| www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe |  146.247.62.219 | 200 OK | 4.8 kB |
URL User Request GET HTTP/1.1www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe IP146.247.62.219:443
CertificateIssuerLet's Encrypt Subjectfoobar2000.org Fingerprint84:F4:69:56:B6:C5:68:99:B6:08:E4:0D:69:D0:AD:62:72:07:CE:FF ValidityWed, 27 Dec 2023 11:03:44 GMT - Tue, 26 Mar 2024 11:03:43 GMT
File typeHTML document, ASCII text, with very long lines (490), with CRLF, LF line terminators Hash135586169be093208f6d6a0f7195e5af 796e61aa072f5283240ce10d7f572ddc9e243633 e8bb4044a7584edb1bcb4c31bdfd8e8ee4a404064f6eb9fc458261153de4ec50
GET /getfile/foobar2000-x64_v2.1.1.exe HTTP/1.1
Host: www.foobar2000.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Jan 2024 21:09:27 GMT
Server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
X-Powered-By: PHP/7.2.24
Cache-Control: no-cache, must-revalidate
refresh: 0;URL=https://www.foobar2000.org/files/foobar2000-x64_v2.1.1.exe
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| www.foobar2000.org/foo.css | 146.247.62.219 | 200 OK | 11 kB |
URL GET HTTP/1.1www.foobar2000.org/foo.css IP146.247.62.219:443
Requested byhttps://www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe CertificateIssuerLet's Encrypt Subjectfoobar2000.org Fingerprint84:F4:69:56:B6:C5:68:99:B6:08:E4:0D:69:D0:AD:62:72:07:CE:FF ValidityWed, 27 Dec 2023 11:03:44 GMT - Tue, 26 Mar 2024 11:03:43 GMT
File typeASCII text, with CRLF line terminators Hashcedfe727a3a5abbd1ea89ee31d92e6da 297969c25e308acd46f2ad5a6a15a17d5e728d24 904d3d4ca59804a041ce2d715c4580185de072617a2c0437b5beae4770931b00
GET /foo.css HTTP/1.1
Host: www.foobar2000.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Jan 2024 21:09:28 GMT
Server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
Last-Modified: Mon, 15 Mar 2021 14:24:30 GMT
ETag: "29a0-5bd94020d60bb"
Accept-Ranges: bytes
Content-Length: 10656
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| www.foobar2000.org/foobarlogo.png | 146.247.62.219 | 200 OK | 2.0 kB |
URL GET HTTP/1.1www.foobar2000.org/foobarlogo.png IP146.247.62.219:443
Requested byhttps://www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe CertificateIssuerLet's Encrypt Subjectfoobar2000.org Fingerprint84:F4:69:56:B6:C5:68:99:B6:08:E4:0D:69:D0:AD:62:72:07:CE:FF ValidityWed, 27 Dec 2023 11:03:44 GMT - Tue, 26 Mar 2024 11:03:43 GMT
File typePNG image data, 325 x 48, 8-bit grayscale, non-interlaced Hash649faad465256523c4b8a71b246fd701 8d4b7242af31fa8f593b458193692990d26ab404 e8994afefe90a159680f2c2ba834e1a26d15fe0bc21c5cf143cc92b2202b2ced
GET /foobarlogo.png HTTP/1.1
Host: www.foobar2000.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Jan 2024 21:09:28 GMT
Server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
Last-Modified: Mon, 15 Mar 2021 14:24:30 GMT
ETag: "7ad-5bd94020e146c"
Accept-Ranges: bytes
Content-Length: 1965
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| www.dbpoweramp.com/images/cd-ripper-secure.png | 146.247.62.217 | 200 OK | 12 kB |
URL GET HTTP/2www.dbpoweramp.com/images/cd-ripper-secure.png IP146.247.62.217:443
Requested byhttps://www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe CertificateIssuerDigiCert, Inc. Subjectdbpoweramp.com Fingerprint67:21:CC:DD:38:34:4D:91:E8:86:B7:AE:AD:8E:52:3C:73:53:C7:91 ValidityWed, 01 Feb 2023 00:00:00 GMT - Sun, 03 Mar 2024 23:59:59 GMT
File typePNG image data, 80 x 122, 8-bit/color RGB, non-interlaced Hash09d06cbba1a098ffdf60ec97282206cd 8026de01dcf17a82c866f74774a8b5fe6e4f71e1 76262697f670426d701e47bf4abe2576a84a9f666e482c7bd5c2ee8469d99871
GET /images/cd-ripper-secure.png HTTP/1.1
Host: www.dbpoweramp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.foobar2000.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 17 Jun 2016 11:36:09 GMT
accept-ranges: bytes
etag: "a09b7f718cc8d11:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 26 Jan 2024 21:09:28 GMT
content-length: 12261
X-Firefox-Spdy: h2
|
|
| www.dbpoweramp.com/images/dmc/dmc.png | 146.247.62.217 | 200 OK | 5.0 kB |
URL GET HTTP/2www.dbpoweramp.com/images/dmc/dmc.png IP146.247.62.217:443
Requested byhttps://www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe CertificateIssuerDigiCert, Inc. Subjectdbpoweramp.com Fingerprint67:21:CC:DD:38:34:4D:91:E8:86:B7:AE:AD:8E:52:3C:73:53:C7:91 ValidityWed, 01 Feb 2023 00:00:00 GMT - Sun, 03 Mar 2024 23:59:59 GMT
File typePNG image data, 160 x 122, 8-bit colormap, non-interlaced Hashc7ac8a693bb4b4d4fb79c33b65ea8f2e af13c7ae6895891122030d940623fa62c886313c 0dc42c8306f0db5b0393531edf3602af04a5e72dcfbeec013f93e957f70b471a
GET /images/dmc/dmc.png HTTP/1.1
Host: www.dbpoweramp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.foobar2000.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 17 Jun 2016 11:36:42 GMT
accept-ranges: bytes
etag: "4a7740858cc8d11:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 26 Jan 2024 21:09:28 GMT
content-length: 4951
X-Firefox-Spdy: h2
|
|
| www.dbpoweramp.com/images/pt-art-main.png | 146.247.62.217 | 200 OK | 7.3 kB |
URL GET HTTP/2www.dbpoweramp.com/images/pt-art-main.png IP146.247.62.217:443
Requested byhttps://www.foobar2000.org/getfile/foobar2000-x64_v2.1.1.exe CertificateIssuerDigiCert, Inc. Subjectdbpoweramp.com Fingerprint67:21:CC:DD:38:34:4D:91:E8:86:B7:AE:AD:8E:52:3C:73:53:C7:91 ValidityWed, 01 Feb 2023 00:00:00 GMT - Sun, 03 Mar 2024 23:59:59 GMT
File typePNG image data, 106 x 106, 8-bit/color RGB, non-interlaced Hash2a393852574af6bea1f37ca78ca3b93c 5d0629a57481adbb2c960df0a7971d7302ce18c2 707114f37343ca7a0fbcf2cee770d2e34b2ff4ef6b29afbe2b16b2410d1f9f05
GET /images/pt-art-main.png HTTP/1.1
Host: www.dbpoweramp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.foobar2000.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 17 Jun 2016 11:36:23 GMT
accept-ranges: bytes
etag: "f289aa798cc8d11:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 26 Jan 2024 21:09:28 GMT
content-length: 7317
X-Firefox-Spdy: h2
|
|
| www.foobar2000.org/files/foobar2000-x64_v2.1.1.exe | 146.247.62.219 | 200 OK | 6.8 MB |
URL User Request GET HTTP/1.1www.foobar2000.org/files/foobar2000-x64_v2.1.1.exe IP146.247.62.219:443
CertificateIssuerLet's Encrypt Subjectfoobar2000.org Fingerprint84:F4:69:56:B6:C5:68:99:B6:08:E4:0D:69:D0:AD:62:72:07:CE:FF ValidityWed, 27 Dec 2023 11:03:44 GMT - Tue, 26 Mar 2024 11:03:43 GMT
File typePE32+ executable (GUI) x86-64, for MS Windows, Nullsoft Installer self-extracting archive, 6 sections Size6.8 MB (6789225 bytes) Hash60436cbbac3aa6451657d478ae1753b9 4ae90003858972ba96ede4289eeeabd77fb120dc 09a7717bfca0968236fc80762c98ddae2c811b7a0fb63b23b99e6a5174fe963d
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /files/foobar2000-x64_v2.1.1.exe HTTP/1.1
Host: www.foobar2000.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Jan 2024 21:09:28 GMT
Server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
Last-Modified: Tue, 16 Jan 2024 12:22:45 GMT
ETag: "679869-60f0f300d14a1"
Accept-Ranges: bytes
Content-Length: 6789225
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/octet-stream
|
|