Report - www.winimage.com/zLibDll/zlib123dllx64.zip

Report Overview

Visited public
2024-12-30 01:21:28
Tags
URL
www.winimage.com/zLibDll/zlib123dllx64.zip
Finishing URL
about:privatebrowsing
IP / ASN
205.251.81.217
#29838 AMC
Title
about:privatebrowsing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.winimage.com	unknown	1996-11-29	2015-08-05	2024-12-26	496 B	146 kB	205.251.81.217

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
www.winimage.com/zLibDll/zlib123dllx64.zip
IP
205.251.81.217
ASN
#29838 AMC

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
146 kB (145513 bytes)
Hash
c97a8014de2e84c1a2b8f4b6528681f6
62ec320233c51ef45da12993f7f30c0248b70863
fd324c6923aa4f45a60413665e0b68bb34a7779d0861849e02d2711ff8efb9a4

Archive (9)

Filename

Md5

File type

readme.txt

668dec84c82e7e29a1b0ee6cf3c5c4a8

ASCII text, with CRLF line terminators

miniunz.exe

9fa2ddc1e05fd053e3bda9d59ba3dfdd

PE32+ executable (console) x86-64, for MS Windows, 4 sections

minizip.exe

0b221afb4cea9aba4aaacf4be6bc6a66

PE32+ executable (console) x86-64, for MS Windows, 5 sections

testzlib.exe

fb37cb688e73105f04a49cdfe4fd58c2

PE32+ executable (console) x86-64, for MS Windows, 4 sections

zlibvc.sln

a7b3af68f023877eac12cd02d44d2839

Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

zlibwapi.dll

dd91e4c7d445c31682ebdd22e732d93d

PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections

zlibwapi.exp

1173db046dd018c54383c83204c94dfa

Intel amd64 COFF object file, not stripped, 3 sections, symbol offset=0xfa8, 170 symbols, created Mon Jul 18 15:48:42 2005, 1st section name ".edata"

zlibwapi.lib

94f3aef61a48b5fe64b1689244fbdce3

current ar archive

zlibstat.lib

a3b2fc6b68efafa89b0882e354fc8418

current ar archive

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

www.winimage.com/zLibDll/zlib123dllx64.zip

205.251.81.217

200 OK

146 kB

URL User Request GET HTTP/2
www.winimage.com/zLibDll/zlib123dllx64.zip
IP
205.251.81.217:443
ASN
#29838 AMC

Certificate
IssuerLet's Encrypt
Subjectbeauvoir.winimage.com
Fingerprint2A:85:5F:02:CE:9C:1D:BD:1B:7A:82:58:C6:1D:F0:DE:11:06:35:70
ValiditySat, 28 Dec 2024 10:12:19 GMT - Fri, 28 Mar 2025 10:12:18 GMT

File type
Zip archive data, at least v1.0 to extract, compression method=store
Size
146 kB (145513 bytes)
Hash
c97a8014de2e84c1a2b8f4b6528681f6
62ec320233c51ef45da12993f7f30c0248b70863
fd324c6923aa4f45a60413665e0b68bb34a7779d0861849e02d2711ff8efb9a4

Detections

Analyzer	Verdict	Alert
VirusTotal	suspicious	VirusTotal - Scan result 1/67

HTTP Headers

GET /zLibDll/zlib123dllx64.zip HTTP/1.1
Host: www.winimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/zip
last-modified: Mon, 18 Jul 2005 16:19:01 GMT
accept-ranges: bytes
content-length: 145513
date: Mon, 30 Dec 2024 01:21:03 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (9)

Detections

JavaScript (0)

HTTP Transactions (1)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers