3g.7723.cn/apps/download/202310271909/1fe380f57f350eb2613c47d72f3d4e7e/125648.apk
302 Found 0 B URL User Request GET HTTP/2 3g.7723.cn/apps/download/202310271909/1fe380f57f350eb2613c47d72f3d4e7e/125648.apk
IP
ASN #4812 China Telecom Group
Certificate IssuerDigiCert, Inc.
Subject*.7723.cn
Fingerprint66:8A:43:D6:1B:75:DE:65:FE:E3:4A:FF:60:DD:A9:D8:D6:03:C2:9C
ValiditySat, 19 Nov 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apps/download/202310271909/1fe380f57f350eb2613c47d72f3d4e7e/125648.apk HTTP/1.1
Host: 3g.7723.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: Tengine
content-type: text/html; charset=utf-8
content-length: 0
location: https://apk12-auth.bazhang.com/202311171843/3d61da891a431eb5eabda75aea8f2d43/bigfiles/apk/0/20231024/8b9c5a5ab90dbf1b967c547abd7747b4180556.apk
date: Thu, 16 Nov 2023 10:43:15 GMT
set-cookie: HWWAFSESID=0dd777338333466c70; path=/
HWWAFSESTIME=1700131395442; path=/
cache-control: no-cache,must-revalidate
ali-swift-global-savetime: 1700131395
via: cache44.l2cn1807[156,156,302-0,M], cache25.l2cn1807[158,0], vcache22.cn6012[191,190,302-0,M], vcache18.cn6012[197,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Thu, 16 Nov 2023 10:43:15 GMT
x-swift-cachetime: 0
timing-allow-origin: *
eagleid: 3daa502617001313954033395e
X-Firefox-Spdy: h2
IP
ASN #4812 China Telecom Group
Certificate IssuerDigiCert, Inc.
Subject*.7723.cn
Fingerprint66:8A:43:D6:1B:75:DE:65:FE:E3:4A:FF:60:DD:A9:D8:D6:03:C2:9C
ValiditySat, 19 Nov 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET / HTTP/1.1
Host: 3g.7723.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Thu, 16 Nov 2023 10:43:17 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://3g.7723.cn/
Via: vcache4.cn6012[,0]
Timing-Allow-Origin: *
EagleId: 3daa501817001313975765178e
IP
ASN #4812 China Telecom Group
Certificate IssuerDigiCert, Inc.
Subject*.7723.cn
Fingerprint66:8A:43:D6:1B:75:DE:65:FE:E3:4A:FF:60:DD:A9:D8:D6:03:C2:9C
ValiditySat, 19 Nov 2022 00:00:00 GMT - Sat, 09 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 8691236b187e82b31ff2a57f6fa80231
4ce5cbd33831274d941fd1bf1e449ceb74b6f2e4
f092895b6e9b86ce15acb5e315ac747fd3a63ba41c8c9b7eb315ff5dcf8565b1
GET / HTTP/1.1
Host: 3g.7723.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: text/html; charset=utf-8
content-length: 8552
date: Thu, 16 Nov 2023 10:00:26 GMT
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
ali-swift-global-savetime: 1700128826
via: cache16.l2cn1807[0,0,200-0,H], cache44.l2cn1807[1,0], vcache2.cn6012[0,0,200-0,H], vcache20.cn6012[2,0]
age: 2572
x-cache: HIT TCP_MEM_HIT dirn:10:150112636
x-swift-savetime: Thu, 16 Nov 2023 10:00:52 GMT
x-swift-cachetime: 3574
timing-allow-origin: *
eagleid: 3daa502817001313986138397e
X-Firefox-Spdy: h2
apk12-auth.bazhang.com/202311171843/3d61da891a431eb5eabda75aea8f2d43/bigfiles/apk/0/20231024/8b9c5a5ab90dbf1b967c547abd7747b4180556.apk
200 OK 28 MB URL User Request GET HTTP/2 apk12-auth.bazhang.com/202311171843/3d61da891a431eb5eabda75aea8f2d43/bigfiles/apk/0/20231024/8b9c5a5ab90dbf1b967c547abd7747b4180556.apk
IP
ASN #132525 HeiLongJiang Mobile Communication Company Limited
Certificate IssuerDigiCert Inc
Subjectapk12-auth.bazhang.com
Fingerprint4C:BB:DB:B2:0D:21:4A:61:4B:A5:66:7E:66:6C:B7:F9:EC:24:CE:46
ValidityWed, 11 Jan 2023 00:00:00 GMT - Wed, 10 Jan 2024 23:59:59 GMT
File type Zip archive data, at least v0.0 to extract, compression method=deflate\012- data
Size 28 MB (27830650 bytes)
Hash fd6db2751e5563cf8031ae5b5d6858e3
d9548dc4b012b5460fabee30d9d10ed4159154b8
5d425b212dbbdf6bb227abb18a4ab5ae1d3e494b24e76b3d979fc1791861b546
Analyzer Verdict Alert VirusTotal suspicious
GET /202311171843/3d61da891a431eb5eabda75aea8f2d43/bigfiles/apk/0/20231024/8b9c5a5ab90dbf1b967c547abd7747b4180556.apk HTTP/1.1
Host: apk12-auth.bazhang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Byte-nginx
content-type: application/vnd.android.package-archive
content-length: 27830650
accept-ranges: bytes
age: 1989248
cache-control: max-age=31536000
etag: "fd6db2751e5563cf8031ae5b5d6858e3"
last-modified: Tue, 24 Oct 2023 10:08:56 GMT
via: cache36.sjzmp,cache02.hrbcm02
x-amz-meta-s2-size: 27830650
x-amz-request-id: 3ddbe2ec-2310-2418-0900-e8611f1b2845
x-amz-s2-requester: GRPS000000ANONYMOUSE
x-bdcdn-cache-status: TCP_MISS,TCP_HIT
x-request-id: af60d0036efcc6a9062129f38480fb37
x-request-ip: 91.90.42.154
x-response-cache: parent_hit
x-response-cinfo: 91.90.42.154
x-ser: BC71_dx-lt-yd-zhejiang-huzhou-3-cache-3, BC12_lt-liaoning-shenyang-14-cache-1
x-tt-trace-tag: id=5
date: Thu, 16 Nov 2023 10:43:17 GMT
X-Firefox-Spdy: h2
61.170.80.191