{"report_id":"86be2030-45ce-454d-bd54-2d7bb1f3360b","version":6,"status":"done","tags":[],"date":"2023-12-27T15:41:25Z","url":{"schema":"https","addr":"action.azurecomm.net/api/a/c?r=AIAAC4257MCY5CGTMI4Y6BVGRHE24M6HDG72S4MZX6PZ5IRMGNBCXIUPH7DCYN7CEZ3BPSZNCCEHECGZU5MJTTXVS4S6HLO45ZKTBUYM63OEGWA5FVEGD5I46C6Z4F4ROGRKO3MMS5ZGOYU5JH4MRQIGDFHTMNUFLZMWMG7OJGQXM46G2CDUPF2GXY7AUW3QDN4USHY7VW454OUVYGI5ZLLBA62LWF3BJAIV5VWOWOIDRVSC5YUUPYOMMJPULTRQE35NIJQGS7ODPQ5I5SHXJZITKOTEHSS5DHJ4IRXUZTXJNFFCKSCB4M5J\u0026d=AIAAD324TYHI76QFWBC5WU35NKD43D4YELA5D6HLRWED3SJGPH4RFWMWGPIQ5YN2FJRLWYGJVX2II4IM6DGJZI7DA662SNR64RUFSHRUKM4D5U5LR4SOIWVQ6VJDQNKWZBT64PXZVNDR6WJU4GH5Q2D6C47SGCBK6YCMKUN74B3B5TBD4W6A2MNNRIMRY66OU5K6ILWYRXI6IPCCBCOAINRL2UYEVYPLZEF6QCA5SSI5ZIJLIY422UO2INCOHYND3XD7HL2HHEF5Y7KSLNZEP7ZHO74QZTY\u0026url=BcHdCoIwGADQp8nLOZk/FEgM+1tqBhJ5O+bKkZvmt2r69J3TWTvCxvfntwPbIyCIa74Mhv8AiUH7yrTSoc7qfkvvNRVCAuRyZm1Kc0aj6HQ8Z7esyA4sDuvCq9XTcPuZZNpIrC+UtkXwKkuSPK7CLLxqqm8XrsjO27tRTRLSIMEkXuMwJn8=","fqdn":"action.azurecomm.net","domain":"azurecomm.net","tld":"net"},"ip":{"addr":"20.85.205.59","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"yqxstl.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463","fqdn":"yqxstl.s3.amazonaws.com","domain":"yqxstl.s3.amazonaws.com","tld":"s3.amazonaws.com"},"title":"yqxstl.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T06:22:48Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"action.azurecomm.net","ip":{"addr":"20.85.205.59","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2021-05-18","domain_rank":0,"first_seen":"2022-08-11 18:10:36","last_seen":"2023-12-27 05:32:40","alert_count":0,"request_count":1,"received_data":273,"sent_data":1284,"comment":"","tags":null,"fingerprints":null},{"fqdn":"yqxstl.s3.amazonaws.com","ip":{"addr":"54.231.199.33","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2023-12-26 00:40:39","last_seen":"2023-12-27 06:41:57","alert_count":0,"request_count":3,"received_data":1754,"sent_data":1583,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"action.azurecomm.net/api/a/c?r=AIAAC4257MCY5CGTMI4Y6BVGRHE24M6HDG72S4MZX6PZ5IRMGNBCXIUPH7DCYN7CEZ3BPSZNCCEHECGZU5MJTTXVS4S6HLO45ZKTBUYM63OEGWA5FVEGD5I46C6Z4F4ROGRKO3MMS5ZGOYU5JH4MRQIGDFHTMNUFLZMWMG7OJGQXM46G2CDUPF2GXY7AUW3QDN4USHY7VW454OUVYGI5ZLLBA62LWF3BJAIV5VWOWOIDRVSC5YUUPYOMMJPULTRQE35NIJQGS7ODPQ5I5SHXJZITKOTEHSS5DHJ4IRXUZTXJNFFCKSCB4M5J\u0026d=AIAAD324TYHI76QFWBC5WU35NKD43D4YELA5D6HLRWED3SJGPH4RFWMWGPIQ5YN2FJRLWYGJVX2II4IM6DGJZI7DA662SNR64RUFSHRUKM4D5U5LR4SOIWVQ6VJDQNKWZBT64PXZVNDR6WJU4GH5Q2D6C47SGCBK6YCMKUN74B3B5TBD4W6A2MNNRIMRY66OU5K6ILWYRXI6IPCCBCOAINRL2UYEVYPLZEF6QCA5SSI5ZIJLIY422UO2INCOHYND3XD7HL2HHEF5Y7KSLNZEP7ZHO74QZTY\u0026url=BcHdCoIwGADQp8nLOZk/FEgM+1tqBhJ5O+bKkZvmt2r69J3TWTvCxvfntwPbIyCIa74Mhv8AiUH7yrTSoc7qfkvvNRVCAuRyZm1Kc0aj6HQ8Z7esyA4sDuvCq9XTcPuZZNpIrC+UtkXwKkuSPK7CLLxqqm8XrsjO27tRTRLSIMEkXuMwJn8=","fqdn":"action.azurecomm.net","domain":"azurecomm.net","tld":"net"},"ip":{"addr":"20.85.205.59","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-27T15:35:02.753Z","timestamp":1703691302753,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ids.api.iris.microsoft.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft Azure RSA TLS Issuing CA 03","organization":"Microsoft Corporation"},"validity":{"start":"Sat, 07 Oct 2023 15:56:38 GMT","end":"Tue, 01 Oct 2024 15:56:38 GMT"},"fingerprint":{"sha1":"90:EB:C5:02:A8:2C:A0:B0:17:DD:EA:D8:A2:08:D2:FA:E1:52:DF:05","sha256":"F3:90:56:E2:2C:80:80:BF:DC:B8:6D:85:57:E8:EB:2C:E0:DC:10:4F:AB:FF:E2:BC:81:4A:D3:DF:72:A6:7B:14"}}},"request":{"raw":"GET /api/a/c?r=AIAAC4257MCY5CGTMI4Y6BVGRHE24M6HDG72S4MZX6PZ5IRMGNBCXIUPH7DCYN7CEZ3BPSZNCCEHECGZU5MJTTXVS4S6HLO45ZKTBUYM63OEGWA5FVEGD5I46C6Z4F4ROGRKO3MMS5ZGOYU5JH4MRQIGDFHTMNUFLZMWMG7OJGQXM46G2CDUPF2GXY7AUW3QDN4USHY7VW454OUVYGI5ZLLBA62LWF3BJAIV5VWOWOIDRVSC5YUUPYOMMJPULTRQE35NIJQGS7ODPQ5I5SHXJZITKOTEHSS5DHJ4IRXUZTXJNFFCKSCB4M5J\u0026d=AIAAD324TYHI76QFWBC5WU35NKD43D4YELA5D6HLRWED3SJGPH4RFWMWGPIQ5YN2FJRLWYGJVX2II4IM6DGJZI7DA662SNR64RUFSHRUKM4D5U5LR4SOIWVQ6VJDQNKWZBT64PXZVNDR6WJU4GH5Q2D6C47SGCBK6YCMKUN74B3B5TBD4W6A2MNNRIMRY66OU5K6ILWYRXI6IPCCBCOAINRL2UYEVYPLZEF6QCA5SSI5ZIJLIY422UO2INCOHYND3XD7HL2HHEF5Y7KSLNZEP7ZHO74QZTY\u0026url=BcHdCoIwGADQp8nLOZk/FEgM+1tqBhJ5O+bKkZvmt2r69J3TWTvCxvfntwPbIyCIa74Mhv8AiUH7yrTSoc7qfkvvNRVCAuRyZm1Kc0aj6HQ8Z7esyA4sDuvCq9XTcPuZZNpIrC+UtkXwKkuSPK7CLLxqqm8XrsjO27tRTRLSIMEkXuMwJn8= HTTP/1.1\r\nHost: action.azurecomm.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 27 Dec 2023 15:41:04 GMT\r\nlocation: https://yqxstl.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463\r\ncontent-length: 0\r\napi-supported-versions: 1.0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T06:46:00.057853Z","times_seen":13320224,"resource_available":true,"data":null}},"time_used":811,"timings":{"blocked":347,"dns":2,"connect":111,"send":0,"wait":116,"receive":0,"ssl":229},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"yqxstl.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463","fqdn":"yqxstl.s3.amazonaws.com","domain":"yqxstl.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.199.33","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-27T15:35:03.801Z","timestamp":1703691303801,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463 HTTP/1.1\r\nHost: yqxstl.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nx-amz-request-id: MCVTXCFGSQJ9CR8W\r\nx-amz-id-2: 2Y+DnPxduG1/AzN09ziVySDor1WoiKo6iUWA2VvVmc/thtzT6m2uxMUKMY80NGcSHMK//O9EYm0=\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nDate: Wed, 27 Dec 2023 15:41:05 GMT\r\nServer: AmazonS3\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":333,"size_decoded":333,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text","md5":"7e5759067265ed90f85cba15baf81d5e","sha1":"03c573ad1b47a895683c1ddd1a97b0a1eb16e446","sha256":"84d7d8d52b9dad2e0c00916d2b5dfe985e1779d38e9c03ed13995421d8c2e846","sha512":"f48c04b0ad58589374c6f98020fde352c84e07ea37448428ed559e2c14f692eb228934a9a3ac2f579eba042b606086b597179fc5c754c2395ba63101fd5d6639","ssdeep":"","tlshash":"7fe0260a61a8b95552041bb2730ea311bb2491366ac133b55adf48430ec35814e60e29","first_seen":"2024-08-20T14:50:15.736332Z","last_seen":"2024-08-20T14:50:15.736332Z","times_seen":1,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":92,"dns":1,"connect":92,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"yqxstl.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463","fqdn":"yqxstl.s3.amazonaws.com","domain":"yqxstl.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.216.106.172","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-27T15:35:03.801Z","timestamp":1703691303801,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463 HTTP/1.1\r\nHost: yqxstl.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nx-amz-request-id: KJ3DWDM975PZSBC1\r\nx-amz-id-2: 1eaXXPZo48saRxh0Jo6kIR2zCBehsgtQyuR/3RJudtL+Y0C/e40XPDHVKaiypjvTcLqaOR+fDRE=\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nDate: Wed, 27 Dec 2023 15:41:05 GMT\r\nServer: AmazonS3\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":333,"size_decoded":333,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text","md5":"1018574979294f43b4a0ddbd09ed5296","sha1":"b1c8b581bcbf0768d9e71143ad0aaa077df688d7","sha256":"87ff480b0aba2fb96ef81f8a2585d9e0e71f3be1fd13cea2a398f059ce8d580c","sha512":"ef24ca59fcdf7542114d49e826bb1fa48671041417440e84ecafde77cd91f90b6ed325cd625fb34cdc5b40d24261273f20164fd85242cf6f8a101a53401ce499","ssdeep":"","tlshash":"8ae0261a72e46068468403727b2aa662bf4862b99ac0103156da59830ec20818d34a79","first_seen":"2024-08-20T14:50:15.737089Z","last_seen":"2024-08-20T14:50:15.737089Z","times_seen":1,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":92,"dns":1,"connect":92,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"yqxstl.s3.amazonaws.com/favicon.ico","fqdn":"yqxstl.s3.amazonaws.com","domain":"yqxstl.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.216.106.172","port":80,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://yqxstl.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463","date":"2023-12-27T15:35:04.145Z","timestamp":1703691304145,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: yqxstl.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://yqxstl.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIA55HGJCUCLCFI64SL\u0026Signature=Xe0mNAAdL1kMM37fPcnzaOXOvh4%3D\u0026Expires=1703690463\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nx-amz-request-id: KJ38SC78EBB18T22\r\nx-amz-id-2: dC4rrBdMJ5uKtqZuW2v/dheXONGEAJpl2/faMVQexey1Xc5akoopSVaW/4wb26B1MYfCeR6e91A=\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nDate: Wed, 27 Dec 2023 15:41:06 GMT\r\nServer: AmazonS3\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":296,"size_decoded":296,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text","md5":"6388ecff4005a69ef8c69c62ebdeb330","sha1":"1d21aa6656e9ca5364ee646f2f8da1ecd4ec0a38","sha256":"6ac1051147d19ec865015f5325e642a3776a4b0b9ae9b10655a577307453c6eb","sha512":"3415d669e8d680151986c80804520ce35e7fd28653d56d5022ccfa0d6ab84ba99b491b560ce51d31ded8dcd6b8f00d327a8991f41a4ac7702f0a0448baf18a28","ssdeep":"","tlshash":"55e07d2413205a745561402dad69f512bb70d43801c000387ce047d39b952608e5a214","first_seen":"2024-08-20T14:50:15.738042Z","last_seen":"2024-08-20T14:50:15.738042Z","times_seen":1,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}