{"report_id":"33b4c98a-d601-4001-8e93-e03033f33315","version":6,"status":"done","tags":[],"date":"2025-12-23T19:59:53Z","url":{"schema":"http","addr":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev/","fqdn":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev/","fqdn":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"title":"Files Collection","dom":{"size":8739,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1026)","md5":"c62f2e5c15e793341582954c57e6b0d9","sha1":"cb3e26c2bb08635e22517a06c9929f446e0d94e8","sha256":"0a8a1cb457b518b1b0fd5fdab41451a2b7270ba33a9cb766d5e4058224f0f0b0","sha512":"4efcaf9bf51989c0640e05d55c3b2a006677a1a46523627b4476092a18a5f3b48c87e1ccab90f5d6c8af2a9a180d324d7b09780efd9d8b2a4cc5c71328c90a09","ssdeep":"192:GrXrdEzawwpcoz5seK/ASMHmGgdkUfE0gBTc7h1RaXQl:GrzhNK/lMHmGgdkq6c7d","tlshash":"cd02c6caeba705c9a81bc0682fff5724222de017c849cd5db9ae1f548f4518875fa3b4","dom_hash":"domhash8a8d5cc573c2acdbb1d9f19db6b43ac1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev/","fqdn":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":0,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-27T19:59:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-23","alert":"Phishing Block","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"domain_registered":"2025-06-09","domain_rank":0,"first_seen":"2025-12-23T19:59:53.796204Z","last_seen":"2025-12-23T19:59:53.796204Z","alert_count":8,"request_count":2,"received_data":13398,"sent_data":1023,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev/","fqdn":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"26c87a8c2fa52b505915e4b925e87578","sha1":"fd3a42eee82e50cc5fd2f130619b7c04b29cf559","sha256":"ef6d095a46660359f0b2cc8d71164f39ec45b8d07ed5d0d3e330c5555c89ef32","sha512":"51e3ceae83fd81079da5ca3842a20af1c63e15fd477aa46c8171830d5753ef5686ac11f73690ebe8349d8a07fef368af7096ec89ef3956dbdc2dd9c3f4acc9c3","ssdeep":"","tlshash":"c421af899b771fbc643b4464b35f713932245143a04dd698b45e09601fc410cfabb6f6","size":1144,"data":"","first_seen":"2025-06-02T22:19:45.876827Z","last_seen":"2026-03-30T10:13:30.799483Z","times_seen":1176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev/favicon.ico","fqdn":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev/","date":"2025-12-23T19:59:32.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nContent-Type: text/html\r\nAccept-Ranges: bytes\r\nETag: \"0445e4fdf1e737913bb718eca592a661\"\r\nLast-Modified: Tue, 23 Sep 2025 09:32:20 GMT\r\nAge: 0\r\nContent-Length: 3881\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: \r\nDate: Tue, 23 Dec 2025 19:59:32 GMT\r\nEO-LOG-UUID: 16634053823129762267\r\nEO-Cache-Status: Cache Miss\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":3881,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"0445e4fdf1e737913bb718eca592a661","sha1":"70a8b556ef2096f20d7c74de6ca227210e18f9bf","sha256":"00d28cc4359700e1336124d1506eacdd693eb2b196c94bbd4de4d86ed0becd9f","sha512":"994b978139358beb7e1aebc2f62fe3844a4b2e938e57082ddbf35dd78fa2fd5e55d00219682bf4fad419cf0237aafe4d66864d4bfd4581e59656fb3f5bb13b4a","ssdeep":"","tlshash":"ca81ac5765f311126953d4ac2f765b0a76e5c003c28acd2a3eed6358cf8ad829d9334c","first_seen":"2025-09-23T20:37:57.881229Z","last_seen":"2026-04-04T23:39:03.63437Z","times_seen":1883,"resource_available":true,"data":null}},"time_used":212,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-23","alert":"Phishing Block","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev/","fqdn":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","domain":"edgeone.dev","tld":"dev"},"ip":{"addr":"43.174.246.29","port":443,"asn":0,"as":"","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-23T19:59:31.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.edgeone.dev","organization":"Tencent Technology (Shenzhen) Company Limited"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 20 Nov 2025 00:00:00 GMT","end":"Thu, 19 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"92:CA:B6:6A:0A:FF:05:33:79:85:57:92:0C:82:B6:ED:89:51:FA:DA","sha256":"58:DE:5B:23:BF:52:57:E4:1D:9C:E5:9C:98:94:BD:03:41:42:D5:6E:F1:20:A6:40:F4:70:0C:F8:4C:F0:61:9B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nLast-Modified: Tue, 23 Dec 2025 19:56:44 GMT\r\nContent-Encoding: gzip\r\nEtag: \"b3ea57eaf606305031fa8e6296d9d83a\"\r\nContent-Type: text/html\r\nAge: 116\r\nContent-Length: 3065\r\nAccept-Ranges: bytes\r\nConnection: keep-alive\r\nServer: edgeone-pages\r\nCache-Control: public,max-age=3600,must-revalidate\r\nDate: Tue, 23 Dec 2025 19:59:32 GMT\r\nEO-LOG-UUID: 12803780347899483219\r\nEO-Cache-Status: Cache Hit\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8752,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1026)","md5":"b3ea57eaf606305031fa8e6296d9d83a","sha1":"24f3151b3751e1df28b805b7fb07664fd5963b47","sha256":"3035f42ab19542da4a07bbc52a2bf6db548daf7f45a44b0075d7f22ad532a309","sha512":"affeac194f8c27e0c578a65d7eb7520f4c528a65a7de8717ff54f1b09c97cf44e4cc4f996f567a6f186847725ac727b94bf4cce583ca96125fd3a292f0037133","ssdeep":"192:qrXrdEzawwpcoz5seK/ASMHmGgdkUfE0gBTc7hCRaXQqM:qrzhNK/lMHmGgdkq6c7DM","tlshash":"6a02c6caeba705c8a81bc0782fff5724222de053c449cd5db9ae5f548f4518875ea3b4","first_seen":"2025-12-23T19:59:55.717876Z","last_seen":"2025-12-23T19:59:55.717876Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2035,"timings":{"blocked":1007,"dns":372,"connect":17,"send":0,"wait":21,"receive":0,"ssl":615},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-23","alert":"Sinkholed","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-23","alert":"Phishing Block","trigger":"petite-lavender-dwlnbv2bdm-m2h2ma45oq.edgeone.dev","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}