| www.flashpeak.com/blazeftp/blazeftp.exe |  148.72.22.223 | 301 Moved Permanently | 252 B |
URL User Request GET HTTP/1.1www.flashpeak.com/blazeftp/blazeftp.exe IP148.72.22.223:443 ASN#400754 GO-DADDY-COM-LLC
CertificateIssuercPanel, Inc. Subjectflashpeak.com Fingerprint2E:95:5E:B1:01:D9:5A:18:D7:A9:A0:6A:0B:DC:2C:BE:2A:1C:AF:72 ValidityMon, 19 Feb 2024 00:00:00 GMT - Sun, 19 May 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashe0abae64cb0059932bdd4158c12e13f5 861fe1cfd13d44af3dc99557b28ecb61d1997151 d5b4bf517ca3e54bc7ff5003df6b65bd211d8e99f0b1598dc69416e1920f3c62
GET /blazeftp/blazeftp.exe HTTP/1.1
Host: www.flashpeak.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 17 Apr 2024 23:57:17 GMT
Server: Apache
Location: http://www.slimjet.com/blazeftp/blazeftp.exe
Content-Length: 252
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
| www.slimjet.com/blazeftp/blazeftp.exe | 148.72.22.223 | 200 OK | 253 B |
URL User Request GET HTTP/1.1www.slimjet.com/blazeftp/blazeftp.exe IP148.72.22.223:443 ASN#400754 GO-DADDY-COM-LLC
CertificateIssuercPanel, Inc. Subjectslimjet.com FingerprintE4:BB:11:BC:CE:D2:27:28:1A:C6:99:53:F7:3F:E4:89:D1:0A:1D:D0 ValiditySat, 17 Feb 2024 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashdf43e60d7ab263ea418613d9345346eb d450f6c4f72e258df008c329e86406990d1f834f 1f1b4b025345f3a914bc587b16bb0ff7c893bcc0a73079eab2d93aa0a5bc57c3
GET /blazeftp/blazeftp.exe HTTP/1.1
Host: www.slimjet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 17 Apr 2024 23:57:17 GMT
Server: Apache
Location: https://www.slimjet.com/blazeftp/blazeftp.exe
Content-Length: 253
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
| www.slimjet.com/blazeftp/blazeftp.exe | 148.72.22.223 | 200 OK | 723 kB |
URL User Request GET HTTP/1.1www.slimjet.com/blazeftp/blazeftp.exe IP148.72.22.223:443 ASN#400754 GO-DADDY-COM-LLC
CertificateIssuercPanel, Inc. Subjectslimjet.com FingerprintE4:BB:11:BC:CE:D2:27:28:1A:C6:99:53:F7:3F:E4:89:D1:0A:1D:D0 ValiditySat, 17 Feb 2024 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, 8 sections Size723 kB (723331 bytes) Hash28d605558db8ca1fa83c6719b6d6ab31 a8d6a8ac20f53f4eae8422a7429144a485841e25 b09a17e8cbe2aa6e173c63bcaa1283f668e03056ee986f5d38c384a869b5a5d2
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | suspicious | |
GET /blazeftp/blazeftp.exe HTTP/1.1
Host: www.slimjet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 23:57:18 GMT
Server: Apache
Last-Modified: Sat, 11 Jul 2009 18:00:00 GMT
Accept-Ranges: bytes
Content-Length: 723331
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-msdownload
|