{"report_id":"064038d7-e4a6-424f-9fe6-81eb4eba3e34","version":0,"status":"done","tags":[],"date":"2026-06-11T12:36:14Z","url":{"schema":"http","addr":"effective-tomato-8ng0ecef.edgeone.app","fqdn":"effective-tomato-8ng0ecef.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"101.33.10.10","port":0,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"effective-tomato-8ng0ecef.edgeone.app/","fqdn":"effective-tomato-8ng0ecef.edgeone.app","domain":"edgeone.app","tld":"app"},"title":"MAIL","dom":{"size":20790,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1941)","md5":"3e41251bb7d7487a0b22264f9f60188e","sha1":"d33528dc16fdc1733a758c81da8f79e10d4d0f48","sha256":"d6e758435609c25d753a2d71c7715088a6b48d2f974f1c2cabfc440e3a09718f","sha512":"695e499a0f239fbc1ad4c63ff12e46c53221f569e8e5b1c7fdffe4a2a66dfdce2b77d2eb84198e52f74c5f0cf1b6686412752c126d9193102f110781a7c4e6ca","ssdeep":"384:jgWQW3eFUFOGD558L5m6vXzW9GKDX0Ls1sophS:Rr3eFUFOGDo1yys1st","tlshash":"2e92c626267704296657e4bd37ff27053120d0136646dd69beac838c8f9af91a8b33cd","dom_hash":"domhashd6bda75ef740a346cc2178b4b29e8999","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"effective-tomato-8ng0ecef.edgeone.app","fqdn":"effective-tomato-8ng0ecef.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"101.33.10.10","port":0,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-16T12:36:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-11","alert":"Detects file containing Telegram Bot API","trigger":"effective-tomato-8ng0ecef.edgeone.app/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"effective-tomato-8ng0ecef.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"effective-tomato-8ng0ecef.edgeone.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"effective-tomato-8ng0ecef.edgeone.app","ip":{"addr":"101.33.10.10","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"domain_registered":"2023-05-10","domain_rank":0,"first_seen":"2026-06-11T12:35:04.176851Z","last_seen":"2026-06-11T12:35:04.176851Z","alert_count":3,"request_count":1,"received_data":21103,"sent_data":506,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"effective-tomato-8ng0ecef.edgeone.app/","fqdn":"effective-tomato-8ng0ecef.edgeone.app","domain":"edgeone.app","tld":"app"},"ip":{"addr":"101.33.10.10","port":443,"asn":139341,"as":"ACE","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-11T12:35:45.949Z","timestamp":1781181345949,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.app","organization":""},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 17 Nov 2025 00:00:00 GMT","end":"Mon, 16 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F6:84:C7:1E:F8:5A:EC:5F:B1:17:36:FB:01:CB:DB:C1:0E:C5:4D:09","sha256":"D2:65:EF:F3:E0:E5:38:B3:F8:DB:9F:90:CA:EB:E3:58:AA:0B:3D:23:0F:A0:A1:7C:7A:AC:21:E2:D7:61:A8:18"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: effective-tomato-8ng0ecef.edgeone.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Sun, 07 Jun 2026 16:21:23 GMT\r\netag: \"78d1706017b02aea481ced67792a9aed\"\r\ncontent-type: text/html\r\ncache-control: public,max-age=0,must-revalidate\r\nage: 303656\r\naccept-ranges: bytes\r\neo-log-uuid: 2271828521172718046\r\neo-cache-status: Cache Hit\r\ncontent-encoding: br\r\nx-nws-log-uuid: 2271828521172718046\r\nserver: edgeone-pages\r\ndate: Thu, 11 Jun 2026 12:35:46 GMT\r\ncontent-length: 5924\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":20668,"size_decoded":6359,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1941), with CRLF line terminators","md5":"78d1706017b02aea481ced67792a9aed","sha1":"10b2abc0c6f69623375565c4d91932dc09cd8741","sha256":"4021b0206a020a787070f61ecaeddf38ebd39887b7713dd542c53c126bb4b878","sha512":"e493dd80cc983600ecb6f6307a7695d06b2f110aedc9cc4c39eb4daba5dbf17dfe9079dcf318fecd8ea1d71e7a4c044e42d632976b32dfd8492c069dafca8e96","ssdeep":"384:Kg0W0R+OAu65m2W+DEsNWjXeabYPsfph2:B0R+OPDbese","tlshash":"3692d516222604185677e3fdbbb32708f761e0235742d699beac82895fb6d419873fcc","first_seen":"2026-05-25T23:13:05.923303Z","last_seen":"2026-06-11T12:36:15.003691Z","times_seen":4,"resource_available":true,"data":null}},"time_used":440,"timings":{"blocked":-1,"dns":227,"connect":20,"send":0,"wait":166,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-11","alert":"Detects file containing Telegram Bot API","trigger":"effective-tomato-8ng0ecef.edgeone.app/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-11","alert":"Sinkholed","trigger":"effective-tomato-8ng0ecef.edgeone.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-11","alert":"Phishing Block","trigger":"effective-tomato-8ng0ecef.edgeone.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}