{"report_id":"bd19e8ef-06f2-489c-bc69-d7df7c99d016","version":6,"status":"done","tags":[],"date":"2026-04-18T18:00:18Z","url":{"schema":"https","addr":"mongolianews.info/","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":0,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"final":{"url":{"schema":"https","addr":"mongolianews.info/","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"title":"Ledger Hardware Wallet Official - Upgrade Your Crypto Experience | Bitcoin Ethereum Cold Wallet","dom":{"size":66098,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (693)","md5":"b070c8085498d96132b870a5783b4bbd","sha1":"d8c5052f436a74a553668d318856476873b96581","sha256":"f6bf1c2024ac1208a79037023edee6fa27de893046cf04c7feba013a9695d4ea","sha512":"a1ea0e5398992fef787daf9eb4c6ad08f621fc2cafbf22f90414b7169f0ea63fefe1b0ebcd6d7669f9dd70998f07b0bd3580e02c03429f38faf84286cabd01f7","ssdeep":"768:7ysPss72XPbrAMAbA4AUfKk0pNa917+9mNr9GM8MDQ3VdNhoEJzE5:9Es72XzrriN90iv7+AwMt2dNhoEJzE5","tlshash":"e953b462a0f5253a018340e9a9e16faf6ee19017d14e019472ed43bf3fd2ec1c977a9d","dom_hash":"domhash13d9cdc00ae54c4554fcc1ae12f04916","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"mongolianews.info/","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":0,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-23T18:00:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":10}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-18","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-18","alert":"Phishing Block","trigger":"www.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.cn-ledger.com","ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"domain_registered":"2025-10-06","domain_rank":0,"first_seen":"2026-03-05T19:58:19.635562Z","last_seen":"2026-03-28T05:46:51.21782Z","alert_count":6,"request_count":2,"received_data":69678,"sent_data":1076,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.cn-ledger.com","ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-10-06","domain_rank":0,"first_seen":"2026-03-05T19:58:19.633852Z","last_seen":"2026-03-28T05:46:50.683518Z","alert_count":6,"request_count":2,"received_data":284,"sent_data":896,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"mongolianews.info","ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-18T18:00:18.580998Z","last_seen":"2026-04-18T18:00:18.580998Z","alert_count":44,"request_count":11,"received_data":502948,"sent_data":5098,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mongolianews.info/index_files/main.js","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"introduction_type":"scriptElement","is_inline":false,"md5":"7802f6c5011a23d1e24105dec49f13ee","sha1":"15d7198c95e0681d7fe264363a62f4ea103b291f","sha256":"aef9739312d12e3727a305bc46d8d2e8b964adcf663655b696e83ff609b7b184","sha512":"c136c6154f7d0a6e3a5b7772cd5ec415c12f4936252768fe013edcedf52f3a1b46e607903bf65464bf3cfc70240b025f203991d9630646ca8049d385381e2d78","ssdeep":"384:vSv0KVpQaMFvQJHM11EO1ah85SgojRTHQ3j+:C85SgCRK+","tlshash":"2fb2612aa1b73031857b71be5bcb62883231204b7406dd5a3e1dc7491f92b614eb6aed","size":24869,"data":"","first_seen":"2026-03-20T16:11:00.275125Z","last_seen":"2026-04-18T18:01:12.568799Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"introduction_type":"scriptElement","is_inline":true,"md5":"4abbe569ee780db5d6a33527abc57235","sha1":"ef2b923a7529b9082b468c9b556449d1c532ff91","sha256":"d65f9fcd0f9486c9ba7761a917a91c6a74ecb2bf525b55a5c68724aba9a78b9f","sha512":"abd2cb4795117acff2faf1b9e404834a81c17134446711d40b5ef8061a79f4ba9ecf454a49945134909056b18171cfd0d5b2aad06749aba4c4dfc811c319ce71","ssdeep":"","tlshash":"c221296d24fd5531903325b54b3f72047333a1e7358c9d88b66d83514fd176a9661b08","size":1150,"data":"","first_seen":"2026-03-28T05:46:55.244177Z","last_seen":"2026-04-18T18:01:12.577278Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"mongolianews.info/index_files/main.js","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /index_files/main.js HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:54 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 27 Mar 2026 04:23:13 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c60631-618f\"\r\nexpires: Sun, 19 Apr 2026 05:59:54 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24975,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"7802f6c5011a23d1e24105dec49f13ee","sha1":"15d7198c95e0681d7fe264363a62f4ea103b291f","sha256":"aef9739312d12e3727a305bc46d8d2e8b964adcf663655b696e83ff609b7b184","sha512":"c136c6154f7d0a6e3a5b7772cd5ec415c12f4936252768fe013edcedf52f3a1b46e607903bf65464bf3cfc70240b025f203991d9630646ca8049d385381e2d78","ssdeep":"384:vSv0KVpQaMFvQJHM11EO1ah85SgojRTHQ3j+:C85SgCRK+","tlshash":"2fb2612aa1b73031857b71be5bcb62883231204b7406dd5a3e1dc7491f92b614eb6aed","first_seen":"2026-03-20T16:11:00.275125Z","last_seen":"2026-04-18T18:01:12.568799Z","times_seen":7,"resource_available":true,"data":null}},"time_used":468,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":468,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-flex-unboxing-guide-video.mp4","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-flex-unboxing-guide-video.mp4 HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: openresty\r\ndate: Sat, 18 Apr 2026 17:59:55 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 8912106\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 175507\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-flex-unboxing-guide-video.mp4\"; filename*=utf-8''ledger-flex-unboxing-guide-video.mp4\r\ncontent-md5: eNe2GDt9JOFITefGFbk06w==\r\ncontent-range: bytes 0-8912105/8912106\r\ncontent-transfer-encoding: binary\r\netag: \"lgxc1ljNGDRTkIxXn-DkrA1zyaUO\"\r\nlast-modified: Sat, 29 Nov 2025 08:37:33 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg119;QNM3:1\r\nx-m-reqid: h2Ecz0Nwh\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: d-kAAACPgGMSb3wY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36066,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"e217680afb96ecb642d69f0cf58f0c15","sha1":"f4d885b851f4e33533e0fdf70cdab5fce06b9a37","sha256":"bd188788df7b1a2619e077dad9686c660d666dfcec1b763e0a6eb4a7d4e3359c","sha512":"1898b16a9ea6e6436eb38a67ce60b4bd3283763fc423d2cbcf891d6f249ae209187dc18eed85bcf860cf32ff253302afe5c1c1cc4590a7a2588a27b6149e1626","ssdeep":"768:u/597KlXcCHTm0+9SiKWm5IsVErYWk4zk2tjd28O+fxK6p7+5L:uP7ycCaFcWmSsCo4zjlvs5L","tlshash":"9ef2021dcd3e7fa43fa0f3f4683d9f604a144a356a2b281e951f3c8a3a88ff11149965","first_seen":"2026-03-28T05:46:55.242084Z","last_seen":"2026-04-18T18:01:12.570702Z","times_seen":4,"resource_available":false,"data":null}},"time_used":2757,"timings":{"blocked":1076,"dns":278,"connect":250,"send":0,"wait":268,"receive":337,"ssl":546},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-18","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/index_files/2.jpg","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /index_files/2.jpg HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 27 Mar 2026 04:29:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c607a9-c53e\"\r\nexpires: Mon, 18 May 2026 17:59:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50494,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1141, components 3","md5":"db36a6f53177fb9dca3ff359a6381a92","sha1":"4fe4dcfd2c48069f5a7f8cd91009ee84a92160d8","sha256":"4046e21376378cee8a010f06643d3928160e78e82b692d7c85076ba4f70ab3d8","sha512":"808133082bf35f58cf766203a6d1bb6c099ba25e77482b4b2c785cb553b22139d3d179488f03de8a2113864920b22c9a6ac4c8832efd41b0f3acfcfb5760e296","ssdeep":"768:WTfztquHDLtinHybduOg0RKjCN3HhXONPmwVnbCQWZVHWSlJF/ga6HsEQNDhWmMB:ofbvtinHyc25HIg+bC3/2UJFTisEQN6","tlshash":"3b33cfb6338a2155d3013ffadda25392aa736d96c8888187d9c808c6d8ce6757c5dfc3","first_seen":"2026-03-28T05:46:55.210282Z","last_seen":"2026-04-18T18:01:12.56965Z","times_seen":4,"resource_available":false,"data":null}},"time_used":456,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":456,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/index_files/ledger-flex.webp","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /index_files/ledger-flex.webp HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 96300\r\nlast-modified: Fri, 27 Mar 2026 04:23:13 GMT\r\netag: \"69c60631-1782c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96300,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"e31306cb8310382d6bc592540cfc3d27","sha1":"e51a32fe98d30442d007ff1cdd0e1b8bb687380d","sha256":"8a711a325f0eeb4f6ee4557388429b40d8d8c4b8baf26759c26c3c490afdc18a","sha512":"c58a2936a40be6e6afee9209c67daf329509e9d4cdc8fe1fec98f50eddbe65dfd3a363fc52134db136231d435dac4b1a5982f8deb2d1c20e3fef3846563fd34b","ssdeep":"1536:DgnhEiF5FnCybPIEaqXnFs98Cd7qndvM3Kg3MjoWGcNBGGlUb3ArppcE7pKjlW:DqhE4fLbPICXnwdmndcao8FlSQdmEcjs","tlshash":"62931233dbc2f7909a61965dbd79964a3c82a57e75271edc47b478cf38028936078b0c","first_seen":"2026-03-20T16:11:00.271633Z","last_seen":"2026-04-18T18:01:12.571986Z","times_seen":7,"resource_available":false,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.cn-ledger.com/images/ledger-flex-unboxing-guide-video.mp4","fqdn":"cdn.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"154.41.93.240","port":443,"asn":174,"as":"COGENT-174","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:55.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.cn-ledger.com","organization":""},"issuer":{"commonName":"TrustAsia DV TLS RSA CA 2024","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 01 Mar 2026 03:00:00 GMT","end":"Sat, 30 May 2026 02:59:59 GMT"},"fingerprint":{"sha1":"8D:7C:18:B3:91:3D:66:00:14:70:0F:11:17:1E:73:D6:E1:96:0E:B8","sha256":"47:28:1B:A8:44:EF:EF:15:7B:23:96:E0:D5:47:DF:F8:2F:D1:D6:D9:97:2D:95:43:EF:38:D6:08:AE:E9:E9:44"}}},"request":{"raw":"GET /images/ledger-flex-unboxing-guide-video.mp4 HTTP/1.1\r\nHost: cdn.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=8880128-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: openresty\r\ndate: Sat, 18 Apr 2026 17:59:56 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 31978\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Log, X-Reqid\r\naccess-control-max-age: 2592000\r\nage: 175508\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"ledger-flex-unboxing-guide-video.mp4\"; filename*=utf-8''ledger-flex-unboxing-guide-video.mp4\r\ncontent-md5: eNe2GDt9JOFITefGFbk06w==\r\ncontent-range: bytes 8880128-8912105/8912106\r\ncontent-transfer-encoding: binary\r\netag: \"lgxc1ljNGDRTkIxXn-DkrA1zyaUO\"\r\nlast-modified: Sat, 29 Nov 2025 08:37:33 GMT\r\nx-log: X-Log\r\nx-m-log: QNM:wldsg119;QNM3\r\nx-m-reqid: VzaN6isTU\r\nx-qiniu-zone: as0\r\nx-qnm-cache: Hit\r\nx-reqid: d-kAAACPgGMSb3wY\r\nx-svr: IO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31978,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"1531a7384816d2ebb863b159dffc4d1a","sha1":"fd46e3e449dc32df79ff3d83ebfb581bfebabb4c","sha256":"0eea34235446dd9d3df5197cda25b33fda7e0de20f9902f57083242a53e66475","sha512":"3bd6352ae11f37d0668851920e5585db59b22a5c2c7c0ca2afce44ad0b3e9aff9efe0fca9a21d77f704313112c9c9a00b512e172baac01ba237ab86854cb0ad3","ssdeep":"768:WusqDB+D9mFC+V9Zd6LT0bvgMXfBDNOne67rVJgZ:1/B+D9mFC+V9ZdWTUgMXfBDNOvVmZ","tlshash":"58e28096ef519c64c9c70db05b6b0b8036e3fa04ce8d17af2f7e9540cc5225be8e8994","first_seen":"2026-03-20T16:11:00.272617Z","last_seen":"2026-04-18T18:01:12.57317Z","times_seen":7,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":759,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"cdn.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-18","alert":"Phishing Block","trigger":"cdn.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T17:59:53.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:53 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 07 Apr 2026 09:38:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69d4d098-10238\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":66104,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (693)","md5":"3ded48bc2e9ddfb95b04247989dde57e","sha1":"a03677c486f4f35fbfb62da76be9a4951de5b237","sha256":"6ce22feb6b170e7d5b55f1dd2e39963cdb8925d1ba6cf9a45935e4319dbb184b","sha512":"dc33e0ed4e9b5d9b0c0dbd103af8a78248d02e691c8feaad7f1d08bc5dfff15891eb4b758a3b47fd74f33f18b1c7c80486632524bcb4f04772daac914c489a5b","ssdeep":"768:nysPss72XPlrAMA7AwAEfOIgpNa91J+9mNr9GM8MDQ3VdNho6JzEn:JEs72X9rL6NdgivJ+AwMt2dNho6JzEn","tlshash":"3453a562a0f5253a018340e9aae06faf6ee19017d14e019472ed47bf3fd2ec1c937a5d","first_seen":"2026-04-18T18:00:24.411804Z","last_seen":"2026-04-18T18:01:12.574645Z","times_seen":2,"resource_available":true,"data":null}},"time_used":892,"timings":{"blocked":358,"dns":1,"connect":175,"send":0,"wait":176,"receive":0,"ssl":180},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/index_files/ledger-Wallet-banner.webp","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /index_files/ledger-Wallet-banner.webp HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 48309\r\nlast-modified: Fri, 27 Mar 2026 04:23:13 GMT\r\netag: \"69c60631-bcb5\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48309,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 560 x 635, 8-bit colormap, non-interlaced","md5":"6257eceafbb9719eab5fc6f2b5eded8f","sha1":"f208e9ce3469257c75103d913f17ddad59c27a13","sha256":"812f21cd7f09a06a566d714f8961c9b554875b77f86b12254b82e1636de1b263","sha512":"cf63e29d8c51d85f3ef3c8e62dd01d5d07192d4a548d194c768a421b29a42cb8dfc27a2a7dce3be3a3c237dd46d89eceaa80f03969677f7624aa4f80bba7622a","ssdeep":"768:I1rFN4r+gnCWdw4ifpGtRlRMYxWWtAb8FOBj/illbe8dksMnU1ZeYY7YAsK2pcFo:Hr+O7ntFMYxftoqksaUL5AsRiRUhh","tlshash":"5a23f2c8a7ed8dd16146b5d205b231c806f0b78d9e28b3cd9cd67272d723e2ca7c416a","first_seen":"2026-03-05T19:58:24.393334Z","last_seen":"2026-04-18T18:01:12.567843Z","times_seen":8,"resource_available":false,"data":null}},"time_used":451,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/images/video-poster.jpg","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /images/video-poster.jpg HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:54 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-18T23:22:35.479775Z","times_seen":490947,"resource_available":true,"data":null}},"time_used":459,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":459,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-18T17:59:52.033Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T23:23:18.697232Z","times_seen":13913999,"resource_available":true,"data":null}},"time_used":374,"timings":{"blocked":0,"dns":23,"connect":172,"send":0,"wait":0,"receive":0,"ssl":177},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cn-ledger.com/images/apple-touch-icon.png","fqdn":"www.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:55.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /images/apple-touch-icon.png HTTP/1.1\r\nHost: www.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:55 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T23:23:18.697232Z","times_seen":13913999,"resource_available":true,"data":null}},"time_used":971,"timings":{"blocked":-1,"dns":286,"connect":232,"send":0,"wait":216,"receive":1,"ssl":236},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-18","alert":"Phishing Block","trigger":"www.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/videos/product-demo.webm","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:56.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /videos/product-demo.webm HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-18T23:22:35.479775Z","times_seen":490947,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/index_files/ledger-nano-s-plus.webp","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /index_files/ledger-nano-s-plus.webp HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:54 GMT\r\ncontent-type: image/webp\r\ncontent-length: 56951\r\nlast-modified: Fri, 27 Mar 2026 04:23:13 GMT\r\netag: \"69c60631-de77\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56951,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"5e001022cca299c37e1b33ae6d0f5a63","sha1":"609e9a693c7932a42eb37d2106a5baba8e4a682a","sha256":"0ec2fb3d0cbd10953070548a8dc51f081e3f62ab3215b6a44e7e363c78b5ec03","sha512":"e2fa310c9c84762f3a4979fcf5379d4525d702084417f13777a9ae16c6e3576a83ef69f84f3834220c75f9f82d151161b401ec4b18140536c817dd1cb03c3172","ssdeep":"1536:rs11CQggc1E7ztf++/MT5gzG2GcrQUIfmnF4W56:61FggWIztdk5gyDcrBikF4WE","tlshash":"7343027b5bf710a2a6e2446cdd5c9907eb2d06a2e4e304b6b980d88f2f5c9f071c6718","first_seen":"2026-03-20T16:11:00.270349Z","last_seen":"2026-04-18T18:01:12.571172Z","times_seen":7,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/index_files/1.jpg","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /index_files/1.jpg HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 27 Mar 2026 04:12:43 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c603bb-8bc1\"\r\nexpires: Mon, 18 May 2026 17:59:54 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35777,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1149, components 3","md5":"034622cdac71d700ee96f6e3e795997f","sha1":"dc91f3dbef2e77bf212a156e252f4e378d6cc5e3","sha256":"ab704f9682efe7d2e92b71842e6a1bd9dfdf5cb95539fa12d188b7366d8e9e75","sha512":"fe59f399ad65d0ed95b7d8bc24cdf14dcbc61e105b97f65b894a423d61060a31b5d3eee7e6ae0c987cdb4777d6fbd0f2d66c2a0589bb54e2869c28a68ac6f9a5","ssdeep":"768:dmmmmmmlfdTkGZnKmmmmm8Iedom3gAGOERGUJofwq06lmVOZi7tV8ib:1pedom7GPIUJofs+AOCf","tlshash":"f7f29dff3319b505c80807faae26631a1e2b3d951dcdb09bc61d0ac6d59c5b92814fe3","first_seen":"2026-03-28T05:46:55.215401Z","last_seen":"2026-04-18T18:01:12.576831Z","times_seen":4,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.cn-ledger.com/favicon.ico","fqdn":"www.cn-ledger.com","domain":"cn-ledger.com","tld":"com"},"ip":{"addr":"35.241.96.249","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:55.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cn-ledger.com","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Mon, 23 Mar 2026 11:00:00 GMT","end":"Sun, 21 Jun 2026 10:59:59 GMT"},"fingerprint":{"sha1":"3D:DC:ED:B1:FE:AF:12:F9:6A:6C:60:1B:48:16:B6:CD:CF:EA:66:45","sha256":"D5:FE:D6:3D:D9:E1:01:23:D5:AD:7C:AF:9A:B8:F9:48:65:74:C6:8E:C6:62:A2:38:B2:46:30:46:84:26:CC:3C"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.cn-ledger.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:55 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-18T23:23:18.697232Z","times_seen":13913999,"resource_available":true,"data":null}},"time_used":942,"timings":{"blocked":-1,"dns":286,"connect":217,"send":0,"wait":215,"receive":0,"ssl":223},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"www.cn-ledger.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-18","alert":"Phishing Block","trigger":"www.cn-ledger.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mongolianews.info/index_files/style.css","fqdn":"mongolianews.info","domain":"mongolianews.info","tld":"info"},"ip":{"addr":"23.27.53.37","port":443,"asn":149440,"as":"Evoxt Enterprise","country":"Malaysia","country_code":"MY"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mongolianews.info/","date":"2026-04-18T17:59:54.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.hk-ledger.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 00:16:35 GMT","end":"Sat, 27 Jun 2026 00:16:34 GMT"},"fingerprint":{"sha1":"3B:A1:F0:91:68:E3:0D:59:7F:71:85:D7:E4:86:93:50:22:22:54:15","sha256":"52:AD:71:1F:0A:F4:B7:94:3A:B4:2C:9F:5C:B9:2E:18:E3:99:DF:9D:70:D5:46:93:24:25:91:D3:36:20:7B:70"}}},"request":{"raw":"GET /index_files/style.css HTTP/1.1\r\nHost: mongolianews.info\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mongolianews.info/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 18 Apr 2026 17:59:54 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 28 Mar 2026 03:18:31 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69c74887-1d33a\"\r\nexpires: Sun, 19 Apr 2026 05:59:54 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":119610,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"c78406f957556980d050552afba67f17","sha1":"e834bf3fb5f1f19076d015200425d234ebe29ea4","sha256":"92859756fdd0b58f162411a4d440e2b92253e6b550184a487982fff8342ddeb8","sha512":"29cc288625b254956ef4d838b4217340f49cd4661c3f2979418d2c843d1b9bba3e60f3c100a44316fe590b701a6cddc9e36bca36b40a94217e9b42c8609aad20","ssdeep":"1536:G6Gq5GIL7oQRdE2oWnUr+GfsBlgv3bHzY/soy5FG3oyQZUQsrujdUQsMzoJTs8en:K+Blgv3bHs/o","tlshash":"f7c35245a67354a4b82f65781fee964a3278a447c90ece6c3ecc310d8f893f855a1f9c","first_seen":"2026-03-28T05:46:55.223879Z","last_seen":"2026-04-18T18:01:12.576095Z","times_seen":4,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-18","alert":"Sinkholed","trigger":"mongolianews.info","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}