Report - static.lufaxcdn.com/mres/android/a34de39787174348951226c94b5accb7.zip

Report Overview

Submitted URL
static.lufaxcdn.com/mres/android/a34de39787174348951226c94b5accb7.zip
IP
218.12.76.168
ASN
#4837 CHINA UNICOM China169 Backbone
Submitted
2024-04-26 06:22:22
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static.lufaxcdn.com	unknown	2014-02-24	2014-07-04	2024-04-15	523 B	54 kB	218.12.76.168
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-24	512 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
static.lufaxcdn.com/mres/android/a34de39787174348951226c94b5accb7.zip
IP
218.12.76.168
ASN
#4837 CHINA UNICOM China169 Backbone

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
54 kB (53571 bytes)
Hash
c22283aeb90fd4308ec5f411249d1362
425ac275b2835293c0b78bd73d17482a579a9943
62ea21c9c7926a70898276c3f5bbe726151bb11ce0922778afd244975bffb262

Archive (2)

Filename

Md5

File type

lufax_8.22.0.0_x32.tk

8105702a1055bc50b89ded6b0d51d532

Zip archive data, at least v2.0 to extract, compression method=deflate

lufax_8.22.0.0_x64.tk

3a10f6e5acf1678b44486b2c2c8857a3

Zip archive data, at least v2.0 to extract, compression method=deflate

JavaScript (0)

HTTP Transactions (2)

	URL	IP	Response	Size
	static.lufaxcdn.com/mres/android/a34de39787174348951226c94b5accb7.zip	218.12.76.168	200 OK	54 kB
URL User Request GET HTTP/1.1 static.lufaxcdn.com/mres/android/a34de39787174348951226c94b5accb7.zip IP 218.12.76.168:443 ASN #4837 CHINA UNICOM China169 Backbone Certificate IssuerDigiCert Inc Subject.lufaxcdn.com FingerprintF4:C8:36:92:A9:CB:00:00:07:7B:54:87:C0:3B:00:81:D0:7F:F3:9D ValidityTue, 13 Jun 2023 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT File type Zip archive data, at least v2.0 to extract, compression method=deflate Size 54 kB (53571 bytes) Hash c22283aeb90fd4308ec5f411249d1362 425ac275b2835293c0b78bd73d17482a579a9943 62ea21c9c7926a70898276c3f5bbe726151bb11ce0922778afd244975bffb262 HTTP Headers GET /mres/android/a34de39787174348951226c94b5accb7.zip HTTP/1.1 Host: static.lufaxcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Fri, 26 Apr 2024 06:21:57 GMT Content-Type: application/zip Content-Length: 53571 Connection: keep-alive Server: openresty Last-Modified: Fri, 01 Jul 2022 06:04:21 GMT ETag: "62be8e65-d143" via: CHN-HEshijiazhuang-AREACUCC1-CACHE55[10],CHN-HEshijiazhuang-AREACUCC1-CACHE33[0,TCP_HIT,3],CHN-TJ-GLOBAL1-CACHE60[29],CHN-TJ-GLOBAL1-CACHE33[0,TCP_HIT,28] x-hcs-proxy-type: 1 X-CCDN-CacheTTL: 2592000 nginx-hit: 1 Age: 1979529 Accept-Ranges: bytes Access-Control-Allow-Origin: `

	aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml	35.244.181.201		444 B
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP 35.244.181.201:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type XML 1.0 document, ASCII text, with very long lines (332) Size 444 B (444 bytes) Hash 3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463 HTTP Headers `GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1 Host: aus5.mozilla.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache Pragma: no-cache Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx rule-id: unknown rule-data-version: unknown content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=0X4OwU83AKJLQFecd8NIIHxS9np7J05NJYBMbgKXRPG1wMm5FN6GPMFJ0NX5g9Gk4Ipns6ts4kkFsmHKsK7Ko1DmvN_mi3jiZrLl9gir7A0EgAcOrF_7fivzpNKIoF9i strict-transport-security: max-age=31536000; x-content-type-options: nosniff content-security-policy: default-src 'none'; frame-ancestors 'none' x-proxy-cache-status: MISS content-encoding: gzip via: 1.1 google date: Fri, 26 Apr 2024 06:21:51 GMT content-type: text/xml; charset=utf-8 vary: Accept-Encoding content-length: 444 age: 25 cache-control: public,max-age=90 alt-svc: clear X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (2)

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers