{"report_id":"91feacf6-7614-44e7-b6d1-a49c3e61fa3e","version":6,"status":"done","tags":[],"date":"2024-11-27T18:30:47Z","url":{"schema":"http","addr":"www.sohbetcini.net/mirc.rar","fqdn":"www.sohbetcini.net","domain":"sohbetcini.net","tld":"net"},"ip":{"addr":"185.9.39.188","port":0,"asn":199608,"as":"Birbir Internet Teknolojileri Sanayi ve Ticaret Limited Sirketi","country":"Türkiye","country_code":"TR"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-02-05T18:30:47Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.sohbetcini.net","ip":{"addr":"185.9.39.188","port":443,"asn":199608,"as":"Birbir Internet Hizmetleri","country":"Türkiye","country_code":"TR"},"domain_registered":"2023-04-18","domain_rank":0,"first_seen":"2020-05-13T07:06:12Z","last_seen":"2024-11-08T02:15:56.821522Z","alert_count":1,"request_count":1,"received_data":2693405,"sent_data":481,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"c34752e59b5fee89be02e7ba6b58adb0","sha1":"acd5457efde49b2a22667484839372f58d2235d6","sha256":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","sha512":"0485bde1b38c066846e6f19997a8fdd2d35dfa7ee258c257d85e2e5d807b7c4a03b61186bb0f76d808c6701473c957aaf7453b4d0b603a439bc425788cc49635","magic":"RAR archive data, v5","size":2692999,"url":{"schema":"https","addr":"www.sohbetcini.net/mirc.rar","fqdn":"www.sohbetcini.net","domain":"sohbetcini.net","tld":"net"},"ip":{"addr":"185.9.39.188","port":443,"asn":199608,"as":"Birbir Internet Hizmetleri","country":"Türkiye","country_code":"TR"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-10-14","alert":"Scan result 3/62","trigger":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","verdict":"suspicious","severity":"","comment":"suspicious - 3/62","link":"https://www.virustotal.com/gui/file/f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"c34752e59b5fee89be02e7ba6b58adb0","sha1":"acd5457efde49b2a22667484839372f58d2235d6","sha256":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","sha512":"0485bde1b38c066846e6f19997a8fdd2d35dfa7ee258c257d85e2e5d807b7c4a03b61186bb0f76d808c6701473c957aaf7453b4d0b603a439bc425788cc49635","magic":"RAR archive data, v5","size":2692999,"url":{"schema":"https","addr":"www.sohbetcini.net/mirc.rar","fqdn":"www.sohbetcini.net","domain":"sohbetcini.net","tld":"net"},"ip":{"addr":"185.9.39.188","port":443,"asn":199608,"as":"Birbir Internet Hizmetleri","country":"Türkiye","country_code":"TR"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-10-14","alert":"Scan result 3/62","trigger":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","verdict":"suspicious","severity":"","comment":"suspicious - 3/62","link":"https://www.virustotal.com/gui/file/f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"Mnemonic Secure DNS","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.sohbetcini.net/mirc.rar","fqdn":"www.sohbetcini.net","domain":"sohbetcini.net","tld":"net"},"ip":{"addr":"185.9.39.188","port":443,"asn":199608,"as":"Birbir Internet Hizmetleri","country":"Türkiye","country_code":"TR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-11-27T18:30:22.482Z","timestamp":1732732222482,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sohbetcini.net","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Sep 2024 23:24:46 GMT","end":"Sat, 30 Nov 2024 23:24:45 GMT"},"fingerprint":{"sha1":"7F:3C:48:62:46:0C:96:73:2E:18:25:9B:CC:D2:46:38:FA:0C:FA:E4","sha256":"10:B0:41:C6:2F:E4:11:D7:C8:8E:64:A9:1C:5F:80:0F:36:F5:33:63:F1:A6:C5:30:45:C4:CF:E5:35:1D:C6:BB"}}},"request":{"raw":"GET /mirc.rar HTTP/1.1\r\nHost: www.sohbetcini.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/x-rar-compressed\r\nlast-modified: Sat, 22 Jan 2022 11:06:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2692999\r\ndate: Wed, 27 Nov 2024 18:30:18 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2692999,"size_decoded":2692999,"mime_type":"application/x-rar-compressed","magic":"RAR archive data, v5","md5":"c34752e59b5fee89be02e7ba6b58adb0","sha1":"acd5457efde49b2a22667484839372f58d2235d6","sha256":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","sha512":"0485bde1b38c066846e6f19997a8fdd2d35dfa7ee258c257d85e2e5d807b7c4a03b61186bb0f76d808c6701473c957aaf7453b4d0b603a439bc425788cc49635","ssdeep":"49152:TlisFhZZtobbq10IoUWXoFRE1voB89rhumpPMbXDS5nmWE:T0suf6NRFsDrhuACz0E","tlshash":"9dc5333825deb12c99da3f33d8832efdee2e1f618470565e27082b5b16750d6870e4ad","first_seen":"2023-08-20T12:09:32Z","last_seen":"2025-04-20T01:48:44.326564Z","times_seen":39,"resource_available":false,"data":null}},"time_used":1438,"timings":{"blocked":432,"dns":298,"connect":63,"send":0,"wait":63,"receive":510,"ssl":70},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-10-14","alert":"Scan result 3/62","trigger":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","verdict":"suspicious","severity":"","comment":"suspicious - 3/62","link":"https://www.virustotal.com/gui/file/f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","meta":null}],"urlquery":null}}]}