| www.smartftp.com/get/SFTPMSI64.exe |  192.99.223.240 | 301 Moved Permanently | 171 B |
URL User Request GET HTTP/2www.smartftp.com/get/SFTPMSI64.exe IP192.99.223.240:443
CertificateIssuerLet's Encrypt Subject*.smartftp.com FingerprintFE:02:10:38:F8:61:88:BF:13:A5:5E:60:1A:34:AE:C3:53:37:99:C5 ValidityWed, 02 Aug 2023 02:16:00 GMT - Tue, 31 Oct 2023 02:15:59 GMT
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text Hashce8b814c434d19b899d401cbfbbe49a3 b25233574727244d6a9a059bcee20c1373b68a2a 2ae87f634cfaaba1e95d8844979d5235a1124ebee7438582d60b36fec29c06e3
GET /get/SFTPMSI64.exe HTTP/1.1
Host: www.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.smartftp.com/get/Client?platform=x64
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Aug 2023 04:56:45 GMT
content-length: 171
X-Firefox-Spdy: h2
|
| www.smartftp.com/get/Client?platform=x64 | 192.99.223.240 | 302 Found | 0 B |
URL User Request GET HTTP/2www.smartftp.com/get/Client?platform=x64 IP192.99.223.240:443
CertificateIssuerLet's Encrypt Subject*.smartftp.com FingerprintFE:02:10:38:F8:61:88:BF:13:A5:5E:60:1A:34:AE:C3:53:37:99:C5 ValidityWed, 02 Aug 2023 02:16:00 GMT - Tue, 31 Oct 2023 02:15:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/Client?platform=x64 HTTP/1.1
Host: www.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://static.smartftp.com/static/Products/Client/10.0.3142.0/x64/SmartFTP-Setup.exe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
date: Sun, 13 Aug 2023 04:56:45 GMT
content-length: 0
X-Firefox-Spdy: h2
|
| static.smartftp.com/static/Products/Client/10.0.3142.0/x64/SmartFTP-Setup.exe |  104.21.12.126 | 200 OK | 10 MB |
URL User Request GET HTTP/2static.smartftp.com/static/Products/Client/10.0.3142.0/x64/SmartFTP-Setup.exe IP104.21.12.126:443
CertificateIssuerLet's Encrypt Subjectsmartftp.com Fingerprint59:45:49:04:45:BB:3D:E2:98:29:27:2C:6D:5F:3D:DA:C5:1F:A8:12 ValiditySat, 15 Jul 2023 08:17:03 GMT - Fri, 13 Oct 2023 08:17:02 GMT
File typePE32+ executable (GUI) x86-64, for MS Windows\012- data Size10 MB (10107624 bytes) Hashe6161a482cac19d9f922e089a2ed7263 61e86c2021f575e778c8707b24846b7ff9374bfd bb3b20b9b551ffaf0a77f2102e228471cd66494416a04ac129da38cdce636af3
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /static/Products/Client/10.0.3142.0/x64/SmartFTP-Setup.exe HTTP/1.1
Host: static.smartftp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 13 Aug 2023 04:56:46 GMT
content-type: application/octet-stream
content-length: 10107624
last-modified: Sat, 12 Aug 2023 23:58:06 GMT
etag: "882bd9d678cdd91:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; form-action 'self'; font-src 'self'; frame-src 'self'; base-uri 'self'
feature-policy: camera 'none';microphone 'none';geolocation 'none';
referrer-policy: strict-origin
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://smartftp.report-uri.com/a/d/g"}],"include_subdomains":true}
alt-svc: h3=":443"; ma=86400
cache-control: max-age=7200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f5e5f95adbbb521-OSL
X-Firefox-Spdy: h2
|