| www.smartftp.com/get/SFTPMSI64.exe |  192.99.223.240 | 301 Moved Permanently | 171 B |
URL User Request GET HTTP/2www.smartftp.com/get/SFTPMSI64.exe IP192.99.223.240:443
CertificateIssuerLet's Encrypt Subject*.smartftp.com Fingerprint88:FE:76:E6:39:49:28:9D:1B:77:CE:44:A2:5F:7D:D4:A8:37:D7:85 ValidityMon, 02 Oct 2023 02:16:01 GMT - Sun, 31 Dec 2023 02:16:00 GMT
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text Hashce8b814c434d19b899d401cbfbbe49a3 b25233574727244d6a9a059bcee20c1373b68a2a 2ae87f634cfaaba1e95d8844979d5235a1124ebee7438582d60b36fec29c06e3
GET /get/SFTPMSI64.exe HTTP/1.1
Host: www.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.smartftp.com/get/Client?platform=x64
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Oct 2023 01:34:56 GMT
content-length: 171
X-Firefox-Spdy: h2
|
| www.smartftp.com/get/Client?platform=x64 | 192.99.223.240 | 302 Found | 0 B |
URL User Request GET HTTP/2www.smartftp.com/get/Client?platform=x64 IP192.99.223.240:443
CertificateIssuerLet's Encrypt Subject*.smartftp.com Fingerprint88:FE:76:E6:39:49:28:9D:1B:77:CE:44:A2:5F:7D:D4:A8:37:D7:85 ValidityMon, 02 Oct 2023 02:16:01 GMT - Sun, 31 Dec 2023 02:16:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/Client?platform=x64 HTTP/1.1
Host: www.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://static.smartftp.com/static/Products/Client/10.0.3165.0/x64/SmartFTP-Setup.exe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Oct 2023 01:34:56 GMT
content-length: 0
X-Firefox-Spdy: h2
|
| static.smartftp.com/static/Products/Client/10.0.3165.0/x64/SmartFTP-Setup.exe |  188.114.97.1 | 200 OK | 10 MB |
URL User Request GET HTTP/2static.smartftp.com/static/Products/Client/10.0.3165.0/x64/SmartFTP-Setup.exe IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subject*.smartftp.com Fingerprint19:01:EA:A7:95:83:19:67:CD:B6:2A:94:21:6B:09:EF:62:62:A5:C8 ValidityTue, 12 Sep 2023 10:19:15 GMT - Mon, 11 Dec 2023 10:19:14 GMT
File typePE32+ executable (GUI) x86-64, for MS Windows\012- data Size10 MB (10033896 bytes) Hasha9ff89620c6508e2d1362c8f04c63ab8 38414b8e0803b8a8060c624df908c4c4e91ff965 714faf848d709c26a3b790f749975bc1ecbd9c8180ea63d7584a1e2782c77edb
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /static/Products/Client/10.0.3165.0/x64/SmartFTP-Setup.exe HTTP/1.1
Host: static.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 03 Oct 2023 01:34:58 GMT
content-type: application/octet-stream
content-length: 10033896
last-modified: Wed, 27 Sep 2023 01:57:53 GMT
etag: "ebd6287e6f0d91:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 81017219f9a51c0a-OSL
X-Firefox-Spdy: h2
|