Report - www.thecnlab.com/scimark_graphics_mac

Report Overview

Submitted URL
www.thecnlab.com/scimark_graphics_mac_x86.zip
IP
43.129.247.44
ASN
#132203 Tencent Building, Kejizhongyi Avenue
Submitted
2024-05-10 10:52:23
Access
public
Website Title
about:privatebrowsing
Final URL
about:privatebrowsing
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.thecnlab.com	unknown	2003-12-12	2015-07-20	2022-05-30	682 B	58 kB	43.129.247.44
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-05-09	512 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.thecnlab.com/scimark_graphics_mac_x86.zip
IP
43.129.247.44
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
57 kB (56674 bytes)
Hash
830d2046ca0ec10e9c4c6b592fa36f1c
641c75d2382b0d418fdf2b2cb4ebd32c4b8646e6
9307a88d8c588b38d2905d064531776b3c2dadec4cb177b48f005286fde5553a

Archive (6)

Modified	Filename	Size	Md5	File type
2023-01-13 10:25	scimark_screens_mac	86 kB	9b98a4f5f36710f3aff9335bbbf92386	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|WEAK_DEFINES\|BINDS_TO_WEAK\|PIE>
2023-01-13 11:17	scimark_screens_mac_readme.htm	4.5 kB	bec4f4b8e0f0cd773867b3d06e958448	HTML document, ASCII text, with CRLF line terminators
2023-01-13 10:28	scimark_triangles_mac	107 kB	7cc2784022ca30d3344396548d037e2a	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|WEAK_DEFINES\|BINDS_TO_WEAK\|PIE>
2023-01-13 11:14	scimark_triangles_mac_readme.htm	4.9 kB	7f9d90e4783916feed9ca2d8bfdfbb19	HTML document, ASCII text, with CRLF line terminators
2023-01-13 10:32	scimark_cube_mac	117 kB	59a4929731fe21e7fc45b9b9a966d73e	Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS\|DYLDLINK\|TWOLEVEL\|WEAK_DEFINES\|BINDS_TO_WEAK\|PIE>
2023-01-13 11:12	scimark_cube_mac_readme.htm	5.0 kB	aa54f04455f4f570d5b1bb31566b8f5c	HTML document, ASCII text, with CRLF line terminators

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/49

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

www.thecnlab.com/

43.129.247.44

1.1 kB

URL
www.thecnlab.com/
IP
43.129.247.44:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Size
1.1 kB (1054 bytes)
Hash
516d39ce5499cf64a33fbba94fd63a0c
4e48c5ffd6892fc0673045882dba8ab4f869e176
1da0b64078f83414593fe4fc87e4640bdda56177b48f01d9ccad57907a6ec02c

HTTP Headers

GET / HTTP/1.1
Host: www.thecnlab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 14:20:37 GMT
Accept-Ranges: bytes
ETag: "929af07cf4c4d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: WAF/2.0
Date: Fri, 10 May 2024 10:51:50 GMT
Content-Length: 1054

www.thecnlab.com/scimark_graphics_mac_x86.zip

43.129.247.44

200 OK

57 kB

URL User Request GET HTTP/1.1
www.thecnlab.com/scimark_graphics_mac_x86.zip
IP
43.129.247.44:80
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
57 kB (56674 bytes)
Hash
830d2046ca0ec10e9c4c6b592fa36f1c
641c75d2382b0d418fdf2b2cb4ebd32c4b8646e6
9307a88d8c588b38d2905d064531776b3c2dadec4cb177b48f005286fde5553a

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/49

HTTP Headers

GET /scimark_graphics_mac_x86.zip HTTP/1.1
Host: www.thecnlab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/x-zip-compressed
Last-Modified: Fri, 13 Jan 2023 03:21:28 GMT
Accept-Ranges: bytes
ETag: "ebd8e21ffe26d91:0"
Server: Microsoft-IIS/10.0
X-Powered-By: WAF/2.0
Date: Fri, 10 May 2024 10:51:50 GMT
Content-Length: 56674

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=uxb2VG5shr8wKhbzcQoqQCvVOtEliG529jhXzaMxck1e9b_vRD5WXi9LKSGiwOunVFJu5m54AU9Vb7QhN57S-YhANbdQ1HrytXU3ThdHslA4WGmz0WrxkfZ0W2sixu4M
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 10 May 2024 10:51:45 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 33
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (6)

Detections

JavaScript (0)

HTTP Transactions (3)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers