12e914ab95e0dfde63b3cbcad1806b97a6177a7e1e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: public, max-age=604800
expires: Sat, 30 Nov 2024 10:20:40 GMT
accept-ranges: bytes
content-length: 6034
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: image/png
last-modified: Sun, 12 May 2024 23:01:38 GMT
server: LiteSpeed

GET
H3 200 nanoX.png
ledgerdevicestatus.com/nJyClqf1mj/img/ 6 KB
6 KB 125ms
121ms Image
image/png 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/nanoX.png
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 01ae25fa8b939fc52b6a927d5ec695fef8d437a2908b88c8b7c9c8472eadd820

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: public, max-age=604800
expires: Sat, 30 Nov 2024 10:20:40 GMT
accept-ranges: bytes
content-length: 6559
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: image/png
last-modified: Sun, 12 May 2024 23:01:38 GMT
server: LiteSpeed

GET
H3 200 nn4ejY6bCwjN.png
ledgerdevicestatus.com/nJyClqf1mj/img/ 143 KB
143 KB 128ms
124ms Image
image/png 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/nn4ejY6bCwjN.png
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b98d5ed89d2ce6b5143e31feb7c4ed60b63c8c6e08ae4f60385a8e7bf6899c53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: public, max-age=604800
expires: Sat, 30 Nov 2024 10:20:40 GMT
accept-ranges: bytes
content-length: 146477
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: image/png
last-modified: Sun, 12 May 2024 23:01:38 GMT
server: LiteSpeed

GET
H3 206 uQovUOQx.mov
ledgerdevicestatus.com/nJyClqf1mj/img/ 5 MB
0 561ms
561ms Media
video/quicktime 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/uQovUOQx.mov
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Length: 7013211
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: video/quicktime
last-modified: Wed, 03 Jul 2024 15:53:00 GMT
server: LiteSpeed
Content-Range: bytes 0-7013210/7013211

GET
H3 206 HOTNarzFxc3e.mov
ledgerdevicestatus.com/nJyClqf1mj/media/ 32 KB
0 363ms
362ms Media
video/quicktime 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/media/HOTNarzFxc3e.mov
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Length: 820218
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: video/quicktime
last-modified: Tue, 17 Jan 2023 06:39:18 GMT
server: LiteSpeed
Content-Range: bytes 0-820217/820218

GET
H3 200 pre_loader.gif
ledgerdevicestatus.com/nJyClqf1mj/img/ 182 KB
182 KB 128ms
127ms Image
image/gif 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/pre_loader.gif
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cb2137010c62b477440e0afecdda3e54b5ad32a4a0d3c6acfd44bc452cd2b694

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: public, max-age=604800
expires: Sat, 30 Nov 2024 10:20:40 GMT
accept-ranges: bytes
content-length: 186358
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: image/gif
last-modified: Wed, 03 Jul 2024 12:53:24 GMT
server: LiteSpeed

GET
H3 200 jquery-3.7.1.min.js Show response
ledgerdevicestatus.com/nJyClqf1mj/js/ 85 KB
29 KB 123ms
122ms Script
text/javascript 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/js/jquery-3.7.1.min.js
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

content-encoding: br
accept-ranges: bytes
content-length: 29730
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: text/javascript
last-modified: Sun, 12 May 2024 23:01:38 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 bip39.min.js Show response
ledgerdevicestatus.com/nJyClqf1mj/js/ 275 KB
83 KB 550ms
550ms Script
text/javascript 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/js/bip39.min.js
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a5c2f5402552970d2e4f6efd98f81959136bec50611f40224b9d90e9d3a3ed4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

content-encoding: br
accept-ranges: bytes
content-length: 84861
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: text/javascript
last-modified: Sun, 12 May 2024 23:01:38 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 sweetalert2.js Show response
ledgerdevicestatus.com/nJyClqf1mj/js/ 67 KB
17 KB 289ms
288ms Script
text/javascript 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/js/sweetalert2.js
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0e814e0fd6e2642fa605cb93146334402e2324af9d5227d42ade3912cd2c3ab2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

content-encoding: br
accept-ranges: bytes
content-length: 17608
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: text/javascript
last-modified: Sun, 12 May 2024 23:01:38 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 lottie-player.js Show response
ledgerdevicestatus.com/nJyClqf1mj/js/ 359 KB
88 KB 298ms
297ms Script
text/javascript 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/js/lottie-player.js
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3619205baaef089cf08e37b28f54b332a65061e956622c8bb40f4a6646602291

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

content-encoding: br
accept-ranges: bytes
content-length: 89968
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: text/javascript
last-modified: Sun, 12 May 2024 23:01:38 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 161ms
84ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/v27IkSycp3HUcdXC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ledgerdevicestatus.com
Referer: https://ledgerdevicestatus.com/

Response headers

age: 386438
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 23:00:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 23:00:02 GMT
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37924
x-xss-protection: 0
server: sffe

GET
H3 206 HOTNarzFxc3e.mov
ledgerdevicestatus.com/nJyClqf1mj/media/ 33 KB
33 KB 228ms
124ms Media
video/quicktime 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/media/HOTNarzFxc3e.mov
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c87c33b358ec9ac0f76c40a98c6cc16dabe5c00329e4e45f7c5d183f29606624

Request headers

Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=786432-

Response headers

Content-Length: 33786
date: Sat, 23 Nov 2024 10:20:41 GMT
last-modified: Tue, 17 Jan 2023 06:39:18 GMT
content-type: video/quicktime
server: LiteSpeed
Content-Range: bytes 786432-820217/820218

GET
H3 206 HOTNarzFxc3e.mov
ledgerdevicestatus.com/nJyClqf1mj/media/ 769 KB
736 KB 0ms
0ms Media
video/quicktime 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/media/HOTNarzFxc3e.mov
Requested by: Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8c2d912d5c5facad6411c71e3ac5754a4b5c574b37f35e7c8bbcf243bb14d5e4

Request headers

Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

Content-Length: 787450
date: Sat, 23 Nov 2024 10:20:41 GMT
last-modified: Tue, 17 Jan 2023 06:39:18 GMT
content-type: video/quicktime
server: LiteSpeed
Content-Range: bytes 32768-820217/820218

GET
H3 200 L_favicon.webp
ledgerdevicestatus.com/nJyClqf1mj/img/ 402 B
454 B 104ms
103ms Other
image/webp 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/L_favicon.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7545b9667995fb98664f07b94793628ca6920fc953bb4eb924259480cae4bbe8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php

Response headers

cache-control: public, max-age=604800
expires: Sat, 30 Nov 2024 10:20:41 GMT
accept-ranges: bytes
content-length: 402
date: Sat, 23 Nov 2024 10:20:41 GMT
content-type: image/webp
last-modified: Sun, 12 May 2024 23:01:38 GMT
server: LiteSpeed

GET
H3 200 aFTR7PB1QTsUX8KYvumzEYOtbQ.woff2
fonts.gstatic.com/s/dmmono/v10/ 14 KB
14 KB 68ms
68ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmmono/v10/aFTR7PB1QTsUX8KYvumzEYOtbQ.woff2

Requested by

Host: ledgerdevicestatus.com
URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/v27IkSycp3HUcdXC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

84dac95d59aff55b7c3d37d643ea10583d263e3c450f50ff444fe892e9f4d0e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://ledgerdevicestatus.com
Referer: https://ledgerdevicestatus.com/

Response headers

age: 406777
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 17:21:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 17:21:05 GMT
last-modified: Thu, 21 Apr 2022 17:29:44 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14660
x-xss-protection: 0
server: sffe

GET
H3 206 uQovUOQx.mov
ledgerdevicestatus.com/nJyClqf1mj/img/ 128 KB
0 0ms
0ms Media
video/quicktime 193.143.1.14
proton66 Proton66...

General

Check archive.org

Show headers Download Go to

Full URL: https://ledgerdevicestatus.com/nJyClqf1mj/img/uQovUOQx.mov
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 193.143.1.14 Moscow, Russian Federation, ASN198953 (proton66 Proton66 OOO, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://ledgerdevicestatus.com/ledgerDiagnosis.php
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=5554804-

Response headers

Content-Length: 1458407
date: Sat, 23 Nov 2024 10:20:40 GMT
content-type: video/quicktime
last-modified: Wed, 03 Jul 2024 15:53:00 GMT
server: LiteSpeed
Content-Range: bytes 5554804-7013210/7013211

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ledger (Crypto Exchange)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ledgerdevicestatus.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6c2f4e116be9d8ab7cc7db186bbb7cd4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/4c4GDqqw2LaX.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/dDarWvCFKfUo.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ledgerdevicestatus.com/nJyClqf1mj/css/RDIOwfsI42lX.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
ledgerdevicestatus.com
142.250.185.99
193.143.1.14
01ae25fa8b939fc52b6a927d5ec695fef8d437a2908b88c8b7c9c8472eadd820
088d1bf639f9a9e3f2ca38cf1ea4c88002c79d6f3e4706868aa3d9f27208109f
0e814e0fd6e2642fa605cb93146334402e2324af9d5227d42ade3912cd2c3ab2
1d8c17a99481aeecd5a500687c5b9f0578fcc245887887b69d9d11a532fe2509
3619205baaef089cf08e37b28f54b332a65061e956622c8bb40f4a6646602291
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
7545b9667995fb98664f07b94793628ca6920fc953bb4eb924259480cae4bbe8
84dac95d59aff55b7c3d37d643ea10583d263e3c450f50ff444fe892e9f4d0e2
8c2d912d5c5facad6411c71e3ac5754a4b5c574b37f35e7c8bbcf243bb14d5e4
99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a
a5c2f5402552970d2e4f6efd98f81959136bec50611f40224b9d90e9d3a3ed4b
a7ec38afcb2f40f7a576c12e914ab95e0dfde63b3cbcad1806b97a6177a7e1e4
b98d5ed89d2ce6b5143e31feb7c4ed60b63c8c6e08ae4f60385a8e7bf6899c53
c87c33b358ec9ac0f76c40a98c6cc16dabe5c00329e4e45f7c5d183f29606624
cb2137010c62b477440e0afecdda3e54b5ad32a4a0d3c6acfd44bc452cd2b694
d91f8ba68389775028cd2bae6ba43da2cc6675c75d0522bae7776aa7e10834c3
f5ad0b38079b2f9295b3d0b85ebc4c91dc913be88013218438281171bca7fc79

ledgerdevicestatus.com Open in urlscan Pro 193.143.1.14 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1455 kBTransfer

8070 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

ledgerdevicestatus.com Open in urlscan Pro
193.143.1.14 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1455 kB
Transfer

8070 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!