| www.fixmestick.com/connect.exe |  34.120.187.135 | 302 Found | 114 B |
URL User Request GET HTTP/2www.fixmestick.com/connect.exe IP34.120.187.135:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerGoogle Trust Services Subjectwww.fixmestick.com Fingerprint47:E7:D9:72:5F:2C:48:79:0D:42:4D:5C:3C:26:96:B9:83:74:24:99 ValidityFri, 06 Dec 2024 15:22:42 GMT - Thu, 06 Mar 2025 16:16:55 GMT
File typeHTML document, ASCII text, with no line terminators Hash4379633753d513c837a9eea2a476cf0b 3f683da54cd7080d3bea1ea5b48a688b28dffb35 b06f3924b0355bdb859b7a9c615af046dd509eeecde8926adf9074b713a9949c
GET /connect.exe HTTP/1.1
Host: www.fixmestick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.14.2
date: Sun, 12 Jan 2025 00:40:13 GMT
content-type: text/html; charset=utf-8
content-length: 114
x-powered-by: Express
location: https://app.fixmestick.com/connect/
vary: Accept
via: 1.1 google
set-cookie: GCLB=CO65ocirgOehIRAD; path=/; HttpOnly; expires=Sun, 12-Jan-2025 00:50:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
| app.fixmestick.com/connect/ | 34.102.141.85 | 302 Found | 0 B |
URL User Request GET HTTP/2app.fixmestick.com/connect/ IP34.102.141.85:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerGoogle Trust Services Subjectapp.fixmestick.com Fingerprint3F:61:04:8B:D0:13:AC:CC:42:EB:6A:32:CB:EF:7C:65:2E:05:A8:64 ValiditySat, 07 Dec 2024 08:46:35 GMT - Fri, 07 Mar 2025 09:41:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/ HTTP/1.1
Host: app.fixmestick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.14.2
date: Sun, 12 Jan 2025 00:40:14 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://nyc.cdn.fixmestick.com/cdn/connect.exe
x-frame-options: DENY
vary: Accept-Language,Cookie
content-language: en-us
x-content-type-options: nosniff
set-cookie: _fms_external_id=HBo0kCB9JUV0novx8o3PAGy1IldaKiry; Domain=.fixmestick.com; expires=Tue, 12 Jan 2027 00:40:14 GMT; Max-Age=63072000; Path=/; SameSite=None; Secure
sessionid=dz100bt4f0omn4qb2xsst89g04qdigs4; expires=Sun, 26 Jan 2025 00:40:14 GMT; HttpOnly; Max-Age=1209600; Path=/; Secure
GCLB=CNDl0fnO7f6xjAEQAw; path=/; HttpOnly; expires=Sun, 12-Jan-2025 00:50:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
| nyc.cdn.fixmestick.com/cdn/connect.exe | 198.199.83.79 | 200 OK | 18 MB |
URL User Request GET HTTP/1.1nyc.cdn.fixmestick.com/cdn/connect.exe IP198.199.83.79:80 ASN#14061 DIGITALOCEAN-ASN
File typePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections Size18 MB (18526632 bytes) Hash14e4aca358d2faa7e8d50778de6c5b43 0ae8bfb7f697566280cd660835be9622547bb800 65c9273da097254aa183542cdb4b025199fe53733abb6da41322f813c675e5a5
| NIDS | Severity | Alert |
|---|
| suricata | high | ET POLICY PE EXE or DLL Windows file download HTTP |
GET /cdn/connect.exe HTTP/1.1
Host: nyc.cdn.fixmestick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 12 Jan 2025 00:40:14 GMT
Content-Type: application/octet-stream
Content-Length: 18526632
Last-Modified: Thu, 06 Feb 2020 19:11:02 GMT
Connection: keep-alive
ETag: "5e3c64c6-11ab1a8"
Accept-Ranges: bytes
|