| www.ashampoo.com/ashampoo_winoptimizer_26_sm.exe |  18.197.209.74 | | 566 B |
URL www.ashampoo.com/ashampoo_winoptimizer_26_sm.exe IP18.197.209.74:0
File typeHTML document, ASCII text Hash3b1240509fcb8c1303ddb9fc14a5e6ed c43bfb0d235302ac2e6d48d72084a3d732fe2c44 1ff196d556e220ce470e4eb15dc8afd564d1f5b41ff2888e92708f2ae285d63a
GET /ashampoo_winoptimizer_26_sm.exe HTTP/1.1
Host: www.ashampoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 17 Apr 2024 02:53:27 GMT
Server: Apache
Strict-Transport-Security: max-age=31556926
Cache-Control: no-cache, private
Location: https://cdn1.ashampoo.net/ashampoo/6706/ashampoo_winoptimizer_26_26.00.24_sm.exe
Set-Cookie: XSRF-TOKEN=eyJpdiI6InprSUppb09Gak9mZUVuRE5xemdlVmc9PSIsInZhbHVlIjoiNmxtZXV2cFp5UXJjc1FHL3JFTVBSQ2JJVFJOUlJ2T1hJSWh1Q0gxWDlwaW1lSTZ6ZGdaZ280eFRpcGJqYStwaXJMNllNVmNUQzltWERLVkhDaW5xajR4NEpuK0dkV3dsa1d5VzF2aFFERkY5UlBzQW1UVlhPbTB4dzZ6RHc2VEMiLCJtYWMiOiI1N2VlNjgzMjk3MDFmMzk1M2U3N2FiZGYwNzkwYTJhYmQ2ZjRmZmE3MTk4M2UwMzNiZjVkZjczMWJlZTczYWJkIiwidGFnIjoiIn0%3D; expires=Wed, 17 Apr 2024 04:53:28 GMT; Max-Age=7200; path=/; secure; samesite=lax
ashampoo_session=eyJpdiI6InpPYmxyRHY4eTRJYU1yb1F0Y3ZPeUE9PSIsInZhbHVlIjoiQWxCSG8xVjFBQ1VaazdGUUlhckNZd2YzNnc1NVcrdUcvZnl3NW94YUFYeE5kVmQ3MHl5Z2ZmZSszWWVJTFRRdER3THdxZjJvSDFMZDlzN3BOc3lqeTkvMG1uVW1XeHFiYmtUNi9mb09VUFFZNzJMbmtUYm16cm03UXlkMUZJOEUiLCJtYWMiOiI2NWU2ZTgxMjBjZmRlZmJjYzVmNzVjODQ2MGY2NzU0MjE3ZTQ2ZjU4NGM3MGZiOGQwMDJiODQ3ZWRiZTkxY2I3IiwidGFnIjoiIn0%3D; expires=Wed, 17 Apr 2024 04:53:28 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Access-Control-Allow-Origin: *
Content-Security-Policy: frame-ancestors 'self' https://*.ashampoo.com https://*.cms.test
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
| ocsp.r2m03.amazontrust.com/ |  3.164.222.26 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP3.164.222.26:0
Hash0384f4a9edcbf82d92ae5649c6029f6a 4b380339ed0affe51ee13e86ad38f67cd68ed66c 9c212b827eb6f527cce9b445ea23998d1fe810e61acc5286c8afc06b80ddbc4a
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 17 Apr 2024 02:53:28 GMT
Last-Modified: Wed, 17 Apr 2024 02:32:33 GMT
Server: ECAcc (amb/6B0A)
X-Cache: Miss from cloudfront
Via: 1.1 fe0e9f973c9ac868eacfdb9b14bf55f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN53-P1
X-Amz-Cf-Id: PXPuj91kMI8debD-Vy0cr2OrVf8vaTHzMrn1-6SrtYe0Cf-3IWj-pA==
Age: 1255
|
| cdn1.ashampoo.net/ashampoo/6706/ashampoo_winoptimizer_26_26.00.24_sm.exe | 143.204.55.110 | 200 OK | 29 MB |
URL User Request GET HTTP/2cdn1.ashampoo.net/ashampoo/6706/ashampoo_winoptimizer_26_26.00.24_sm.exe IP143.204.55.110:443
CertificateIssuerAmazon Subject*.ashampoo.net Fingerprint91:F0:B0:BD:BF:9C:EA:41:7F:38:38:19:89:BA:3D:CB:E8:53:06:DE ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 10 sections Size29 MB (29290216 bytes) Hash65fcfcaac97b3f7cdc04af082304d787 0d042923e714418eb71856cc9419aed60af3fb6f 6d1e6c3a96023c9232cdd25ae19a61d39ebeadb80fdeca80e19ded687ba5e2c9
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /ashampoo/6706/ashampoo_winoptimizer_26_26.00.24_sm.exe HTTP/1.1
Host: cdn1.ashampoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 29290216
date: Wed, 10 Apr 2024 19:05:35 GMT
last-modified: Mon, 04 Mar 2024 08:20:02 GMT
etag: "65fcfcaac97b3f7cdc04af082304d787"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xqDEorXPBcwKr_yuG9MVYHA0eqCqREELvpQYy3_FCnmr7Th1pRLHjQ==
age: 546474
X-Firefox-Spdy: h2
|