IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb34ca6af54e2b9fea57d418f5d1928f7 510b69f4470789a573217726d6f1a3d6ee765460 41e6a348aac9e9db44bfa14b3aa29d411f4489b375ae1f1be6b0d280af98541d
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "41E6A348AAC9E9DB44BFA14B3AA29D411F4489B375AE1F1BE6B0D280AF98541D"
Last-Modified: Mon, 08 Jul 2024 01:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5273
Expires: Wed, 10 Jul 2024 13:29:14 GMT
Date: Wed, 10 Jul 2024 12:01:21 GMT
Connection: keep-alive
|
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe08576e0904dc9903a9c20fa9e3d15b8 74feff76140500fd4a61e89c7e9d8d0a60df1183 ee690bacddf55fd12ae0c9c39e330e0a1a18776b9edc91b4aa6c5bae28824f1e
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EE690BACDDF55FD12AE0C9C39E330E0A1A18776B9EDC91B4AA6C5BAE28824F1E"
Last-Modified: Tue, 09 Jul 2024 15:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21080
Expires: Wed, 10 Jul 2024 17:52:41 GMT
Date: Wed, 10 Jul 2024 12:01:21 GMT
Connection: keep-alive
|
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe7492695b5254a3a63fcffb4f1ee8cec 0361713c6d8129210245347284c7c6babfd28fb7 5d1bc1c01894fd88a0d4680490977488d6458bb58a98ace24ef8aa103538bc1f
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D1BC1C01894FD88A0D4680490977488D6458BB58A98ACE24EF8AA103538BC1F"
Last-Modified: Tue, 09 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16520
Expires: Wed, 10 Jul 2024 16:36:41 GMT
Date: Wed, 10 Jul 2024 12:01:21 GMT
Connection: keep-alive
|
| download.hitpaw.com/downloads/hitpaw-watermark-remover_5680.exe | 104.18.24.102 | 200 OK | 1.8 MB |
URL User Request GET HTTP/2download.hitpaw.com/downloads/hitpaw-watermark-remover_5680.exe IP104.18.24.102:443
CertificateIssuerGoogle Trust Services Subjecthitpaw.com Fingerprint4D:1C:C7:B4:E2:51:99:47:64:49:89:14:AB:ED:1C:C9:80:EC:02:D0 ValiditySat, 08 Jun 2024 13:59:20 GMT - Fri, 06 Sep 2024 14:59:15 GMT
File typePE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed, 3 sections Size1.8 MB (1823496 bytes) Hash831d7de6eeb41c6df36bef3729aad265 e859a2e141d942c25ab2773a154ef0baf08197e9 eecb4425b1d532cbd0212510193ada9f0e28e92be1637714d4c6c64488926bb6
Analyzer | Verdict | Alert | VirusTotal | suspicious | |
GET /downloads/hitpaw-watermark-remover_5680.exe HTTP/1.1
Host: download.hitpaw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:21 GMT
content-type: application/octet-stream
content-length: 1823496
cf-ray: 8a10660febdbb527-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 35865
cache-control: public, max-age=691200
content-disposition: attachment;filename=hitpaw-watermark-remover.exe
etag: "65b76307-1bd308"
expires: Thu, 18 Jul 2024 12:01:21 GMT
last-modified: Mon, 29 Jan 2024 08:34:15 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashfc076d7a99abd74b9da6b35304bb93e9 9d541501d5141dcf7b4d839d6fcffabec81e1a14 c86804eff01a7bb9ff866508bfdb1b071cfa4a26617d11094b9f5226e1a4b970
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C86804EFF01A7BB9FF866508BFDB1B071CFA4A26617D11094B9F5226E1A4B970"
Last-Modified: Tue, 09 Jul 2024 16:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16902
Expires: Wed, 10 Jul 2024 16:43:04 GMT
Date: Wed, 10 Jul 2024 12:01:22 GMT
Connection: keep-alive
|
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd7b2c37e4b6c062d80ad32046f42d3d8 131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c 317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9133
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:01:23 GMT
Connection: keep-alive
|