Report Overview

  1. Submitted URL

    www.dosya.tc/server41/wpf6mr/main.exe.html

  2. IP

    136.243.28.94

    ASN

    #24940 Hetzner Online GmbH

  3. Submitted

    2023-01-29 21:08:42

    Access

  4. Website Title

  5. Final URL

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    1

  4. Threat Detection Systems

    8

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
r3.o.lencr.org3442020-12-02T09:52:13Z2023-03-13T05:09:07Z
googleads.g.doubleclick.net422021-02-20T16:43:32Z2023-03-13T08:39:16Z
adservice.google.com762021-02-20T17:10:48Z2023-03-13T08:49:52Z
img-getpocket.cdn.mozilla.net16312018-06-22T01:36:00Z2023-03-13T05:09:16Z
firefox.settings.services.mozilla.com8672020-06-04T22:08:41Z2023-03-13T05:09:10Z
phicmune.net1990642021-04-07T16:53:43Z2023-03-13T07:40:28Z
www.google-analytics.com402012-10-03T03:04:21Z2023-03-13T07:36:03Z
push.services.mozilla.com21402014-10-24T10:27:06Z2023-03-13T05:09:14Z
www.google.com72015-05-10T13:11:19Z2023-03-13T06:40:43Z
www.dosya.tcunknown2012-05-20T21:31:56Z2023-03-13T04:21:39Z
ocsp.pki.goog1752018-07-01T08:43:07Z2023-03-13T05:09:47Z
stats.g.doubleclick.net962013-06-10T22:21:11Z2023-03-13T08:02:41Z
adservice.google.no969692018-06-20T01:38:38Z2023-03-13T05:09:46Z
tpc.googlesyndication.com1262020-01-16T09:35:32Z2023-03-13T05:31:03Z
content-signature-2.cdn.mozilla.net11522020-11-03T13:26:46Z2023-03-13T05:09:35Z
contile.services.mozilla.com11142021-05-27T20:32:35Z2023-03-13T05:09:13Z
my.rtmark.net90542015-02-04T10:54:57Z2023-03-13T05:11:40Z
pagead2.googlesyndication.com1012021-02-20T16:52:05Z2023-03-13T08:39:15Z
cdn.itskiddien.clubunknown2022-10-06T18:03:35Z2023-03-13T08:06:22Z

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP 136.243.28.94
ET INFO HTTP Request to a *.tc domain

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter
SeverityIndicatorAlert
mediumphicmune.net/customMalware
mediumphicmune.net/customMalware
mediumphicmune.net/customMalware
mediumphicmune.net/customMalware

mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (134)

HTTP Transactions (71)

URLIPResponseSize
www.dosya.tc/server41/wpf6mr/main.exe.html
136.243.28.94302 Found234 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK939 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK5.3 kB
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK12 B
www.dosya.tc/server41/wpf6mr/main.exe.html
136.243.28.94200 OK5.1 kB
www.dosya.tc/style/style.css
136.243.28.94200 OK2.0 kB
www.dosya.tc/style/bootstrap.css
136.243.28.94200 OK21 kB
www.dosya.tc/images/footer-icon3.png
136.243.28.94200 OK1.7 kB
www.dosya.tc/images/footer-icon1.png
136.243.28.94200 OK582 B
www.dosya.tc/images/footer-icon2.png
136.243.28.94200 OK850 B
www.dosya.tc/images/logo.png
136.243.28.94200 OK7.2 kB
www.dosya.tc/images/download-img.png
136.243.28.94200 OK6.8 kB
www.dosya.tc/images/uye-girisi.png
136.243.28.94200 OK3.0 kB
r3.o.lencr.org/
23.33.119.27200 OK503 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK329 B
www.dosya.tc/images/menu-ayrac.png
136.243.28.94200 OK125 B
www.dosya.tc/images/background.webp
136.243.28.94200 OK113 kB
phicmune.net/zone?pub=0&zone_id=5030740&is_mobile=false&domain=www.dosya.tc&var=&ymid=&var_3=
139.45.197.251200 OK755 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
www.dosya.tc/apple-touch-icon.png
136.243.28.94200 OK6.6 kB
www.dosya.tc/favicon-16x16.png
136.243.28.94200 OK1.6 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
phicmune.net/pfe/current/tag.min.js?z=5030740
139.45.197.251200 OK6.5 kB
www.google-analytics.com/analytics.js
142.250.74.46200 OK20 kB
phicmune.net/pfe/current/universal.min.js?v=3.1.415
139.45.197.251200 OK84 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
www.google-analytics.com/j/collect?v=1&_v=j99&a=296731261&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dosya.tc%2Fserver41%2Fwpf6mr%2Fmain.exe.html&ul=en-us&de=windows-1254&dt=main.exe%20dosyas%C4%B1n%C4%B1%20indir%20-%20download&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=116146722&gjid=920708919&cid=135393214.1675026521&tid=UA-60205436-1&_gid=697253529.1675026521&_r=1&_slc=1&z=2134419019
142.250.74.46200 OK4 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
phicmune.net/custom
139.45.197.251200 OK0 B
www.dosya.tc/sw.js
136.243.28.94200 OK2.4 kB
phicmune.net/custom
139.45.197.251200 OK39 B
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
142.250.74.98200 OK4.2 kB
r3.o.lencr.org/
23.33.119.27200 OK503 B
push.services.mozilla.com/
54.149.45.114101 Switching Protocols0 B
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-60205436-1&cid=135393214.1675026521&jid=116146722&gjid=920708919&_gid=697253529.1675026521&_u=IEBAAEAAAAAAACAAI~&z=1072808594
209.85.233.156200 OK1 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
my.rtmark.net/gid.js?userId=b72c9758dc45402e82aabbbc85da2d2b
139.45.195.8200 OK65 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
adservice.google.com/adsid/integrator.js?domain=www.dosya.tc
142.250.74.34200 OK100 B
adservice.google.no/adsid/integrator.js?domain=www.dosya.tc
172.217.21.162200 OK100 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
phicmune.net/custom
139.45.197.251200 OK39 B
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230124&st=env
142.250.74.162200 OK11 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK6.4 kB
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.193200 OK5.0 kB
pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js
142.250.74.162200 OK14 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK510 B
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230124&jk=4351223584589769&rc=
142.250.74.162204 No Content0 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
r3.o.lencr.org/
23.33.119.27200 OK503 B
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK12 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK9.2 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
34.120.237.76200 OK6.2 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK4.5 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK5.6 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK8.7 kB
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230124&jk=4351223584589769&bg=!UFOlUxfNAAZSrDxfcqw7ACkAdvg8WtAp41XV3Wg-LekKTHmylazGTVZMRI8g6YIfvWCqeMHacixKowIAAABiUgAAAAVoAQcKAPrMitxnmdjTCNc4OuB3m_lMNmri_t7J9G85zPo0DI3is01n89h-dPs3QeJzkpyy4LofxCn3WD5Xd2X4ddsP1QmF_r4sb5yPKQxPWxV04SYx7OiZLpJVYqJlYQu4FMi2MtLo5RU46x3Zl2u-pskBAcW0UNoVwiETBifWDoRR4Gcq-91nc4qlRcjaH4E4smcNPWY3buvznfU7Ob2cTGPoiJUlB9C713NrMqYWlL9z3tUwwpumT6dhaEYDUd3jjW-V2UX4MwIUevpLTubJkDE80EC8755qE_6DT6Y5ixV_UeEfs4qAi8Ux_SZRRjuLE5bWSGecYicWV_M_lfDbmQKCXsLTezbKnsB_Fcp2fx5NluNExeBTmILT_SY2VwIjx34wPNQKHJKSyAILtqUIbKltNv1l2lHULeTSO-PDWd6iAdr9GYuJKMVTaYKkcvkHLrrni1qvyNrFlV0lJR8Pen4QRoNq9AV09xPPTnT2gCwK4415qVBGaklwPRO_bUsL5J22P3QsGFzbdfUfpS9V0UMLO6pxn0BPkopeNvsWamyo3E9lMgSvqVh1HYIuItVLbeaL0B0WuW5gzncdKWPZOCNxNtGgQBzRdKu_AYiEJOn6nTKP45fi7UhfxYsePXYrjaRQtWS-u9BynzyIGmOdK-Rvhuj4bqT6ncbfLU05oZ3ve9y4HwiIfIlVV3bPoNR3fHR6Ki7_K9gbhLOZX__Z002ai6G4FPfenWOrvl7xnl9NokiJLjO7EUkjhxMUBZHrk5SaItsrrdT_bCwy09GAY3buc8PeLmmDLq9KKC1PXLCzwhh5aksxNYYOrJ7BvCefhNPuahTAfByN3ED8vqI4Q_qvSfY-_H3qCgO2_7uvYGzZywiSrQN4csviltPVRjhAPNXTBkF-B3LbMSrqvcGkjN9GKDBcmbHVFb8nEC9YqieRxkVvLNXeVI-3bSv4z5CbUMErky7_trLsBJDWGJXQlwaXgJn12kd0PVyRZME6pcxfyx3YZTjtD-NqUSwd0e3hCFPjQMjze98gOpm1nHXRBFoj9JDtK5zh3itWEwlStDyv8bDMDps05Awyd7USTd-4F2rROh26rc7f84Z-5K-6mzXJjMSS1Ha7-W0t37ImlWgnIzZVJYT_y1OuaEvxAWAh873CDHP7ykqx10rxdwdT4qMTq8j58ewG_3lnrpnHr3ZmACs1
142.250.74.162204 No Content0 B
phicmune.net/custom
139.45.197.251200 OK39 B
cdn.itskiddien.club/apu.php?zoneid=5426561
139.45.197.236200 OK0 B