{"report_id":"b54139de-a616-471f-8bde-5b205d0f57e6","version":6,"status":"done","tags":[],"date":"2025-01-15T23:13:50Z","url":{"schema":"http","addr":"www.sohbetcini.net/mirc.rar","fqdn":"www.sohbetcini.net","domain":"sohbetcini.net","tld":"net"},"ip":{"addr":"185.9.39.188","port":0,"asn":199608,"as":"Birbir Internet Teknolojileri Sanayi ve Ticaret Limited Sirketi","country":"Türkiye","country_code":"TR"},"final":{"url":{"schema":"about","addr":"about:privatebrowsing","fqdn":"","domain":"","tld":""},"title":"about:privatebrowsing"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-03-26T23:13:50Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.sohbetcini.net","ip":{"addr":"185.9.39.188","port":443,"asn":199608,"as":"Birbir Internet Hizmetleri","country":"Türkiye","country_code":"TR"},"domain_registered":"2023-04-18","domain_rank":0,"first_seen":"2020-05-13T05:06:12Z","last_seen":"2024-12-14T15:54:13.17849Z","alert_count":1,"request_count":1,"received_data":2693405,"sent_data":481,"comment":"","tags":null,"fingerprints":null}],"files":[{"md5":"c34752e59b5fee89be02e7ba6b58adb0","sha1":"acd5457efde49b2a22667484839372f58d2235d6","sha256":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","sha512":"0485bde1b38c066846e6f19997a8fdd2d35dfa7ee258c257d85e2e5d807b7c4a03b61186bb0f76d808c6701473c957aaf7453b4d0b603a439bc425788cc49635","magic":"RAR archive data, v5","size":2692999,"url":{"schema":"https","addr":"www.sohbetcini.net/mirc.rar","fqdn":"www.sohbetcini.net","domain":"sohbetcini.net","tld":"net"},"ip":{"addr":"185.9.39.188","port":443,"asn":199608,"as":"Birbir Internet Hizmetleri","country":"Türkiye","country_code":"TR"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-10-14","alert":"Scan result 3/62","trigger":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","verdict":"suspicious","severity":"","comment":"suspicious - 3/62","link":"https://www.virustotal.com/gui/file/f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","meta":null}]}}],"artifacts":{"windows_shortcuts":null,"files":[{"md5":"c34752e59b5fee89be02e7ba6b58adb0","sha1":"acd5457efde49b2a22667484839372f58d2235d6","sha256":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","sha512":"0485bde1b38c066846e6f19997a8fdd2d35dfa7ee258c257d85e2e5d807b7c4a03b61186bb0f76d808c6701473c957aaf7453b4d0b603a439bc425788cc49635","magic":"RAR archive data, v5","size":2692999,"url":{"schema":"https","addr":"www.sohbetcini.net/mirc.rar","fqdn":"www.sohbetcini.net","domain":"sohbetcini.net","tld":"net"},"ip":{"addr":"185.9.39.188","port":443,"asn":199608,"as":"Birbir Internet Hizmetleri","country":"Türkiye","country_code":"TR"},"archive":null,"alerts":{"urlquery":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-10-14","alert":"Scan result 3/62","trigger":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","verdict":"suspicious","severity":"","comment":"suspicious - 3/62","link":"https://www.virustotal.com/gui/file/f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","meta":null}]}}],"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.sohbetcini.net/mirc.rar","fqdn":"www.sohbetcini.net","domain":"sohbetcini.net","tld":"net"},"ip":{"addr":"185.9.39.188","port":443,"asn":199608,"as":"Birbir Internet Hizmetleri","country":"Türkiye","country_code":"TR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-15T23:13:24.668Z","timestamp":1736982804668,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sohbetcini.net","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Dec 2024 20:23:30 GMT","end":"Tue, 04 Mar 2025 20:23:29 GMT"},"fingerprint":{"sha1":"B6:3F:F9:30:F8:DE:1B:15:FA:DA:AB:43:EA:81:19:A4:BF:7C:59:3C","sha256":"8F:A4:4D:C0:24:FE:FE:D7:C4:1D:95:A4:3C:01:BD:F1:8F:69:CF:59:CD:22:2A:C4:A1:27:A8:D1:4B:80:97:07"}}},"request":{"raw":"GET /mirc.rar HTTP/1.1\r\nHost: www.sohbetcini.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/x-rar-compressed\r\nlast-modified: Sat, 22 Jan 2022 11:06:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2692999\r\ndate: Wed, 15 Jan 2025 23:13:24 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2692999,"size_decoded":2692999,"mime_type":"application/x-rar-compressed","magic":"RAR archive data, v5","md5":"c34752e59b5fee89be02e7ba6b58adb0","sha1":"acd5457efde49b2a22667484839372f58d2235d6","sha256":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","sha512":"0485bde1b38c066846e6f19997a8fdd2d35dfa7ee258c257d85e2e5d807b7c4a03b61186bb0f76d808c6701473c957aaf7453b4d0b603a439bc425788cc49635","ssdeep":"49152:TlisFhZZtobbq10IoUWXoFRE1voB89rhumpPMbXDS5nmWE:T0suf6NRFsDrhuACz0E","tlshash":"9dc5333825deb12c99da3f33d8832efdee2e1f618470565e27082b5b16750d6870e4ad","first_seen":"2023-08-20T12:09:32Z","last_seen":"2025-04-20T01:48:44.326564Z","times_seen":39,"resource_available":false,"data":null}},"time_used":859,"timings":{"blocked":141,"dns":3,"connect":64,"send":0,"wait":64,"receive":512,"ssl":72},"alerts":{"ids":null,"analyzer":[{"sensor_name":"virustotal","sensor_type":"file","title":"","description":"VirusTotal","scan_date":"2023-10-14","alert":"Scan result 3/62","trigger":"f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","verdict":"suspicious","severity":"","comment":"suspicious - 3/62","link":"https://www.virustotal.com/gui/file/f8e8dce01e4991a00668f36efd538dded3f39524e25fe5b9ac9ad5fecaf7670b","meta":null}],"urlquery":null}}]}