{"report_id":"124e62cd-74e7-4fa8-b226-d71e0d2f9293","version":6,"status":"done","tags":[],"date":"2026-04-14T20:59:09Z","url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"title":"ledger硬件钱包官网 - 升级您的加密体验 | 比特币以太坊冷钱包","dom":{"size":267,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"f2b46f0e3a4400514655fcfa44c0124b","sha1":"3cbc9b1c7b7cfcd628a88c0fa0884864345185e5","sha256":"1cf432fc9595130bb06c654fe72b88fdecbae9bddf18dab6799b1e5a2011d194","sha512":"2d5a4b30e02eb2a1cdb23efa48a5d256e5fef23421a9826ea0e74904710c396c3e3afd56056391898d9f65c2ae2404ac97ad01c4659678cf161d1c42e9baa551","ssdeep":"","tlshash":"86d02b9fcc21c14e880166d88691f558584bf21e5714ce8cfce034b8d5496ad0cd3288","dom_hash":"domhashe9551ca6980fee53ee15afe26c1cd5b2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-19T20:59:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"static.meiqia.com","ip":{"addr":"43.152.43.117","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2009-01-27","domain_rank":1675070,"first_seen":"2016-07-23T03:30:52Z","last_seen":"2026-04-07T07:31:08.345727Z","alert_count":0,"request_count":3,"received_data":1409493,"sent_data":1334,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}]},{"fqdn":"new-api.meiqia.com","ip":{"addr":"43.174.224.10","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2009-01-27","domain_rank":987273,"first_seen":"2018-07-31T06:41:30Z","last_seen":"2026-04-14T11:17:31.965005Z","alert_count":0,"request_count":3,"received_data":3339,"sent_data":2297,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2026-04-13T04:36:40.415277Z","alert_count":0,"request_count":2,"received_data":30881,"sent_data":1298,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"edge-api.meiqia.com","ip":{"addr":"43.174.224.10","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2009-01-27","domain_rank":1537350,"first_seen":"2022-05-13T18:55:42Z","last_seen":"2026-04-07T07:31:07.46802Z","alert_count":0,"request_count":2,"received_data":2042,"sent_data":1109,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"cn-ledger.com","ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":24,"request_count":8,"received_data":194717,"sent_data":4025,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.cn-ledger.com","ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2025-10-06","domain_rank":0,"first_seen":"2026-03-05T19:58:19.635562Z","last_seen":"2026-03-28T05:46:51.21782Z","alert_count":21,"request_count":7,"received_data":453202,"sent_data":3460,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?d271e213a5583ee84901cf817aa7ad96","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"a5560f7f38eb3633d0250da2df211df9","sha1":"18a2a78325a5fbae0baaf5565924ac42ad7cc3e8","sha256":"2fe61d275ea29b7652c5ed124d12d6580b1a3eea4222d2e42e39464d7d64fe9d","sha512":"8c6e15b9ebf3c0607520a0ab5dfcf222927f1a2283a8702daf86e317d6283160909f639dfc86e47893178a016e08a42baa1ce0a937be74f621dc80abbba74e50","ssdeep":"384:nAJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:nA4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"9cd2d9a9b282713293a324a5153f724ef07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29899,"data":"","first_seen":"2026-04-14T20:59:17.835993Z","last_seen":"2026-04-14T20:59:17.835993Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1731a635517d552ce0dd75263fc20c5b","sha1":"e9a92b61f8292c75b9433eb0dea7a4887a9bca22","sha256":"6f2b71941f05d9e1ccc58ac2e3d22ac2ff429f96e50f3a3d665a6bbf60349695","sha512":"ec67ec7afc43b5107d4dede79676b16d338289b3faa319b7c90d03abc6d021291bf2736c37f7729eb632b2a231147623f31944d9cafe478762ef632dd42abfca","ssdeep":"","tlshash":"38f097ce2759cc943de77e7cf553780d10ea0c355c44987c4910280a18c597b1ad2baf","size":493,"data":"","first_seen":"2026-04-14T20:59:17.848153Z","last_seen":"2026-04-14T20:59:17.848153Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"5e8b98790ff7554032ba3f31497696e1","sha1":"b49655e24bec9edf3a1b7a8d7b211eac756d65d8","sha256":"6d4afffd83748538a4def4d8024c9d2f6b7742da665434c17f74a8ec452f2d0a","sha512":"fcc243672780e8083df875b2840174b3123ba8936615e01110104468902333267e6e8373caa351fc118616deed28540fa0ee8f552bfa3359cf9ac4e23756df15","ssdeep":"","tlshash":"d3d02e0b6d64287423b9143c16ebee4cb6a2608c503ee40680ddf8208aa4ee60c3e7c8","size":254,"data":"","first_seen":"2026-03-05T19:58:24.399956Z","last_seen":"2026-04-14T21:00:46.856103Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"5757983f442edbfbc515209bb6b3d7f2","sha1":"3fd35ad4f5782cb1212be5ea26459fb3e4ef095a","sha256":"27c8290c72ea6ae1daabcf7d90d8fde1cc4e90d766252247052278749a57fa97","sha512":"9edbc421cd442cf891c61944ad0d65f4949382cabecd930d3c3f0a7be6ea9a01d1770afbd743bb8635637a44ba1121e76bd3c38cf0a19088c9caa56035b03dc4","ssdeep":"","tlshash":"a1f0a31b28b718380573b0aa4bbf8c2a70a1311be14cc613be4d4144df155884950f1c","size":480,"data":"","first_seen":"2026-04-14T20:59:17.849496Z","last_seen":"2026-04-14T21:00:46.856944Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-15T00:39:14.675394Z","times_seen":105259,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-15T00:39:14.675394Z","times_seen":105259,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.meiqia.com/widget/loader.js","fqdn":"static.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.152.43.117","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"00184f0a93d1f7867cdf782f3df1ab53","sha1":"2116343f5208357e24bbd944b416e92af38cfb3d","sha256":"07b10d9c31fb3e5df8c7dbb2522da941d49be31f596add069f068a3d83823231","sha512":"de2c11603ea9bf00fad76f283ed1d32ef21e247d2127fba060537383e3e61b145cb77eefbe2c055426b4e0c6d19a967b9919d508ddd6e9954c7dbd4f83df1c8b","ssdeep":"192:K04adoyHIogekJElGZQz6cFDZsWBnCK5HWlT6NKSn2QcWByxGmsHZQzq7vE4o7YI:9H1k+BbF9CF4Nua2Nqw4KYZb9ly20W16","tlshash":"ee7240cdb5c2b0814ba36160422fa81bf2775aa4749f99c0a365d1f8bc7994f8077f2d","size":16345,"data":"","first_seen":"2024-05-21T00:26:26Z","last_seen":"2026-04-14T21:00:46.841053Z","times_seen":2538,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.meiqia.com/fe-widget/v1.5.6.prod.20260306_165/entrypoint-v1.5.6.prod.20260306_165.js","fqdn":"static.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.152.43.117","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5cc75246a01d73279b6562d7ec1fa1b8","sha1":"ec03073104c7ca3d4efda8afbeadd6e6a1327a3e","sha256":"4c87e79d8236f7c6e4e09358fe77ddaa39ec01daabe65031ce5fc520d1fecfe1","sha512":"1379d187b74b41d2cfaa9d37bc304d9c2672d7446f54ae11b4af614acea4c3926b59912525ec837c1c7ecb0582e28dcab79f383aa29d6ba0a43c751492f65099","ssdeep":"3072:1I2h7Asg01sHplOuU1C+PjvAHTJBW+9YbMfZh:+llOuU1C+Pjv+1o+9Ym","tlshash":"1e1408cd31d5b0a203e362f0103f740bb1b76969690d9890f665d8d5acb9a5e823bf7c","size":194416,"data":"","first_seen":"2026-03-06T10:13:01.511001Z","last_seen":"2026-04-14T21:00:46.844444Z","times_seen":184,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.meiqia.com/fe-widget/v1.5.6.prod.20260306_165/app-v1.5.6.prod.20260306_165.js","fqdn":"static.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.152.43.117","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6fd26749d6ce6d2748d4da4e2461c61b","sha1":"a58fe48c5cfcba2900dc7465b85fe9d6341858c5","sha256":"7e8a1c14399902b2f2339515015e02d83ac304db944069190b67e41983b17e6b","sha512":"1c5f9d29c47bf268dd1f88b77c6149e5098e58b6342ef7e037e50a73b481452a68fdca00a4ba69f38c0a931dc36ffc821cb959f9f6ab2aa896de19a09a2d7b46","ssdeep":"12288:AVciXSnka9BGfTsHI5e4lARLgGqg45s/1OZ6:slXSkFTsHI5eRpPqh5s/d","tlshash":"924528cd71c2b0a207e361b1403f100bb33a6d69680d9464f665d8e9bdb998e9237f7d","size":1196802,"data":"","first_seen":"2026-03-06T10:13:01.556157Z","last_seen":"2026-04-14T21:00:46.855191Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/js/main.js","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"7802f6c5011a23d1e24105dec49f13ee","sha1":"15d7198c95e0681d7fe264363a62f4ea103b291f","sha256":"aef9739312d12e3727a305bc46d8d2e8b964adcf663655b696e83ff609b7b184","sha512":"c136c6154f7d0a6e3a5b7772cd5ec415c12f4936252768fe013edcedf52f3a1b46e607903bf65464bf3cfc70240b025f203991d9630646ca8049d385381e2d78","ssdeep":"384:vSv0KVpQaMFvQJHM11EO1ah85SgojRTHQ3j+:C85SgCRK+","tlshash":"2fb2612aa1b73031857b71be5bcb62883231204b7406dd5a3e1dc7491f92b614eb6aed","size":24869,"data":"","first_seen":"2026-03-20T16:11:00.275125Z","last_seen":"2026-04-14T21:00:46.839605Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cn-ledger.com/favicon.ico","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:51.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nCookie: Hm_lvt_d271e213a5583ee84901cf817aa7ad96=1776200330; Hm_lpvt_d271e213a5583ee84901cf817aa7ad96=1776200330; HMACCOUNT=B7D4593783EE2224\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:58:51 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-15T00:49:40.35261Z","times_seen":487820,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/js/main.js","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:48.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:58:48 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 13 Apr 2026 03:57:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dc6994-618f\"\r\nexpires: Wed, 15 Apr 2026 08:58:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24975,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"7802f6c5011a23d1e24105dec49f13ee","sha1":"15d7198c95e0681d7fe264363a62f4ea103b291f","sha256":"aef9739312d12e3727a305bc46d8d2e8b964adcf663655b696e83ff609b7b184","sha512":"c136c6154f7d0a6e3a5b7772cd5ec415c12f4936252768fe013edcedf52f3a1b46e607903bf65464bf3cfc70240b025f203991d9630646ca8049d385381e2d78","ssdeep":"384:vSv0KVpQaMFvQJHM11EO1ah85SgojRTHQ3j+:C85SgCRK+","tlshash":"2fb2612aa1b73031857b71be5bcb62883231204b7406dd5a3e1dc7491f92b614eb6aed","first_seen":"2026-03-20T16:11:00.275125Z","last_seen":"2026-04-14T21:00:46.839605Z","times_seen":5,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-flex-unboxing-guide-video.mp4","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:48.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-flex-unboxing-guide-video.mp4 HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: openresty\r\ndate: Tue, 14 Apr 2026 20:58:49 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 8912106\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 475950\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-flex-unboxing-guide-video.mp4\"; filename*=utf-8''ledger-flex-unboxing-guide-video.mp4\r\ncontent-md5: eNe2GDt9JOFITefGFbk06w==\r\ncontent-range: bytes 0-8912105/8912106\r\ncontent-transfer-encoding: binary\r\netag: \"lgxc1ljNGDRTkIxXn-DkrA1zyaUO\"\r\nlast-modified: Sat, 29 Nov 2025 08:37:33 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg119;QNM3:1\r\nx-m-reqid: EkehuAP4J\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: d-kAAACPgGMSb3wY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36066,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"e217680afb96ecb642d69f0cf58f0c15","sha1":"f4d885b851f4e33533e0fdf70cdab5fce06b9a37","sha256":"bd188788df7b1a2619e077dad9686c660d666dfcec1b763e0a6eb4a7d4e3359c","sha512":"1898b16a9ea6e6436eb38a67ce60b4bd3283763fc423d2cbcf891d6f249ae209187dc18eed85bcf860cf32ff253302afe5c1c1cc4590a7a2588a27b6149e1626","ssdeep":"768:u/597KlXcCHTm0+9SiKWm5IsVErYWk4zk2tjd28O+fxK6p7+5L:uP7ycCaFcWmSsCo4zjlvs5L","tlshash":"9ef2021dcd3e7fa43fa0f3f4683d9f604a144a356a2b281e951f3c8a3a88ff11149965","first_seen":"2026-03-28T05:46:55.242084Z","last_seen":"2026-04-14T20:59:17.832681Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2314,"timings":{"blocked":909,"dns":0,"connect":244,"send":0,"wait":279,"receive":306,"ssl":574},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/images/video-poster.jpg","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:49.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /images/video-poster.jpg HTTP/1.1\r\nHost: cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:58:49 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-15T00:49:40.35261Z","times_seen":487820,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.meiqia.com/widget/loader.js","fqdn":"static.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.152.43.117","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:49.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meiqia.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 24 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:5E:88:72:BE:D5:CD:01:9F:60:65:9C:E0:33:77:43:41:54:DC:8D","sha256":"40:6B:84:9A:F1:93:17:61:39:C2:0F:6D:55:0A:5A:52:68:B9:1A:93:70:E7:81:5D:EE:6F:7A:5E:29:D8:14:94"}}},"request":{"raw":"GET /widget/loader.js HTTP/1.1\r\nHost: static.meiqia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 10 May 2024 09:15:03 GMT\r\ncontent-encoding: gzip\r\netag: \"00184F0A93D1F7867CDF782F3DF1AB53\"\r\ndate: Thu, 25 Dec 2025 09:04:18 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nx-oss-request-id: 694CFE126EDEF631368E2FCE\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 14476346677076018366\r\nx-oss-storage-class: Standard\r\ncontent-md5: ABhPCpPR94Z833gvPfGrUw==\r\nx-oss-server-time: 3\r\ncontent-length: 5741\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 11380846068089521531\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\nstrict-transport-security: max-age=1;\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":16345,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (16344), with no line terminators","md5":"00184f0a93d1f7867cdf782f3df1ab53","sha1":"2116343f5208357e24bbd944b416e92af38cfb3d","sha256":"07b10d9c31fb3e5df8c7dbb2522da941d49be31f596add069f068a3d83823231","sha512":"de2c11603ea9bf00fad76f283ed1d32ef21e247d2127fba060537383e3e61b145cb77eefbe2c055426b4e0c6d19a967b9919d508ddd6e9954c7dbd4f83df1c8b","ssdeep":"192:K04adoyHIogekJElGZQz6cFDZsWBnCK5HWlT6NKSn2QcWByxGmsHZQzq7vE4o7YI:9H1k+BbF9CF4Nua2Nqw4KYZb9ly20W16","tlshash":"ee7240cdb5c2b0814ba36160422fa81bf2775aa4749f99c0a365d1f8bc7994f8077f2d","first_seen":"2024-05-21T00:26:26Z","last_seen":"2026-04-14T21:00:46.841053Z","times_seen":2538,"resource_available":true,"data":null}},"time_used":800,"timings":{"blocked":-1,"dns":740,"connect":17,"send":0,"wait":18,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/videos/product-demo.webm","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:51.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /videos/product-demo.webm HTTP/1.1\r\nHost: cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nCookie: Hm_lvt_d271e213a5583ee84901cf817aa7ad96=1776200330; Hm_lpvt_d271e213a5583ee84901cf817aa7ad96=1776200330; HMACCOUNT=B7D4593783EE2224\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:58:51 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-15T00:49:40.35261Z","times_seen":487820,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"new-api.meiqia.com/hikari/visit/visit/start?ent_id=43b8858ce63e9cde24502457dc5a69bb\u0026track_id=\u0026title=ledger%E7%A1%AC%E4%BB%B6%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91+-+%E5%8D%87%E7%BA%A7%E6%82%A8%E7%9A%84%E5%8A%A0%E5%AF%86%E4%BD%93%E9%AA%8C+%7C+%E6%AF%94%E7%89%B9%E5%B8%81%E4%BB%A5%E5%A4%AA%E5%9D%8A%E5%86%B7%E9%92%B1%E5%8C%85\u0026referrer_url=\u0026url=https:%2F%2Fcn-ledger.com%2F\u0026is_standalone=false","fqdn":"new-api.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.174.224.10","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:51.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meiqia.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 24 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:5E:88:72:BE:D5:CD:01:9F:60:65:9C:E0:33:77:43:41:54:DC:8D","sha256":"40:6B:84:9A:F1:93:17:61:39:C2:0F:6D:55:0A:5A:52:68:B9:1A:93:70:E7:81:5D:EE:6F:7A:5E:29:D8:14:94"}}},"request":{"raw":"GET /hikari/visit/visit/start?ent_id=43b8858ce63e9cde24502457dc5a69bb\u0026track_id=\u0026title=ledger%E7%A1%AC%E4%BB%B6%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91+-+%E5%8D%87%E7%BA%A7%E6%82%A8%E7%9A%84%E5%8A%A0%E5%AF%86%E4%BD%93%E9%AA%8C+%7C+%E6%AF%94%E7%89%B9%E5%B8%81%E4%BB%A5%E5%A4%AA%E5%9D%8A%E5%86%B7%E9%92%B1%E5%8C%85\u0026referrer_url=\u0026url=https:%2F%2Fcn-ledger.com%2F\u0026is_standalone=false HTTP/1.1\r\nHost: new-api.meiqia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Is-Standalone: false\r\nX-Is-Meiqia-Domain: undefined\r\nOrigin: https://cn-ledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 400 Bad Request\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://cn-ledger.com\r\ncontent-type: application/json; charset=utf-8\r\nvary: Origin\r\nreq-cost-time: 10\r\nreq-arrive-time: 1776200331810\r\nresp-start-time: 1776200331821\r\nx-envoy-upstream-service-time: 10\r\naccess-control-expose-headers: *\r\nserver: istio-envoy\r\nContent-Length: 335\r\nConnection: keep-alive\r\nDate: Tue, 14 Apr 2026 20:58:51 GMT\r\nEO-LOG-UUID: 265621781199177706\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":335,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"3f8dfc43c17f85e88a2901e696989216","sha1":"4aaa415626921f9fe3fa9dda43a9e3a35fc12feb","sha256":"3034b2b1e0b27128228f5cc2e0f248eed8bd4a5df715b99ea745ba98e5d3af2a","sha512":"e5da06523f173ad9912e30049e65c081af71dcf2cb5943301864d9bab7c3ec79c67d6501737e40187e6b249fbaf9391c93ba33290a3c2230fccea6f2e73c4f6b","ssdeep":"","tlshash":"02e0261942fc2c9b9a5640e066cce258b2c722c9a03e6ed2dec91182a29ae5d8a07431","first_seen":"2024-12-04T06:48:21.872025Z","last_seen":"2026-04-14T21:00:46.851187Z","times_seen":424,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/images/apple-touch-icon.png","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:51.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /images/apple-touch-icon.png HTTP/1.1\r\nHost: cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nCookie: Hm_lvt_d271e213a5583ee84901cf817aa7ad96=1776200330; Hm_lpvt_d271e213a5583ee84901cf817aa7ad96=1776200330; HMACCOUNT=B7D4593783EE2224\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:58:51 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-15T00:49:40.35261Z","times_seen":487820,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-Wallet-banner.webp","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:48.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-Wallet-banner.webp HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 14 Apr 2026 20:58:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 48309\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 1234597\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-Wallet-banner.webp\"; filename*=utf-8''ledger-Wallet-banner.webp\r\ncontent-md5: Ylfs6vu5cZ6rX8byte3tjw==\r\ncontent-transfer-encoding: binary\r\netag: \"FvII6c40aSV8dRA9kT8X3a1ZwnoT\"\r\nlast-modified: Sat, 29 Nov 2025 08:10:54 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg119;QNM3\r\nx-m-reqid: kfzM9T6Q6\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: XjgAAABkXfHt8aEY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48309,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 560 x 635, 8-bit colormap, non-interlaced","md5":"6257eceafbb9719eab5fc6f2b5eded8f","sha1":"f208e9ce3469257c75103d913f17ddad59c27a13","sha256":"812f21cd7f09a06a566d714f8961c9b554875b77f86b12254b82e1636de1b263","sha512":"cf63e29d8c51d85f3ef3c8e62dd01d5d07192d4a548d194c768a421b29a42cb8dfc27a2a7dce3be3a3c237dd46d89eceaa80f03969677f7624aa4f80bba7622a","ssdeep":"768:I1rFN4r+gnCWdw4ifpGtRlRMYxWWtAb8FOBj/illbe8dksMnU1ZeYY7YAsK2pcFo:Hr+O7ntFMYxftoqksaUL5AsRiRUhh","tlshash":"5a23f2c8a7ed8dd16146b5d205b231c806f0b78d9e28b3cd9cd67272d723e2ca7c416a","first_seen":"2026-03-05T19:58:24.393334Z","last_seen":"2026-04-14T21:00:46.819801Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3163,"timings":{"blocked":1049,"dns":94,"connect":241,"send":0,"wait":975,"receive":217,"ssl":584},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/images/video-poster.jpg","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:48.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /images/video-poster.jpg HTTP/1.1\r\nHost: cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:58:48 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-15T00:49:40.35261Z","times_seen":487820,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?d271e213a5583ee84901cf817aa7ad96","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:48.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?d271e213a5583ee84901cf817aa7ad96 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11293\r\nContent-Type: application/javascript\r\nDate: Tue, 14 Apr 2026 20:58:49 GMT\r\nEtag: 3eeefff0cc6fa0042eee827d11704f5b\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=B7D4593783EE2224; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29899,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (623)","md5":"a5560f7f38eb3633d0250da2df211df9","sha1":"18a2a78325a5fbae0baaf5565924ac42ad7cc3e8","sha256":"2fe61d275ea29b7652c5ed124d12d6580b1a3eea4222d2e42e39464d7d64fe9d","sha512":"8c6e15b9ebf3c0607520a0ab5dfcf222927f1a2283a8702daf86e317d6283160909f639dfc86e47893178a016e08a42baa1ce0a937be74f621dc80abbba74e50","ssdeep":"384:nAJSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:nA4VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"9cd2d9a9b282713293a324a5153f724ef07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2026-04-14T20:59:17.835993Z","last_seen":"2026-04-14T20:59:17.835993Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1519,"timings":{"blocked":608,"dns":1,"connect":209,"send":0,"wait":272,"receive":1,"ssl":425},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"edge-api.meiqia.com/summer/widget/route/match","fqdn":"edge-api.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.174.224.10","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:49.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meiqia.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 24 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:5E:88:72:BE:D5:CD:01:9F:60:65:9C:E0:33:77:43:41:54:DC:8D","sha256":"40:6B:84:9A:F1:93:17:61:39:C2:0F:6D:55:0A:5A:52:68:B9:1A:93:70:E7:81:5D:EE:6F:7A:5E:29:D8:14:94"}}},"request":{"raw":"OPTIONS /summer/widget/route/match HTTP/1.1\r\nHost: edge-api.meiqia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-ent-id\r\nReferer: https://cn-ledger.com/\r\nOrigin: https://cn-ledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 OK\r\naccess-control-allow-origin: https://cn-ledger.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH\r\naccess-control-allow-headers: content-type,x-ent-id\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: *\r\nserver: istio-envoy\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Tue, 14 Apr 2026 20:58:50 GMT\r\nEO-LOG-UUID: 11070726094277788463\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-15T00:55:27.172088Z","times_seen":13762599,"resource_available":true,"data":null}},"time_used":518,"timings":{"blocked":137,"dns":92,"connect":19,"send":0,"wait":244,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"edge-api.meiqia.com/summer/widget/route/match","fqdn":"edge-api.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.174.224.10","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:50.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meiqia.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 24 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:5E:88:72:BE:D5:CD:01:9F:60:65:9C:E0:33:77:43:41:54:DC:8D","sha256":"40:6B:84:9A:F1:93:17:61:39:C2:0F:6D:55:0A:5A:52:68:B9:1A:93:70:E7:81:5D:EE:6F:7A:5E:29:D8:14:94"}}},"request":{"raw":"POST /summer/widget/route/match HTTP/1.1\r\nHost: edge-api.meiqia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nx-ent-id: 43b8858ce63e9cde24502457dc5a69bb\r\nContent-Length: 47\r\nOrigin: https://cn-ledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"{\"entToken\":\"43b8858ce63e9cde24502457dc5a69bb\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\naccess-control-allow-origin: https://cn-ledger.com\r\naccess-control-allow-credentials: true\r\ncontent-encoding: gzip\r\ncontent-type: application/json;charset=UTF-8\r\nreq-cost-time: 2\r\nreq-arrive-time: 1776200330505\r\nresp-start-time: 1776200330508\r\nx-envoy-upstream-service-time: 1\r\naccess-control-expose-headers: *\r\nserver: istio-envoy\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nDate: Tue, 14 Apr 2026 20:58:50 GMT\r\nEO-LOG-UUID: 799974420401736450\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":996,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"3d514bab761d2d2bfc4113f289ac6293","sha1":"f86b1d6ee356df7bb1c6268c61eb8de2f52c4cb0","sha256":"4bcbaf969439cc4c3d885ea442e7f6cddecd6a7715ebb034c1cc81c6c9bcdcd5","sha512":"4bf53892508978aa83fa3ebfb7e5679e1112f82c11d13d61c2b94223e7832cc5dc18803258bc83ffc9126e764a1178df38079d799cea7cdfb939cac5cfeba218","ssdeep":"","tlshash":"f511ab9389b44aaa5f2057cc4608a51ad09fb01f0dc0dbfed9113e448d3f3a90bd639d","first_seen":"2026-04-14T20:59:17.83758Z","last_seen":"2026-04-14T21:00:46.842417Z","times_seen":2,"resource_available":false,"data":null}},"time_used":634,"timings":{"blocked":-1,"dns":94,"connect":22,"send":0,"wait":248,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-flex-unboxing-guide-video.mp4","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:50.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-flex-unboxing-guide-video.mp4 HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=8880128-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nCookie: Hm_lvt_d271e213a5583ee84901cf817aa7ad96=1776200330; Hm_lpvt_d271e213a5583ee84901cf817aa7ad96=1776200330; HMACCOUNT=B7D4593783EE2224\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: openresty\r\ndate: Tue, 14 Apr 2026 20:58:50 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 31978\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 475951\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-flex-unboxing-guide-video.mp4\"; filename*=utf-8''ledger-flex-unboxing-guide-video.mp4\r\ncontent-md5: eNe2GDt9JOFITefGFbk06w==\r\ncontent-range: bytes 8880128-8912105/8912106\r\ncontent-transfer-encoding: binary\r\netag: \"lgxc1ljNGDRTkIxXn-DkrA1zyaUO\"\r\nlast-modified: Sat, 29 Nov 2025 08:37:33 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg119;QNM3\r\nx-m-reqid: g2ceCGKIZ\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: d-kAAACPgGMSb3wY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":31978,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"1531a7384816d2ebb863b159dffc4d1a","sha1":"fd46e3e449dc32df79ff3d83ebfb581bfebabb4c","sha256":"0eea34235446dd9d3df5197cda25b33fda7e0de20f9902f57083242a53e66475","sha512":"3bd6352ae11f37d0668851920e5585db59b22a5c2c7c0ca2afce44ad0b3e9aff9efe0fca9a21d77f704313112c9c9a00b512e172baac01ba237ab86854cb0ad3","ssdeep":"768:WusqDB+D9mFC+V9Zd6LT0bvgMXfBDNOne67rVJgZ:1/B+D9mFC+V9ZdWTUgMXfBDNOvVmZ","tlshash":"58e28096ef519c64c9c70db05b6b0b8036e3fa04ce8d17af2f7e9540cc5225be8e8994","first_seen":"2026-03-20T16:11:00.272617Z","last_seen":"2026-04-14T21:00:46.833307Z","times_seen":5,"resource_available":false,"data":null}},"time_used":904,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":886,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.meiqia.com/fe-widget/v1.5.6.prod.20260306_165/app-v1.5.6.prod.20260306_165.js","fqdn":"static.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.152.43.117","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:50.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meiqia.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 24 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:5E:88:72:BE:D5:CD:01:9F:60:65:9C:E0:33:77:43:41:54:DC:8D","sha256":"40:6B:84:9A:F1:93:17:61:39:C2:0F:6D:55:0A:5A:52:68:B9:1A:93:70:E7:81:5D:EE:6F:7A:5E:29:D8:14:94"}}},"request":{"raw":"GET /fe-widget/v1.5.6.prod.20260306_165/app-v1.5.6.prod.20260306_165.js HTTP/1.1\r\nHost: static.meiqia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 06 Mar 2026 06:30:39 GMT\r\ncontent-encoding: gzip\r\netag: \"6FD26749D6CE6D2748D4DA4E2461C61B\"\r\ndate: Fri, 06 Mar 2026 06:38:22 GMT\r\ncontent-type: text/javascript\r\nx-oss-request-id: 69AA765E6EDEF6323285300A\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 15743163260591507650\r\nx-oss-storage-class: Standard\r\ncontent-md5: b9JnSdbObSdI1NpOJGHGGw==\r\nx-oss-server-time: 7\r\ncontent-length: 352652\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2482451758367282435\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\nstrict-transport-security: max-age=1;\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]}],"data":{"size":1196802,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ef54ccd776c571950363824ef49047ad","sha1":"7cf2fc955baa2a734b4c5d5a1bd08b4622c69757","sha256":"f19803966bdb401b6f4f9fbedf9dd29b932a92513f4c3daa133d7fa2cecf805b","sha512":"a861257e6fb5bbb8b78ac5d9acbe89b07cd32be9301745c039aeaa3c1de9590db4e6a0af715647c0aea75fae72e561f0dba271a29d877d608aca81c7929fc08d","ssdeep":"6144:mLPtqVxPp7Uy96XStztkazQeBX2bbHzsHI5evwlTUMoFOFVwvgG90YnsUqbeWpH5:AVciXSnka9BGfTsHI5e4lARLgGqgs","tlshash":"c22539cd70c2b0a207e361b5403f100bb33a6d69680d5454f665d8dabdba98ea237f7d","first_seen":"2026-03-06T10:13:01.515406Z","last_seen":"2026-04-14T21:00:46.834736Z","times_seen":182,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-14T20:58:47.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:58:48 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 13 Apr 2026 03:56:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dc6983-dbb9\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1252)","md5":"e0f8200e1fedf1f9cbfa7688e28babe3","sha1":"35b53a51987c24dfd715e1d953249feb0421b9f6","sha256":"698287cd6461195492d37a025065d915316acc839d569dcead440d06d37070dc","sha512":"c0f181251abd5ea1ba728fedb6e45656a9cf8029eb9d42afb41bb1ab9c7f59129ac54ef3ac320c4d31d312c0b00fcf2dd20983ec3814b84dd7e61fa4a1fea9d6","ssdeep":"768:9Fyu6gnmayUf6LgCJQ1nxEw1X3i7ojiFYLJOdX/tsYrxE0cQyD4rqfSc3w6NuSs:9Pv1EiY16Q6hlNuSs","tlshash":"a643a79190f6187a015b80ea5ee16f6f7ea1a007c55e4284b6dc4a7f2fc2dc66c37d2c","first_seen":"2026-04-14T20:59:17.839928Z","last_seen":"2026-04-14T21:00:46.829911Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1479,"timings":{"blocked":629,"dns":189,"connect":218,"send":0,"wait":218,"receive":0,"ssl":223},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-nano-x.webp","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:49.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-nano-x.webp HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 14 Apr 2026 20:58:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 98037\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 1239595\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-nano-x.webp\"; filename*=utf-8''ledger-nano-x.webp\r\ncontent-md5: 1Bg2/A8E9sCeIJ/cFgYp8w==\r\ncontent-transfer-encoding: binary\r\netag: \"FokZz0kpWm4HBdrhD9n0ULeRuPWr\"\r\nlast-modified: Sat, 29 Nov 2025 08:10:52 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg119;QNM3\r\nx-m-reqid: FnhftopEC\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: 7eAAAADi5Jli7aEY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":98037,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"d41836fc0f04f6c09e209fdc160629f3","sha1":"8919cf49295a6e0705dae10fd9f450b791b8f5ab","sha256":"89a3a6a721d044f72239b1ab5bdaccd687e3030d1a804e81ff1bee35fadcfe83","sha512":"eff24e3d03af8f1db5ad88df4eb315872f6d8c9a048296327af12975b8cc9fa9b9077f4dfa990ab1d0f6c9ddb9f08a31995de6c7a871f42dba801fc7b29ef754","ssdeep":"1536:qISIxYc1lucDD/d41E3wVVCn+/HqsxbzTB2fEZC8snVnq/nM2kD7SEg+GrMsETLM:q1IrIcX/dJwVUnTEV2fHFYkDGEMU/JJ4","tlshash":"d6a3022330d6daf66d25f4b7263a59293b48eb05a1072355fc48a8f8db718530c5aae4","first_seen":"2026-03-20T16:11:00.276049Z","last_seen":"2026-04-14T21:00:46.832379Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3163,"timings":{"blocked":1087,"dns":1,"connect":251,"send":0,"wait":903,"receive":83,"ssl":835},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-stax.webp","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:49.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-stax.webp HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 14 Apr 2026 20:58:49 GMT\r\ncontent-type: image/webp\r\ncontent-length: 80284\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 1234595\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-stax.webp\"; filename*=utf-8''ledger-stax.webp\r\ncontent-md5: LRU6cCRehz4iEzgzcPXhAw==\r\ncontent-transfer-encoding: binary\r\netag: \"Fr5vWqv9edMiWKz2v5dAKiW7y37I\"\r\nlast-modified: Sat, 29 Nov 2025 08:10:53 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg121;QNM3:1\r\nx-m-reqid: xZJXVsARA\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: MLEAAAASvYXu8aEY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":80284,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"2d153a70245e873e2213383370f5e103","sha1":"be6f5aabfd79d32258acf6bf97402a25bbcb7ec8","sha256":"24a0fd3412ce6ae5c86d8de3be134905048b22ff2f08a49164ea2829c6c6e419","sha512":"1057582643ee444784b6e3aa6a49dca29a06e22a523800d9abacf245dfc1220a1658ad135aab1a33030090b08ac9912530c74e242e6d02a6a555fc48b16df502","ssdeep":"1536:SF3w2UfnVfePzxaTZj1T46q1ymy9zkeYvEhhjXgT4asUU8hFTR:S1LU9ezxaTZjWbA9BYwh7gHU8hz","tlshash":"a97312e7130c7fd30077d9a1377906a6a797a712bad66f032551d28c37860aad0217fc","first_seen":"2026-03-20T16:11:00.279425Z","last_seen":"2026-04-14T21:00:46.83695Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2452,"timings":{"blocked":659,"dns":0,"connect":257,"send":0,"wait":980,"receive":142,"ssl":409},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=B7D4593783EE2224\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=779751299\u0026si=d271e213a5583ee84901cf817aa7ad96\u0026v=1.3.2\u0026lv=1\u0026sn=5225\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fcn-ledger.com%2F\u0026tt=ledger%E7%A1%AC%E4%BB%B6%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91%20-%20%E5%8D%87%E7%BA%A7%E6%82%A8%E7%9A%84%E5%8A%A0%E5%AF%86%E4%BD%93%E9%AA%8C%20%7C%20%E6%AF%94%E7%89%B9%E5%B8%81%E4%BB%A5%E5%A4%AA%E5%9D%8A%E5%86%B7%E9%92%B1%E5%8C%85","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"111.45.11.83","port":443,"asn":9808,"as":"China Mobile Communications Group Co., Ltd.","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:49.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=B7D4593783EE2224\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=779751299\u0026si=d271e213a5583ee84901cf817aa7ad96\u0026v=1.3.2\u0026lv=1\u0026sn=5225\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Fcn-ledger.com%2F\u0026tt=ledger%E7%A1%AC%E4%BB%B6%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91%20-%20%E5%8D%87%E7%BA%A7%E6%82%A8%E7%9A%84%E5%8A%A0%E5%AF%86%E4%BD%93%E9%AA%8C%20%7C%20%E6%AF%94%E7%89%B9%E5%B8%81%E4%BB%A5%E5%A4%AA%E5%9D%8A%E5%86%B7%E9%92%B1%E5%8C%85 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Tue, 14 Apr 2026 20:58:49 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=BD89EDBBCEDF5A2A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-15T00:53:56.466997Z","times_seen":335076,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":271,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.meiqia.com/fe-widget/v1.5.6.prod.20260306_165/entrypoint-v1.5.6.prod.20260306_165.js","fqdn":"static.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.152.43.117","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:50.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meiqia.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 24 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:5E:88:72:BE:D5:CD:01:9F:60:65:9C:E0:33:77:43:41:54:DC:8D","sha256":"40:6B:84:9A:F1:93:17:61:39:C2:0F:6D:55:0A:5A:52:68:B9:1A:93:70:E7:81:5D:EE:6F:7A:5E:29:D8:14:94"}}},"request":{"raw":"GET /fe-widget/v1.5.6.prod.20260306_165/entrypoint-v1.5.6.prod.20260306_165.js HTTP/1.1\r\nHost: static.meiqia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 06 Mar 2026 06:30:39 GMT\r\ncontent-encoding: gzip\r\netag: \"5CC75246A01D73279B6562D7EC1FA1B8\"\r\ndate: Fri, 06 Mar 2026 06:38:21 GMT\r\ncontent-type: text/javascript\r\nx-oss-request-id: 69AA765D6EDEF63232DD270A\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 11091130583004183539\r\nx-oss-storage-class: Standard\r\ncontent-md5: XMdSRqAdcyebZWLX7B+huA==\r\nx-oss-server-time: 5\r\ncontent-length: 64764\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 1173033330639495031\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\ncontent-disposition: inline\r\nstrict-transport-security: max-age=1;\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":194416,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65407), with no line terminators","md5":"5cc75246a01d73279b6562d7ec1fa1b8","sha1":"ec03073104c7ca3d4efda8afbeadd6e6a1327a3e","sha256":"4c87e79d8236f7c6e4e09358fe77ddaa39ec01daabe65031ce5fc520d1fecfe1","sha512":"1379d187b74b41d2cfaa9d37bc304d9c2672d7446f54ae11b4af614acea4c3926b59912525ec837c1c7ecb0582e28dcab79f383aa29d6ba0a43c751492f65099","ssdeep":"3072:1I2h7Asg01sHplOuU1C+PjvAHTJBW+9YbMfZh:+llOuU1C+Pjv+1o+9Ym","tlshash":"1e1408cd31d5b0a203e362f0103f740bb1b76969690d9890f665d8d5acb9a5e823bf7c","first_seen":"2026-03-06T10:13:01.511001Z","last_seen":"2026-04-14T21:00:46.844444Z","times_seen":184,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-api.meiqia.com/hikari/visit/visit/start?ent_id=43b8858ce63e9cde24502457dc5a69bb\u0026track_id=\u0026title=ledger%E7%A1%AC%E4%BB%B6%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91+-+%E5%8D%87%E7%BA%A7%E6%82%A8%E7%9A%84%E5%8A%A0%E5%AF%86%E4%BD%93%E9%AA%8C+%7C+%E6%AF%94%E7%89%B9%E5%B8%81%E4%BB%A5%E5%A4%AA%E5%9D%8A%E5%86%B7%E9%92%B1%E5%8C%85\u0026referrer_url=\u0026url=https:%2F%2Fcn-ledger.com%2F\u0026is_standalone=false","fqdn":"new-api.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.174.224.10","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:51.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meiqia.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 24 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:5E:88:72:BE:D5:CD:01:9F:60:65:9C:E0:33:77:43:41:54:DC:8D","sha256":"40:6B:84:9A:F1:93:17:61:39:C2:0F:6D:55:0A:5A:52:68:B9:1A:93:70:E7:81:5D:EE:6F:7A:5E:29:D8:14:94"}}},"request":{"raw":"OPTIONS /hikari/visit/visit/start?ent_id=43b8858ce63e9cde24502457dc5a69bb\u0026track_id=\u0026title=ledger%E7%A1%AC%E4%BB%B6%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91+-+%E5%8D%87%E7%BA%A7%E6%82%A8%E7%9A%84%E5%8A%A0%E5%AF%86%E4%BD%93%E9%AA%8C+%7C+%E6%AF%94%E7%89%B9%E5%B8%81%E4%BB%A5%E5%A4%AA%E5%9D%8A%E5%86%B7%E9%92%B1%E5%8C%85\u0026referrer_url=\u0026url=https:%2F%2Fcn-ledger.com%2F\u0026is_standalone=false HTTP/1.1\r\nHost: new-api.meiqia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-is-meiqia-domain,x-is-standalone\r\nReferer: https://cn-ledger.com/\r\nOrigin: https://cn-ledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/1.1 200 OK\r\naccess-control-allow-origin: https://cn-ledger.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH\r\naccess-control-allow-headers: x-is-meiqia-domain,x-is-standalone\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: *\r\nserver: istio-envoy\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Tue, 14 Apr 2026 20:58:51 GMT\r\nEO-LOG-UUID: 4789816618951981212\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-15T00:55:27.172088Z","times_seen":13762599,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cn-ledger.com/css/style.css","fqdn":"cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:48.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 14 Apr 2026 20:58:48 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 13 Apr 2026 03:56:52 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dc6984-1b1dd\"\r\nexpires: Wed, 15 Apr 2026 08:58:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":111069,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"ee361f55bcfae5412eb1bd79dea4617e","sha1":"326b962d4cc2b47851b53ace0aa63b6c620694ca","sha256":"a1bd7943ca83090f7e51ce98f204e6de61973f55652eb3a9e521f0ce3ccd9c1c","sha512":"c5915fd9aa1d53974741af7b223eb481a70fafad6d13f344e5d064bba429b425388055efb9a066386dc896f35b9300b99a9cf95cad3d45525d4b32dd20438e80","ssdeep":"1536:G6Gq5GIL7DQRdE2oWnOoy5FG3oyQZUQsrujdUQsMzoJTs8eTD+Yxx49cuHXaA0:D","tlshash":"5eb34145967354a4b82f65782fee964a3278a447c90dce6c3ecc310d8f893e855b2f9c","first_seen":"2026-03-20T16:11:00.274299Z","last_seen":"2026-04-14T21:00:46.838271Z","times_seen":3,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-nano-s-plus.webp","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:49.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-nano-s-plus.webp HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 14 Apr 2026 20:58:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 56951\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 1234598\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-nano-s-plus.webp\"; filename*=utf-8''ledger-nano-s-plus.webp\r\ncontent-md5: XgAQIsyimcN+GzOubQ9aYw==\r\ncontent-transfer-encoding: binary\r\netag: \"FmCemmk8eTKkLrN9IQalurqOSmgq\"\r\nlast-modified: Sat, 29 Nov 2025 08:10:52 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg121;QNM3\r\nx-m-reqid: 6QzcVUwz1\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: uA8AAADh2U4Sb3wY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":56951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"5e001022cca299c37e1b33ae6d0f5a63","sha1":"609e9a693c7932a42eb37d2106a5baba8e4a682a","sha256":"0ec2fb3d0cbd10953070548a8dc51f081e3f62ab3215b6a44e7e363c78b5ec03","sha512":"e2fa310c9c84762f3a4979fcf5379d4525d702084417f13777a9ae16c6e3576a83ef69f84f3834220c75f9f82d151161b401ec4b18140536c817dd1cb03c3172","ssdeep":"1536:rs11CQggc1E7ztf++/MT5gzG2GcrQUIfmnF4W56:61FggWIztdk5gyDcrBikF4WE","tlshash":"7343027b5bf710a2a6e2446cdd5c9907eb2d06a2e4e304b6b980d88f2f5c9f071c6718","first_seen":"2026-03-20T16:11:00.270349Z","last_seen":"2026-04-14T21:00:46.823757Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3079,"timings":{"blocked":893,"dns":0,"connect":250,"send":0,"wait":763,"receive":530,"ssl":640},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-flex.webp","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.241","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:49.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-flex.webp HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 14 Apr 2026 20:58:50 GMT\r\ncontent-type: image/webp\r\ncontent-length: 96300\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 1234597\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-flex.webp\"; filename*=utf-8''ledger-flex.webp\r\ncontent-md5: 4xMGy4MQOC1rxZJUDPw9Jw==\r\ncontent-transfer-encoding: binary\r\netag: \"FuUaMv6Y0wRC0Af_HN0OG4u2hzgN\"\r\nlast-modified: Sat, 29 Nov 2025 08:10:50 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg121;QNM3\r\nx-m-reqid: sM3g7u5Qd\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: Q1AAAACaoT7u8aEY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":96300,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"e31306cb8310382d6bc592540cfc3d27","sha1":"e51a32fe98d30442d007ff1cdd0e1b8bb687380d","sha256":"8a711a325f0eeb4f6ee4557388429b40d8d8c4b8baf26759c26c3c490afdc18a","sha512":"c58a2936a40be6e6afee9209c67daf329509e9d4cdc8fe1fec98f50eddbe65dfd3a363fc52134db136231d435dac4b1a5982f8deb2d1c20e3fef3846563fd34b","ssdeep":"1536:DgnhEiF5FnCybPIEaqXnFs98Cd7qndvM3Kg3MjoWGcNBGGlUb3ArppcE7pKjlW:DqhE4fLbPICXnwdmndcao8FlSQdmEcjs","tlshash":"62931233dbc2f7909a61965dbd79964a3c82a57e75271edc47b478cf38028936078b0c","first_seen":"2026-03-20T16:11:00.271633Z","last_seen":"2026-04-14T21:00:46.82591Z","times_seen":5,"resource_available":false,"data":null}},"time_used":2973,"timings":{"blocked":852,"dns":0,"connect":251,"send":0,"wait":790,"receive":476,"ssl":601},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-14","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-14","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"new-api.meiqia.com/hikari/visit/visit/get_base_config?ent_id=43b8858ce63e9cde24502457dc5a69bb","fqdn":"new-api.meiqia.com","domain":"meiqia.com","tld":"com"},"ip":{"addr":"43.174.224.10","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://cn-ledger.com/","date":"2026-04-14T20:58:51.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.meiqia.com","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 24 Jun 2025 00:00:00 GMT","end":"Fri, 24 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:5E:88:72:BE:D5:CD:01:9F:60:65:9C:E0:33:77:43:41:54:DC:8D","sha256":"40:6B:84:9A:F1:93:17:61:39:C2:0F:6D:55:0A:5A:52:68:B9:1A:93:70:E7:81:5D:EE:6F:7A:5E:29:D8:14:94"}}},"request":{"raw":"GET /hikari/visit/visit/get_base_config?ent_id=43b8858ce63e9cde24502457dc5a69bb HTTP/1.1\r\nHost: new-api.meiqia.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://cn-ledger.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cn-ledger.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://cn-ledger.com\r\ncontent-type: application/json; charset=utf-8\r\nvary: Origin\r\nreq-cost-time: 7\r\nreq-arrive-time: 1776200331318\r\nresp-start-time: 1776200331326\r\nx-envoy-upstream-service-time: 7\r\naccess-control-expose-headers: *\r\nserver: istio-envoy\r\nContent-Length: 1559\r\nConnection: keep-alive\r\nDate: Tue, 14 Apr 2026 20:58:51 GMT\r\nEO-LOG-UUID: 8795846436442112718\r\nEO-Cache-Status: MISS\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":1559,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"e5c079225d5648fe5670716942b268e1","sha1":"042166df04be168e54f6161a97be77a674698942","sha256":"49e5ad02f1a7b6ddd93000103eb7b3db0668f8eaa20769027b91926a31c88e16","sha512":"84bd3aef9e2b981fdb1972c502410be68469ea8eff5d5e34b71eeee33de119b33cc23f05b22932be09c8f8c2fdaecb3d49268599ebec3d5feafd6bd8dab22bf9","ssdeep":"","tlshash":"3031cc4910c2df3d5346a7d829a46546e4ae1453b8c86f31d727cf1c31db28d3a47642","first_seen":"2026-04-14T20:59:17.847323Z","last_seen":"2026-04-14T21:00:46.835443Z","times_seen":2,"resource_available":false,"data":null}},"time_used":456,"timings":{"blocked":122,"dns":78,"connect":19,"send":0,"wait":211,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}