IP104.18.38.233:0
Hashea65e8bd078fd2ff2408314cc9a46427 abb04028047e5ae5cf6bb4b034cf5a9cb039a91f 64514fbaeab09e4298739c514342c91c553fdeee5a84559925a246bf5e503ac1
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 10:45:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 May 2024 23:09:18 GMT
Expires: Tue, 14 May 2024 23:09:17 GMT
Etag: "abb04028047e5ae5cf6bb4b034cf5a9cb039a91f"
Cache-Control: max-age=599663,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881957345fa51bfe-OSL
|
| www.aggsoft.com/pad/rep/distr/app-00d918b01c8/site-001c01ff769/lng-eng/tcp-com-bridge.exe | 104.238.133.207 | 302 Found | 20 B |
URL User Request GET HTTP/1.1www.aggsoft.com/pad/rep/distr/app-00d918b01c8/site-001c01ff769/lng-eng/tcp-com-bridge.exe IP104.238.133.207:443
CertificateIssuerGoGetSSL Subject*.aggsoft.com Fingerprint78:30:54:A6:1E:7E:47:49:C8:DC:D1:10:6B:4A:CC:78:3C:61:2B:63 ValidityMon, 02 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /pad/rep/distr/app-00d918b01c8/site-001c01ff769/lng-eng/tcp-com-bridge.exe HTTP/1.1
Host: www.aggsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 10:45:36 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Security-Policy: default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: http://www.aggsoft.com/download/tcp-com-bridge.exe
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1
Access-Control-Allow-Origin: *
Content-Length: 20
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en
|
| www.aggsoft.com/download/tcp-com-bridge.exe | 104.238.133.207 | 200 OK | 4.8 MB |
URL User Request GET HTTP/1.1www.aggsoft.com/download/tcp-com-bridge.exe IP104.238.133.207:443
CertificateIssuerGoGetSSL Subject*.aggsoft.com Fingerprint78:30:54:A6:1E:7E:47:49:C8:DC:D1:10:6B:4A:CC:78:3C:61:2B:63 ValidityMon, 02 Oct 2023 00:00:00 GMT - Fri, 01 Nov 2024 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 8 sections Size4.8 MB (4810208 bytes) Hashf85f5ede789109214c0c5b7ecc373904 7753bc8be169d4b8ac55d8dce9696f1f1a86a505 ffa76a79be015b8d1d850180fcc7646b475b47f869279565e0756f30bb089580
Analyzer | Verdict | Alert | VirusTotal | suspicious | |
GET /download/tcp-com-bridge.exe HTTP/1.1
Host: www.aggsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 10:45:37 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Security-Policy: default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 4810208
X-XSS-Protection: 1
Access-Control-Allow-Origin: *
Pragma: no-cache
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Expires: Thu, 1 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/octet-stream
Content-Language: en
|