Report Overview

  1. Submitted URL

    www.dosya.tc/server41/lf89ym/LucioBats.rar.html

  2. IP

    136.243.28.94

    ASN

    #24940 Hetzner Online GmbH

  3. Submitted

    2023-01-31 19:31:33

    Access

  4. Website Title

  5. Final URL

  6. Tags

  7. urlquery detections

    No alerts detected

Detections

  2. urlquery

    0

  3. Network Intrusion Detection

    1

  4. Threat Detection Systems

    6

Domain Summary

Domain / FQDNRankRegisteredFirst SeenLast Seen
push.services.mozilla.com21402014-10-24T10:27:06Z2023-03-13T05:09:14Z
adservice.google.no969692018-06-20T01:38:38Z2023-03-13T05:09:46Z
r3.o.lencr.org3442020-12-02T09:52:13Z2023-03-13T05:09:07Z
firefox.settings.services.mozilla.com8672020-06-04T22:08:41Z2023-03-13T05:09:10Z
phicmune.net1990642021-04-07T16:53:43Z2023-03-13T07:40:28Z
pagead2.googlesyndication.com1012021-02-20T16:52:05Z2023-03-13T08:39:15Z
tpc.googlesyndication.com1262020-01-16T09:35:32Z2023-03-13T05:31:03Z
www.dosya.tcunknown2012-05-20T21:31:56Z2023-03-13T04:21:39Z
my.rtmark.net90542015-02-04T10:54:57Z2023-03-13T05:11:40Z
adservice.google.com762021-02-20T17:10:48Z2023-03-13T08:49:52Z
www.google-analytics.com402012-10-03T03:04:21Z2023-03-13T07:36:03Z
stats.g.doubleclick.net962013-06-10T22:21:11Z2023-03-13T08:02:41Z
cdn.itskiddien.clubunknown2022-10-06T18:03:35Z2023-03-13T08:06:22Z
www.google.com72015-05-10T13:11:19Z2023-03-13T06:40:43Z
img-getpocket.cdn.mozilla.net16312018-06-22T01:36:00Z2023-03-13T05:09:16Z
content-signature-2.cdn.mozilla.net11522020-11-03T13:26:46Z2023-03-13T05:09:35Z
contile.services.mozilla.com11142021-05-27T20:32:35Z2023-03-13T05:09:13Z
ocsp.pki.goog1752018-07-01T08:43:07Z2023-03-13T05:09:47Z

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

SeveritySource IPDestination IPAlert
mediumClient IP 136.243.28.94
ET INFO HTTP Request to a *.tc domain

Threat Detection Systems

OpenPhish

No alerts detected


PhishTank

No alerts detected


Fortinet's Web Filter
SeverityIndicatorAlert
mediumphicmune.net/customMalware
mediumphicmune.net/customMalware
mediumphicmune.net/customMalware

mnemonic secure dns

No alerts detected


Quad9 DNS

No alerts detected


ThreatFox

No alerts detected


JavaScript (137)

HTTP Transactions (66)

URLIPResponseSize
www.dosya.tc/server41/lf89ym/LucioBats.rar.html
136.243.28.94302 Found239 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK939 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK5.3 kB
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK12 B
www.dosya.tc/server41/lf89ym/LucioBats.rar.html
136.243.28.94200 OK5.1 kB
www.dosya.tc/style/style.css
136.243.28.94200 OK2.0 kB
r3.o.lencr.org/
23.36.76.226200 OK503 B
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK329 B
www.dosya.tc/style/bootstrap.css
136.243.28.94200 OK21 kB
www.dosya.tc/images/download-img.png
136.243.28.94200 OK6.8 kB
www.dosya.tc/images/uye-girisi.png
136.243.28.94200 OK3.0 kB
www.dosya.tc/images/footer-icon1.png
136.243.28.94200 OK582 B
www.dosya.tc/images/footer-icon3.png
136.243.28.94200 OK1.7 kB
www.dosya.tc/images/footer-icon2.png
136.243.28.94200 OK850 B
www.dosya.tc/images/logo.png
136.243.28.94200 OK7.2 kB
phicmune.net/zone?pub=0&zone_id=5030740&is_mobile=false&domain=www.dosya.tc&var=&ymid=&var_3=
139.45.197.251200 OK755 B
www.dosya.tc/images/menu-ayrac.png
136.243.28.94200 OK125 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
phicmune.net/custom
139.45.197.251200 OK0 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
www.google-analytics.com/analytics.js
142.250.74.110200 OK20 kB
www.dosya.tc/apple-touch-icon.png
136.243.28.94200 OK6.6 kB
www.dosya.tc/images/background.webp
136.243.28.94200 OK113 kB
www.dosya.tc/favicon-16x16.png
136.243.28.94200 OK1.6 kB
phicmune.net/custom
139.45.197.251200 OK39 B
phicmune.net/pfe/current/universal.min.js?v=3.1.415
139.45.197.251200 OK84 kB
www.dosya.tc/sw.js
136.243.28.94200 OK2.4 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
push.services.mozilla.com/
34.210.150.237101 Switching Protocols0 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
my.rtmark.net/gid.js?userId=1b6da3eef8904648b0bcf75a68125672
139.45.195.8200 OK65 B
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-60205436-1&cid=2034948077.1675193501&jid=1834385948&gjid=1271712340&_gid=593300771.1675193501&_u=IEBAAEAAAAAAACAAI~&z=1852153654
64.233.164.154200 OK1 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
adservice.google.com/adsid/integrator.js?domain=www.dosya.tc
142.250.74.162200 OK100 B
adservice.google.no/adsid/integrator.js?domain=www.dosya.tc
216.58.207.194200 OK100 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
ocsp.pki.goog/gts1c3
142.250.74.131200 OK472 B
phicmune.net/custom
139.45.197.251200 OK39 B
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230125&st=env
142.250.74.66200 OK11 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK6.4 kB
cdn.itskiddien.club/?rb=akdsuoNNLSYyun-wPBz9WPIaU7AVSk7eF9LDyHymrbfqsAkRJ3A8MambyMjaRqEw0ezY90w73jMBuKzC4-VDJ5DmTM5KhFLTvGUwoW42iJKap-1bxBzfJ5AUyXwhzNt3a1ZIZfyMXiQge2YvnMiMUh_UiM2U8zIfgmszKdepEeAiXsndXw86eMUWx_0eNsllpILZ0zRZDO3nJbrSeBrFYTOvVlQUYL3TCBPY4Q%3D%3D&request_ab2=0&zoneid=5426561&js_build=iclick-v1.476.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.dosya.tc%2Fserver41%2Flf89ym%2FLucioBats.rar.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.476.0&bs=4f0c551a-ce66-4759-aecc-84b4a4bad61a&userId=1b6da3eef8904648b0bcf75a68125672&m=link
139.45.197.236200 OK6.8 kB
pagead2.googlesyndication.com/bg/61GpKCApVLYQT9jNIt6Sy6gazCCT9Y8KR4-jaxve3Xw.js
142.250.74.66200 OK14 kB
ocsp.pki.goog/gts1c3
142.250.74.131200 OK471 B
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK512 B
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230125&jk=964468964494535&rc=
142.250.74.66204 No Content0 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
r3.o.lencr.org/
23.36.76.226200 OK503 B
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK14 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK8.6 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK11 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK11 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK5.9 kB
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK10 kB
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230125&jk=964468964494535&bg=!OzilOHzNAAbFy4Ck5cs7ACkAdvg8Wn0en89ppa9Ae4xzb1WdYwEZUGhqIqUQVWBmsTaOcjNY9IBgQAIAAACWUgAAAAloAQeZAnwoQrca8EuJAZ44XRb1U_OYS23FTQtgukZSKfs-7ux57g7hXIH970YMHe7kDyzLuYFPwepKm6949LV5MxeOVlR7x4jkP1N38URF7i4F2rk2PuEIEmJDxlHdRE38HGvbLvUIhUIGR7xKTui0uRsr8vtQjMzc3VxHOwvcUXelTuQIKmmsFSsAr-OyoQ1uWbpPiP3-CkC8UhooJxIHaZbsgOUhLxoLyiHkNjW7xfQb2RQDzcdsyVE8eAFBet_Zsrz7MlvDzANARit53WgfUiWuY8EDcwXLYcaMxqDsiYHr6ygp_f5PSpFHtYFUzk4Nn7MF09bEbaa7hFAxlJkKGDX6vEWpugPx_2EN0YuhY-9RL_hDz8PHWen_LtnK6mQxVho1hjTGMnuMcQdv50RGodOe7yofJPpjNjriDtf9y7z1QD_KlvydgNlF6jbxMBWys7Wf-sNEBsD7P4JUhEyfzFd6sahnGZXhKocYi2R09NU6mPHPeoy4x7YDBdLgHZFDtp3jCnMwCPW-tgBXr-gp9KgYNqkMMkbAdzulrv8R32v5b9X09ZgFwyax8hrajHaN-eiyxaShzMYKdwS3NnNCBbfhdCVsKPDM6Om4-_5054CGT2y029fvposLzViLCHbWWZX77IBSiQbcAWZjP57xbXO5-JUy1ejuLBYv5yQuF7E2eCvrYGHOWVroDZ98Sw9ilSuCntUul1CuUVIwKQnukf4w8VN68qoucitLF7ung3js0y4rjR9ph10AyVlGad8XzpJKQmdTJpRxvYCVMkNXrhYCW9xUslpRAZhS11s0RjVM9K00pbLGXeVZjNEVkhxizb137M3LLEeU8sVIxL3RKLg
142.250.74.66204 No Content0 B
cdn.itskiddien.club/apu.php?zoneid=5426561
139.45.197.236200 OK0 B
phicmune.net/pfe/current/tag.min.js?z=5030740
139.45.197.251200 OK0 B