| www.wireshark.org/download/win32/all-versions/wireshark-win32-1.5.0.exe |  172.67.75.39 | 200 OK | 19 MB |
URL User Request GET www.wireshark.org/download/win32/all-versions/wireshark-win32-1.5.0.exe IP172.67.75.39:443
CertificateIssuerGoogle Trust Services Subjectwireshark.org Fingerprint46:52:DB:85:34:6B:92:BE:6C:F4:78:07:69:AA:33:0F:F5:1A:07:A7 ValidityMon, 05 May 2025 19:38:34 GMT - Sun, 03 Aug 2025 20:38:29 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections Size19 MB (18803967 bytes) Hashe0ed5ad56cd9693afa94285ca45c4adb e406d27a3a9ffbcabb313e610b30eb3e12dbfcfe 998b94e255b1d4ba6cf0bc6fa73987f20d3cb1c1b2d50e6643364b89a77aabff
| Analyzer | Verdict | Alert |
|---|
| YARAhub by abuse.ch | malware | Detect files is `SliverFox` malware |
GET /download/win32/all-versions/wireshark-win32-1.5.0.exe HTTP/1.1
Host: www.wireshark.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 May 2025 09:27:36 GMT
content-type: application/x-msdos-program
content-length: 18803967
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-slogan: Sniffing the glue that holds the Internet together., Go deep.
last-modified: Mon, 24 Jan 2011 21:51:37 GMT
etag: "11eecff-49a9e9aa72c40"
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com https://*.googletagmanager.com https://conference.wireshark.org https://ticketing.wireshark.org; connect-src 'self' https://cloudflareinsights.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://ticketing.wireshark.org; style-src 'self' 'unsafe-inline' https://ticketing.wireshark.org; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://ipv6.google.com https://ipv4.google.com https://ticketing.wireshark.org; media-src data:; font-src 'self' https:; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://ticketing.wireshark.org; report-uri https://wiresharkfoundation.uriports.com/reports/report; report-to default
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-WoW64
cache-control: public, max-age=14400, s-maxage=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOENnB6vcjrW%2Bub79cpdnPJAS5QvJT%2FeA96GG4MiXzth3jTuO5jmAurlYajn78MYl1ZgVsD5pH9zb2WFRYkI%2BdEebG%2F6zztkhJyUjDGbb%2FqcFfeGXSRslC2lzW0oAa%2FNnTcm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 93b771539bd856be-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6337&min_rtt=477&rtt_var=11757&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3278&recv_bytes=1295&delivery_rate=7927007&cwnd=254&unsent_bytes=0&cid=69f833ef80d38f1d&ts=758&x=0"
X-Firefox-Spdy: h2
|