urlquery.net - Free url scanner

Overview

URL	http://amberschool.com/
IP	131.253.18.12
ASN	AS8075 Microsoft Corp
Location	Canada
Report completed	2012-11-09 19:44:14 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-09 19:43:37	urlQuery Client	131.253.18.12	1	ET CNC Zeus/Spyeye/Palevo Tracker Reported CnC Server (group 2)

Snort /w Sourcefire VRT

No alerts detected

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 131.253.18.12

Date	Alerts / IDS	URL	IP
2013-04-05 01:58:30	0 / 4	http://ach-nacha.com/canceled_report_43893892.pdf.exe	131.253.18.12
2013-04-04 19:04:34	0 / 4	http://charterbeans.info/	131.253.18.12
2013-04-04 02:10:41	0 / 4	http://grz971.com/09.php	131.253.18.12
2013-04-03 23:13:46	0 / 4	http://wonderfulyard.com/	131.253.18.12
2013-04-03 17:35:51	0 / 4	http://basedmarket.com/	131.253.18.12
2013-04-03 16:51:27	0 / 4	http://corpsecnet.com/	131.253.18.12

Last 6 reports on ASN: AS8075 Microsoft Corp

Date	Alerts / IDS	URL	IP
2013-04-05 02:54:40	0 / 3	http://live.sysinternals.com/Disk2vhd.exe	157.56.203.150
2013-04-05 02:51:49	0 / 0	http://www.otmail.com/	64.4.6.100
2013-04-05 02:49:36	0 / 0	http://otmail.com	65.55.39.10
2013-04-05 02:45:43	0 / 0	http://www.otmail.com	65.55.39.10
2013-04-05 02:45:23	0 / 0	http://otmail.com	64.4.6.100
2013-04-05 01:58:30	0 / 4	http://ach-nacha.com/canceled_report_43893892.pdf.exe	131.253.18.12

Last 6 reports on domain: amberschool.com

Date	Alerts / IDS	URL	IP
2013-03-24 03:04:11	0 / 7	http://amberschool.com/z2/bot.exe	131.253.18.12
2013-03-24 03:04:11	0 / 5	http://amberschool.com/z2/gate.php	131.253.18.12
2013-03-24 03:04:10	0 / 5	http://amberschool.com/z2/config.bin	131.253.18.12
2013-03-24 03:04:03	0 / 5	http://amberschool.com/z2/	131.253.18.12
2013-02-18 00:27:07	0 / 0	http://amberschool.com	131.253.18.12
2013-02-08 20:29:39	0 / 3	http://amberschool.com	131.253.18.12

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (1)

Request	Response
GET / HTTP/1.1 Host: www.amberschool.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive

Request

Response

GET / HTTP/1.1

Host: www.amberschool.com


User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive