urlquery.net - Free url scanner

Overview

URL	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file
IP	82.145.212.57
ASN	AS39832 Opera Software ASA
Location	Europe
Report completed	2012-11-09 18:38:42 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-09 18:38:10	82.145.212.57	urlQuery Client	1	ET MALWARE Possible Windows executable sent when remote host claims to send html content

Snort /w Sourcefire VRT

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-09 18:38:09	82.145.212.57	urlQuery Client	3	FILE-IDENTIFY Portable Executable binary file magic detected
2012-11-09 18:38:17	82.145.212.57	urlQuery Client	3	FILE-IDENTIFY Portable Executable binary file magic detected
2012-11-09 18:38:17	82.145.212.57	urlQuery Client	3	FILE-IDENTIFY Portable Executable binary file magic detected

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 82.145.212.57

Date	Alerts / IDS	URL	IP
2012-11-28 08:13:25	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-27 23:43:53	0 / 4	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-24 23:03:13	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-23 01:44:37	0 / 4	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-21 21:39:01	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-20 23:03:26	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57

Last 6 reports on ASN: AS39832 Opera Software ASA

Date	Alerts / IDS	URL	IP
2013-04-04 10:30:12	0 / 7	http://s33-01.opera-mini.net/	141.0.9.255
2013-04-04 09:59:32	0 / 7	http://s33-01.opera-mini.net/	141.0.9.255
2013-04-04 08:40:13	0 / 0	http://my.opera.com/abelge/albums/	195.189.143.107
2013-04-04 04:28:54	0 / 0	http://my.opera.com/conway1/albums/	195.189.143.107
2013-04-03 09:01:36	0 / 1	http://get.geo.opera.com/pub/opera/Win7/1100/Opera_Mobile_11_Win7.exe	195.189.143.122
2013-04-03 05:20:15	0 / 0	http://my.opera.com/conway1/albums/	195.189.143.107

Last 6 reports on domain: asus-p527.handster.com

Date	Alerts / IDS	URL	IP
2012-11-28 08:13:25	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-27 23:43:53	0 / 4	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-24 23:03:13	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-23 01:44:37	0 / 4	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-21 21:39:01	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-20 23:03:26	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (4)

Request	Response
GET /us/download_spb_weather.html?action=download_file HTTP/1.1 Host: asus-p527.handster.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: nginx/1.0.11 Date: Fri, 09 Nov 2012 17:38:09 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.4.4-7 Set-Cookie: PHPSESSID=c6r17mkomauc3iassd6k5gc9k0; expires=Sun, 09-Dec-2012 17:38:09 GMT; path=/; domain=.handster.com Location: http://asus-p527.handster.com/us/download_spb_weather.html?action=list_builds&uniq_dkey=41d008033d681092c9e21da1b65d6576
GET /us/download_spb_weather.html?action=list_builds&uniq_dkey=41d008033d681092c9e21da1b65d6576 HTTP/1.1 Host: asus-p527.handster.com GET /us/download_spb_weather.html?action=list_builds&uniq_dkey=41d008033d681092c9e21da1b65d6576 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PHPSESSID=c6r17mkomauc3iassd6k5gc9k0	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: nginx/1.0.11 Date: Fri, 09 Nov 2012 17:38:09 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.4.4-7 Location: http://asus-p527.handster.com/us/download_spb_weather.html?action=download_build&build_id=12378&uniq_dkey=41d008033d681092c9e21da1b65d6576
GET /us/download_spb_weather.html?action=download_build&build_id=12378&uniq_dkey=41d008033d681092c9e21da1b65d6576 HTTP/1.1 Host: asus-p527.handster.com GET /us/download_spb_weather.html?action=download_build&build_id=12378&uniq_dkey=41d008033d681092c9e21da1b65d6576 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PHPSESSID=c6r17mkomauc3iassd6k5gc9k0	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: nginx/1.0.11 Date: Fri, 09 Nov 2012 17:38:09 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.4.4-7 Location: http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file&build_id=12378&filetype_name=pc_installer&index=&uniq_dkey=41d008033d681092c9e21da1b65d6576
GET /us/download_spb_weather.html?action=download_file&build_id=12378&filetype_name=pc_installer&index=&uniq_dkey=41d008033d681092c9e21da1b65d6576 HTTP/1.1 Host: asus-p527.handster.com GET /us/download_spb_weather.html?action=download_file&build_id=12378&filetype_name=pc_installer&index=&uniq_dkey=41d008033d681092c9e21da1b65d6576 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PHPSESSID=c6r17mkomauc3iassd6k5gc9k0	HTTP/1.1 200 OK Content-Type: application/octet-stream Server: nginx/1.0.11 Date: Fri, 09 Nov 2012 17:38:09 GMT Connection: keep-alive Set-Cookie: f918a2415125c349faca6c9fd1df3760_v=8FO778vA0gzG5ijoZkdwI%2BEspHZp0t9jPMgFHv4bTuTE1KWWGH%2FCsGtxxqJPzHfd7YGOxpqK5stWsf2VtfgcHPvuUFUqL9A4P%2Fs0pbj%2FhUJxamIqUwFqcd35mJ8%2B5KtGnauAMgDu%2BnsPtySBbG%2FXeUYkOv0jJT50gEuq6nIyY2Hj4t%2FwvAOgikM2%2FOMhq6P37xY5WMzDLQeS02Z6fLfO6haxZu4Luu4Zq6g74wzBuH5x4DndUC6sRgfM1Y5n%2FLmMAwUqZltNoygbE%2Fwnx%2BdCW1KUCZHjiaFWNYaH%2FL6OPWK2sh8iZYvtqQlE4UywAvy1ugwzuWkRbupjMzdRE1g2TYH1G8BfO5DBxjsjvKPtNgI%3D; expires=Sun, 09-Nov-2014 17:38:09 GMT; path=/; domain=handster.com f918a2415125c349faca6c9fd1df3760_s=VJFLHZJnyC7eGnVX%2B1n36W3%2FAiW0rVVQC3GlxrJThHFW%2BwqA6nv0HUXxjEAnD34OGxP8J8fnQltkv2YVfkoZhu2BjsaaiubLVrH9lbX4HBz77lBVKi%2FQOD%2F7NKW4%2F4VCvsaCc5FT%2BJ%2BOV1NQRhqe%2FOCrWZw73vgJefWjm6kUoX5%2B1tQDFMBdNl0Ag2LnXn%2BEik65dhMFz6s%2BMnUKJueeyA%3D%3D; expires=Fri, 09-Nov-2012 17:58:09 GMT; path=/; domain=handster.com Content-Disposition: attachment; filename="SPBWeather2.4.exe" X-Riak-Vclock: a85hYGBgz2DKBVIckolLlvld/teZwZTEwMBokcfKsHb95BN8UFnvCf4H/RWXPc1gSkwBSn09wXQKJpWXNsXAXyRIGijFBJRacbHjBIqU4vIqoFQyUOpvyI+TMKk1GknH/C7/5YZYZ4Zm3W39oACErDkWWX/FOFVkx2QBAA== Vary: Accept-Encoding Link: </riak/software>; rel="up" Last-Modified: Mon, 05 Dec 2011 18:44:48 GMT Etag: "59UzW9itwskD2EtxQuxbzN" Content-Length: 7016960