{"report_id":"2d2724a1-682f-4fbc-aee2-45520585b9b4","version":6,"status":"done","tags":[],"date":"2025-03-11T16:34:16Z","url":{"schema":"https","addr":"wnsrvbjmeprtfrnfx.ay.delivery","fqdn":"wnsrvbjmeprtfrnfx.ay.delivery","domain":"ay.delivery","tld":"delivery"},"ip":{"addr":"104.21.41.177","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"wnsrvbjmeprtfrnfx.ay.delivery/","fqdn":"wnsrvbjmeprtfrnfx.ay.delivery","domain":"ay.delivery","tld":"delivery"},"title":"403 Forbidden"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-20T16:34:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"wnsrvbjmeprtfrnfx.ay.delivery","ip":{"addr":"104.21.41.177","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-06-05","domain_rank":0,"first_seen":"2024-08-01T13:17:47Z","last_seen":"2025-01-22T23:16:33.128136Z","alert_count":0,"request_count":3,"received_data":2971,"sent_data":1295,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"wnsrvbjmeprtfrnfx.ay.delivery/favicon.ico","fqdn":"wnsrvbjmeprtfrnfx.ay.delivery","domain":"ay.delivery","tld":"delivery"},"ip":{"addr":"104.21.41.177","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"http://wnsrvbjmeprtfrnfx.ay.delivery/","date":"2025-03-11T16:33:55.339Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wnsrvbjmeprtfrnfx.ay.delivery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://wnsrvbjmeprtfrnfx.ay.delivery/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Tue, 11 Mar 2025 16:33:55 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=AziwYh5mcgv%2B7qVtYJyf0xb5n4t6tb16Rj%2FpkvkHJ%2BTZFiZRnSyaA7xmWHhMDwUh7tIFpeocTHOCyFuDJLnZ7cxeKB8AakPyB%2FZ4Oz3lxiWq6loYiUuNkkT8tbWodB5Me5YEwiGbime0BRYrgZSZ9w%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 91ec74d0dc73b4f3-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=586\u0026min_rtt=540\u0026rtt_var=230\u0026sent=4\u0026recv=6\u0026lost=0\u0026retrans=0\u0026sent_bytes=970\u0026recv_bytes=797\u0026delivery_rate=3780678\u0026cwnd=251\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"bcc88bb66ed955242c6d722a4b02e287","sha1":"11644d240504277e77c707d64d4a032e23a073c3","sha256":"138fd31626cff5b1edbb92e9eebef1d61461100e57701d17915226fa133294a8","sha512":"9683813f26e8063cf4413ee7bc0e83f1f9d95930381080a9b37036db5d187e8993599a1201a49cc2eb2b9081b93da446bc8e82f7ccf4cd5b904151f1dd8c6843","ssdeep":"","tlshash":"37c08c1cb953704485035bb04ac33482d29aa227a4fa802184880243e0ce2bac4ea3d5","first_seen":"2023-04-05T14:01:19Z","last_seen":"2025-04-03T21:10:39.845096Z","times_seen":73,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wnsrvbjmeprtfrnfx.ay.delivery/","fqdn":"wnsrvbjmeprtfrnfx.ay.delivery","domain":"ay.delivery","tld":"delivery"},"ip":{"addr":"104.21.41.177","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-11T16:33:54.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ay.delivery","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 12 Feb 2025 01:44:29 GMT","end":"Tue, 13 May 2025 02:43:02 GMT"},"fingerprint":{"sha1":"5B:73:D6:19:FF:27:DB:37:B8:08:86:BB:17:C5:33:DB:D2:8D:3C:8C","sha256":"3E:B0:8C:46:F3:24:39:06:26:33:95:18:BB:AF:1F:8E:5A:98:9A:FC:EB:87:93:53:9D:F5:87:E2:05:00:25:F2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wnsrvbjmeprtfrnfx.ay.delivery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 11 Mar 2025 16:33:54 GMT\r\ncontent-type: text/html\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=EAXYWzODTGHtZSb%2BL%2Fkpba78Q2J6ATnF6we0SSo7UyYDkxruHcdt8p%2B3U%2BmgjENK55nq9ssb5%2FTzhQczutvkXD964Xt9rGlCHaHH0uGq9YcXBO6fs7iIWVcSl6qQQ4l5Scse9A%2BAveE2Teqkv0qgmg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 91ec74cc1ee256c4-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=6412\u0026min_rtt=591\u0026rtt_var=11650\u0026sent=8\u0026recv=11\u0026lost=0\u0026retrans=0\u0026sent_bytes=3198\u0026recv_bytes=1136\u0026delivery_rate=6703703\u0026cwnd=254\u0026unsent_bytes=0\u0026cid=3e32ff95082d7fea\u0026ts=90\u0026x=0\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"b35aa2ce9cc1c112b46ccb43563b5293","sha1":"3ee0aa7a8589b25c796e73c15809a6e04144e466","sha256":"95ce235ed4891caf21edabf4b16e3e8971127441f8b38fa6f0488281b6b722aa","sha512":"7d107b5d90c78c788fa7ca521dea9d9b72938739366ed89a35c60349d3b2db3b1be6dd17b49ef941381e63678e3acb2d9a27683c934c2c5d800d7dfbaec38317","ssdeep":"","tlshash":"e6c08c1db95e340896435be00ac73a80e296e23088fa4810c7880343f0c6177c4eb394","first_seen":"2023-04-27T07:33:07Z","last_seen":"2025-04-04T10:52:42.079811Z","times_seen":7,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":35,"dns":1,"connect":1,"send":0,"wait":60,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"wnsrvbjmeprtfrnfx.ay.delivery/","fqdn":"wnsrvbjmeprtfrnfx.ay.delivery","domain":"ay.delivery","tld":"delivery"},"ip":{"addr":"104.21.41.177","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"","requested_by":"","date":"2025-03-11T16:33:54.824Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: wnsrvbjmeprtfrnfx.ay.delivery\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Tue, 11 Mar 2025 16:33:54 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0c6NolMoBh%2B6kveFTt7QGuIQgoF61MubRnwe6eGYCIayDN%2FrvHg44uRTDfW%2Fw3lGwdzQtSX%2FTeeZ6yVW5mrwTxbiIYuEgWaA22%2BxmmXac6RGFrxPNk8SIOha7QySjoG7hjR%2BxDDQSv2iEoqL5tf1LQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 91ec74cdaef9b4f3-OSL\r\nContent-Encoding: gzip\r\nalt-svc: h2=\":443\"; ma=60\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=540\u0026min_rtt=540\u0026rtt_var=270\u0026sent=1\u0026recv=3\u0026lost=0\u0026retrans=0\u0026sent_bytes=0\u0026recv_bytes=414\u0026delivery_rate=0\u0026cwnd=249\u0026unsent_bytes=0\u0026cid=0000000000000000\u0026ts=0\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"b35aa2ce9cc1c112b46ccb43563b5293","sha1":"3ee0aa7a8589b25c796e73c15809a6e04144e466","sha256":"95ce235ed4891caf21edabf4b16e3e8971127441f8b38fa6f0488281b6b722aa","sha512":"7d107b5d90c78c788fa7ca521dea9d9b72938739366ed89a35c60349d3b2db3b1be6dd17b49ef941381e63678e3acb2d9a27683c934c2c5d800d7dfbaec38317","ssdeep":"","tlshash":"e6c08c1db95e340896435be00ac73a80e296e23088fa4810c7880343f0c6177c4eb394","first_seen":"2023-04-27T07:33:07Z","last_seen":"2025-04-04T10:52:42.079811Z","times_seen":7,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":2,"dns":2,"connect":1,"send":0,"wait":87,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}