Report Overview
Visitedpublic
2025-05-13 01:19:03
Tags
Submit Tags
URL
www.west-wind.com/files/wwipstuff.zip
Finishing URL
about:privatebrowsing
IP / ASN

149.28.15.235
Title
about:privatebrowsing
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2
Host Summary
Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
---|---|---|---|---|---|---|---|---|
www.west-wind.com 1 alert(s) on this Domain | unknown | 1995-10-04 | 2012-08-31 | 2025-03-28 | 505 B | 944 kB | ![]() 149.28.15.235 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
No alerts detected
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
No alerts detected
PhishTank
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
File detected
URL
www.west-wind.com/files/wwipstuff.zip
IP / ASN

149.28.15.235
File Overview
File TypeZip archive data, at least v2.0 to extract, compression method=deflate
Size943 kB (943243 bytes)
MD53934e72698b6cc03d6df0210a0562293
SHA101241debe893befa557640cdcad8b3de7d75ba2b
Archive (44)
Filename | MD5 | File type |
---|---|---|
wwapi.PRG | 3f9716109a490181afc54f50b7241a66 | ASCII text, with CRLF line terminators |
wwcollections.prg | e4352a2471276dcc5cc1be593ddadb75 | ASCII text, with CRLF line terminators |
wwDotNetBridge.PRG | 3ba08da412d0ef30ee263adc1b88df9d | ASCII text, with CRLF line terminators |
wweval.PRG | 91ffb637cf2d15e624374568a7cfb70d | ASCII text, with CRLF line terminators |
wwftp.PRG | 6fa2555bed128c7f2fcc4ae17f2dee4d | ASCII text, with CRLF line terminators |
wwhttp.PRG | 55645966e4da7e4b79ad24c442126de8 | data |
wwPop3.PRG | 9d3ce400c0a60d07fae8e16e34107986 | ASCII text, with CRLF line terminators |
wwsmtp.PRG | 109a38f28ca86b17de300525048a355f | ASCII text, with CRLF line terminators |
wwsocket.PRG | 4e9c9db90aaa299a9a24355cea6b53be | ASCII text, with CRLF line terminators |
wwutils.PRG | df2fe1ca51fb247581332647fa01cbd0 | Unicode text, UTF-8 text, with CRLF line terminators |
wwxml.VCT | 8b89e905f3eb8498e49c1157851742a6 | MacBinary INVALID date "��" |
wwxml.VCX | c0031083ead0871e0d374acfba586b4d | Visual FoxPro DBF, 5 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Class " |
dunzip32.dll | c76d8e6eaefdfb62d0ddf7a670c2e5ed | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 7 sections |
dzip32.dll | 0a4cc328ae0bcb13e9056c9afcf3a9c5 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 8 sections |
load_wwipstuff.prg | fffb78c6b0e5fa05b5e8b8b5dc47e1a9 | ASCII text, with CRLF line terminators |
readme.htm | 64b7173db8e0a94ead0535b16831df6f | HTML document, ASCII text, with very long lines (364), with CRLF line terminators |
custlist.SCT | d8f364e0e7f7a13a643cac669a979a15 | data |
custlist.SCX | 33f2b02f52f527a2a388d2b14db4f8b3 | Visual FoxPro DBF, 23 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen " |
distfiles.DBF | ff8b09d2c5cf8f1f55be06ed8f18eca8 | Visual FoxPro DBF, 1 record * 49, update-date 11-4-11, codepage ID=0x3, with memo .FPT, at offset 392 1st record "wwipstuff.dll " |
distfiles.FPT | 05bd4ae560a959b5ef6cef38ac8bc7e9 | Adobe Photoshop Color swatch, version 0, 2009 colors; 1st RGB space (0), w 0x40, x 0, y 0, z 0; 2nd RGB space (0), w 0, x 0, y 0, z 0 |
ftp.SCT | f50dddf35f8a556f1ba616616e88885e | data |
ftp.SCX | 1db83a28b93970f45fe9d3d579ff9c5d | Visual FoxPro DBF, 22 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen " |
geturl.SCT | b933ce7727393b2a7c77f8ccd27f6335 | data |
geturl.SCX | d1072c8d0b911b8ee1f9d5d1f646406e | Visual FoxPro DBF, 10 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen " |
httpmenu.SCT | f94afc5a1a3b1cbaf8625ea4b20ac79a | data |
httpmenu.SCX | 906997f417d4982eecc517a57fcb58a5 | Visual FoxPro DBF, 13 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen " |
httpprogress.SCT | 927440f6aa16e513508822ce0ae2b1a3 | data |
httpprogress.scx | 3d52216ab69900ad984b452ff3f99f84 | Visual FoxPro DBF, 11 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen " |
httpsql.SCT | c1e758774aec07fb9262f2ac0be7339d | data |
httpsql.SCX | 4cc5d53a777b0d90d4496f0d30b4525c | Visual FoxPro DBF, 30 records * 109, update-date 05-11-16, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen " |
smtp.SCT | 3126cc7540c5d5c8b511c0039a464b5c | data |
smtp.scx | 1e240eaf9314f8e8d018b85e65504cbf | Visual FoxPro DBF, 29 records * 109, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1032 1st record "COMMENT Screen " |
wwHTTPDemo.PJT | 03ef7f0cdfede5b1f4b9aaaa80aafc11 | Adobe Photoshop Color swatch, version 0, 7850 colors; 1st RGB space (0), w 0x21, x 0, y 0, z 0; 2nd RGB space (0), w 0, x 0, y 0, z 0 |
wwHTTPDemo.pjx | bf41f55114e18b69df9348caa46383ab | Visual FoxPro DBF, 34 records * 130, update-date 11-5-18, codepage ID=0x3, with memo .FPT, at offset 1192 1st record "" |
wwipstuff_Samples.PRG | 2fdf326286774d1f830175c403faca1f | ASCII text, with CRLF line terminators |
wwsmtp_sample.PRG | 7256796dcf1fdfaf579f5f667a65932e | ASCII text, with CRLF line terminators |
wwDotNetBridge.dll | 74b17943030840190bd14e80f5b5beb6 | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows, 3 sections |
wwHttpDemo.APP | f00da152162550778c96aa06fac44216 | data |
wwipstuff.bmp | 892eb850f8bf0854e2802c0e0e111362 | PC bitmap, Windows 3.x format, 16 x 16 x 4, image size 128, 16 important colors, cbSize 246, bits offset 118 |
wwipstuff.chm | c0066ac8a110792cebe1b733a24a92b1 | MS Windows HtmlHelp Data |
wwipstuff.dll | 0477a7a83eacdbc19892a7598beb601b | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections |
zlib1.dll | 80e41408f6d641dc1c0f5353a0cc8125 | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections |
config.fpw | 953968e1b2ad4632b95511362f3171ae | ASCII text, with no line terminators |
wconnect.h | aabaf5ac18c9c55b8210b05db12d8df2 | ASCII text, with CRLF line terminators |
Detections
Analyzer | Verdict | Alert |
---|---|---|
VirusTotal | suspicious |
JavaScript (0)
No Javascripts found
No JavaScripts
HTTP Transactions (1)
URL | IP | Response | Size | |||||||
---|---|---|---|---|---|---|---|---|---|---|
GET www.west-wind.com/files/wwipstuff.zip | ![]() | 200 OK | 943 kB | |||||||
URL www.west-wind.com/files/wwipstuff.zip IP / ASN ![]() 149.28.15.235 Requested byN/A Resource Info File typeZip archive data, at least v2.0 to extract, compression method=deflate First Seen2025-05-13 Last Seen2025-05-13 Times Seen2 Size943 kB (943243 bytes) MD53934e72698b6cc03d6df0210a0562293 SHA101241debe893befa557640cdcad8b3de7d75ba2b SHA256bbd6ff0d324e7be6ddd5ef8c1be17d9fb3b73fda26e5cb6f38a31c47133131b8 Certificate Info IssuerLet's Encrypt Subjectwest-wind.com Fingerprint67:F4:76:43:35:66:20:6D:3C:4B:E1:AF:30:B7:5C:3C:7B:B8:EA:ED ValidityTue, 06 May 2025 21:44:37 GMT - Mon, 04 Aug 2025 21:44:36 GMT Detections
HTTP Headers
| ||||||||||