www.ashampoo.com/ashampoo_winoptimizer_26_sm.exe
302 Found 566 B URL User Request GET HTTP/1.1 www.ashampoo.com/ashampoo_winoptimizer_26_sm.exe
IP
Certificate IssuerSectigo Limited
Subjectwww.ashampoo.com
Fingerprint12:FD:C6:5A:FE:C7:34:AB:F2:FD:0F:33:27:26:F9:29:3C:8C:2B:C6
ValidityThu, 27 Apr 2023 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ad7c4ab82054e2aa7b80dbe6d485fa1d
f69b61ff7ffc226a7fda23671a25edc3bdbdbaf3
9af453a6944cfd08ad228f2901d587aaa3ae006204cdba337de3eed127876b46
GET /ashampoo_winoptimizer_26_sm.exe HTTP/1.1
Host: www.ashampoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 23 Nov 2023 12:45:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31556926
Cache-Control: no-cache, private
Location: https://cdn1.ashampoo.net/ashampoo/6706/ashampoo_winoptimizer_26_26.00.20_sm.exe
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ii9JTmFkQ3JSVnA2dlhITGg4QlNNclE9PSIsInZhbHVlIjoiOXZYWkNia08rdFM0MWdvRWU4L3d2b1VJSUJOenZvYS9pSjB6dU5KMHlaWTNBYjdJV3NLQ3JxL2lUMW5EQVM5SWhMaUNBNEhYa3hKR1lRajcrNGs0OTJXSHBiMnZ2a1F4ZTB6Nzl3WnNrSjU1c0tNSElyS0xnZkNUOWJJbldQVGoiLCJtYWMiOiIzOThjYjVlMjE5ZDQzM2Y1N2RiMTNmOGE5MDEyMTc5ZGIxMmRmYzFiZWNmYmZmNDVlMjY4OTYwYjUxMmRiNDhmIiwidGFnIjoiIn0%3D; expires=Thu, 23 Nov 2023 14:45:55 GMT; Max-Age=7200; path=/; samesite=lax
ashampoo_session=eyJpdiI6Iml3TTR0WUdmaS8wSm11eVZKdElobnc9PSIsInZhbHVlIjoiK2VieFBkQkFzWXRhdEE4SU1VcENidTJlaUx0Q0NvcjVBcFBIdktxOWFaVGYyUXpGK09wZWFHaHcxRUpCUjRMZEhYTnZBRlgvcExDbFg2b2kwM3NSek5GZGNucGZpZTlRRVpGMWlsaDR3NzBxSDVORGcyR24wc0Rad3pJL001U1MiLCJtYWMiOiI2Y2FmMzg3NWE1ZTZkOTI0MDM1MGNhNDU5NjQ4ODM2NTAzNzg2MzczNWRlOWI5ZmIzM2I0MGRhY2RiZjI5N2YwIiwidGFnIjoiIn0%3D; expires=Thu, 23 Nov 2023 14:45:55 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Access-Control-Allow-Origin: *
Content-Security-Policy: frame-ancestors 'self' https://*.ashampoo.com https://*.cms.test
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash ae1efe7d33e1769794a397a491654151
615efabf81f06aa49ff09eb6d7315e32d52214e4
2f18d66a60be97ea4f0c37436c6587775e744889f8a30fa124bc08b493188e24
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 23 Nov 2023 12:45:56 GMT
Last-Modified: Thu, 23 Nov 2023 11:38:25 GMT
Server: ECAcc (amb/6AEA)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9J4hvFwoDUrTPoGN5aBP5aHH6ozpSLZ7cmjTL5mzTxPkhGyhZSYOmA==
Age: 4051
cdn1.ashampoo.net/ashampoo/6706/ashampoo_winoptimizer_26_26.00.20_sm.exe
200 OK 29 MB URL User Request GET HTTP/2 cdn1.ashampoo.net/ashampoo/6706/ashampoo_winoptimizer_26_26.00.20_sm.exe
IP
Certificate IssuerAmazon
Subject*.ashampoo.net
Fingerprint91:F0:B0:BD:BF:9C:EA:41:7F:38:38:19:89:BA:3D:CB:E8:53:06:DE
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File type PE32 executable (GUI) Intel 80386, for MS Windows\012- data
Size 29 MB (29308616 bytes)
Hash 3b30e421ce438f1b4c934316ec49b9e2
03d4ab76d8eff4e585fea9e6eca617d34c2ab877
82029c353dad371da4c4a3b05c16bfdeb26aea9561e81c85b80f5103a73ea61c
Analyzer Verdict Alert VirusTotal suspicious
GET /ashampoo/6706/ashampoo_winoptimizer_26_26.00.20_sm.exe HTTP/1.1
Host: cdn1.ashampoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 29308616
date: Thu, 23 Nov 2023 12:45:57 GMT
last-modified: Mon, 20 Nov 2023 07:15:04 GMT
etag: "3b30e421ce438f1b4c934316ec49b9e2"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kHpkyePMcI9wZGpT7GChnnH-u3EoJhj2kg_t_Cgb680RC46McZRzgg==
X-Firefox-Spdy: h2
18.197.209.74
54.230.218.11