| GET www.rarsoft.com/rar/wrar393.exe |  51.195.68.162 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2www.rarsoft.com/rar/wrar393.exe IP51.195.68.162:443
CertificateIssuerLet's Encrypt Subjectrarlabs.com FingerprintEC:4C:36:6E:8F:F0:ED:C5:E4:EC:9F:C1:0E:59:85:98:92:03:89:D1 ValidityWed, 22 Nov 2023 22:06:02 GMT - Tue, 20 Feb 2024 22:06:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rar/wrar393.exe HTTP/1.1
Host: www.rarsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-length: 0
location: https://www.rarlab.com/rar/wrar393.exe
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
X-Firefox-Spdy: h2
|
| GET www.rarlab.com/rar/wrar393.exe | 51.195.68.162 | 200 OK | 1.4 MB |
URL User Request GET HTTP/2www.rarlab.com/rar/wrar393.exe IP51.195.68.162:443
CertificateIssuerLet's Encrypt Subjectrarlab.com FingerprintC6:D0:23:A9:3C:D8:A2:D2:23:51:66:1C:6E:41:A3:9A:70:6E:F8:0E ValidityWed, 22 Nov 2023 22:11:03 GMT - Tue, 20 Feb 2024 22:11:02 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, RAR self-extracting archive\012- data Size1.4 MB (1364522 bytes) Hashb3b121ccac92a71152d3aa6a783927d4 b51e3dcd8edaad1cb77550a9cfd6266c4925c630 31c84f5d740eb7b497fcfd5e963123d0a1a94afe6edfd18cfc23b2d1234078fb
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /rar/wrar393.exe HTTP/1.1
Host: www.rarlab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 19:34:43 GMT
server: Apache
last-modified: Tue, 13 Apr 2010 09:49:37 GMT
etag: "14d22a-4841b2df72e40"
accept-ranges: bytes
content-length: 1364522
content-type: application/octet-stream
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
X-Firefox-Spdy: h2
|