urlquery.net - Free url scanner

Overview

URL	http://htc-topaz.handster.com/ac100/download_spb_weather.html?action=download_file
IP	82.145.212.57
ASN	AS39832 Opera Software ASA
Location	Europe
Report completed	2012-11-01 02:01:00 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-01 02:00:27	82.145.212.57	urlQuery Client	3	FILEMAGIC windows executable
2012-11-01 02:00:27	82.145.212.57	urlQuery Client	1	ET MALWARE Possible Windows executable sent when remote host claims to send html content

Snort /w Sourcefire VRT

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-01 02:00:27	82.145.212.57	urlQuery Client	3	FILE-IDENTIFY Portable Executable binary file magic detected
2012-11-01 02:00:33	82.145.212.57	urlQuery Client	3	FILE-IDENTIFY Portable Executable binary file magic detected
2012-11-01 02:00:33	82.145.212.57	urlQuery Client	3	FILE-IDENTIFY Portable Executable binary file magic detected

Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 82.145.212.57

Date	Alerts / IDS	URL	IP
2012-11-28 08:13:25	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-27 23:43:53	0 / 4	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-24 23:03:13	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-23 01:44:37	0 / 4	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-21 21:39:01	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-20 23:03:26	0 / 5	http://asus-p527.handster.com/us/download_spb_weather.html?action=download_file	82.145.212.57

Last 6 reports on ASN: AS39832 Opera Software ASA

Date	Alerts / IDS	URL	IP
2013-02-12 19:02:59	0 / 0	http://s16-07.opera-mini.net	141.0.8.245
2013-02-12 18:52:59	0 / 0	http://141.0.8.245	141.0.8.245
2013-02-11 08:37:27	0 / 1	http://get3.opera.com/pub/opera/win/1214/autoupdate/Opera-12.14-1738.i386.autoupdate.exe	141.0.13.4
2013-02-10 13:09:02	0 / 10	http://maxis.mobby.me.server4.operamini.com/	82.145.209.253
2013-02-09 14:13:36	0 / 0	http://redir.opera.com/turbo/	91.203.99.52
2013-02-09 14:12:24	0 / 0	http://opera.com/portal/turbo/	195.189.143.147

Last 5 reports on domain: htc-topaz.handster.com

Date	Alerts / IDS	URL	IP
2012-11-14 16:28:55	0 / 4	http://htc-topaz.handster.com/cs/download_spb_weather.html?action=download_file	82.145.212.57
2012-11-09 11:35:40	0 / 5	http://htc-topaz.handster.com/ac100/download_spb_weather.html?action=download_file	82.145.212.57
2012-10-31 15:16:50	0 / 4	http://htc-topaz.handster.com/ac100/download_spb_weather.html?action=download_file	82.145.212.57
2012-10-30 21:39:35	0 / 6	http://htc-topaz.handster.com/ac100/download_spb_weather.html?action=download_file	82.145.212.57
2012-10-25 13:05:46	0 / 2	http://htc-topaz.handster.com/ac100/download_spb_weather.html?action=download_file	82.145.212.57

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (4)

Request	Response
GET /ac100/download_spb_weather.html?action=download_file HTTP/1.1 Host: htc-topaz.handster.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: nginx/1.0.11 Date: Thu, 01 Nov 2012 01:00:27 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.4.4-7 Set-Cookie: PHPSESSID=eh896fp8ie16q1pocrfp7su481; expires=Sat, 01-Dec-2012 01:00:27 GMT; path=/; domain=.handster.com Location: http://htc-topaz.handster.com/ac100/download_spb_weather.html?action=list_builds&uniq_dkey=4423b12c73c9849c89f3bee533516d2b
GET /ac100/download_spb_weather.html?action=list_builds&uniq_dkey=4423b12c73c9849c89f3bee533516d2b HTTP/1.1 Host: htc-topaz.handster.com GET /ac100/download_spb_weather.html?action=list_builds&uniq_dkey=4423b12c73c9849c89f3bee533516d2b HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PHPSESSID=eh896fp8ie16q1pocrfp7su481	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: nginx/1.0.11 Date: Thu, 01 Nov 2012 01:00:27 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.4.4-7 Location: http://htc-topaz.handster.com/ac100/download_spb_weather.html?action=download_build&build_id=12378&uniq_dkey=4423b12c73c9849c89f3bee533516d2b
GET /ac100/download_spb_weather.html?action=download_build&build_id=12378&uniq_dkey=4423b12c73c9849c89f3bee533516d2b HTTP/1.1 Host: htc-topaz.handster.com GET /ac100/download_spb_weather.html?action=download_build&build_id=12378&uniq_dkey=4423b12c73c9849c89f3bee533516d2b HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PHPSESSID=eh896fp8ie16q1pocrfp7su481	HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: nginx/1.0.11 Date: Thu, 01 Nov 2012 01:00:27 GMT Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.4.4-7 Location: http://htc-topaz.handster.com/ac100/download_spb_weather.html?action=download_file&build_id=12378&filetype_name=pc_installer&index=&uniq_dkey=4423b12c73c9849c89f3bee533516d2b
GET /ac100/download_spb_weather.html?action=download_file&build_id=12378&filetype_name=pc_installer&index=&uniq_dkey=4423b12c73c9849c89f3bee533516d2b HTTP/1.1 Host: htc-topaz.handster.com GET /ac100/download_spb_weather.html?action=download_file&build_id=12378&filetype_name=pc_installer&index=&uniq_dkey=4423b12c73c9849c89f3bee533516d2b HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: PHPSESSID=eh896fp8ie16q1pocrfp7su481	HTTP/1.1 200 OK Content-Type: application/octet-stream Server: nginx/1.0.11 Date: Thu, 01 Nov 2012 01:00:27 GMT Connection: keep-alive Set-Cookie: f918a2415125c349faca6c9fd1df3760_v=8FO778vA0gzG5ijoZkdwI6KZzQ8MiTGjvicZ%2Fm7O%2Bk4mdiNR20M1nQCz9GtD60MIktNmeny3zuoWsWbuC7ruGawj2l9Bkt6NIbDOuUdW%2Fk%2F0qFg3oYeasCJ2rWmob%2BizWSO6QersbNk1lTGtI%2BvIBKtEZ6fHw0TsI36NomhGwRVUT73NHfbCq67uUOrzJEfy4jssLP6UqZMDONqpyd2BnhMfaNcDTvzHzJd1ywmKW0C2QquH90a%2BMh1pM%2FK%2BAVccKa71jiJSfMgF1FkAUVxbJTk4WsA4YJ3jvFnHoLT%2F1s7ve5ixFztFsrGS5EBmLJ12MwHNKvU7uCLQ1UpwPgngJnRlavDnI2rnThmDR3uR5gA%3D; expires=Sat, 01-Nov-2014 01:00:27 GMT; path=/; domain=handster.com f918a2415125c349faca6c9fd1df3760_s=VJFLHZJnyC7eGnVX%2B1n36SD%2B4cIpxz1B14G1YuV68BBW%2BwqA6nv0HUXxjEAnD34OGxP8J8fnQltkv2YVfkoZhu2BjsaaiubLVrH9lbX4HBw4X3K9O%2FBVx4Cojr0vgeuevsaCc5FT%2BJ%2BOV1NQRhqe%2FOCrWZw73vgJefWjm6kUoX5%2B1tQDFMBdNl0Ag2LnXn%2BEik65dhMFz6s%2BMnUKJueeyA%3D%3D; expires=Thu, 01-Nov-2012 01:20:27 GMT; path=/; domain=handster.com Content-Disposition: attachment; filename="SPBWeather2.4.exe" X-Riak-Vclock: a85hYGBgz2DKBVIckolLlvld/teZwZTEwMBokcfKsHb95BN8UFnvCf4H/RWXPc1gSkwBSn09wXQKJpWXNsXAXyRIGijFBJRacbHjBIqU4vIqoFQyUOpvyI+TMKk1GknH/C7/5YZYZ4Zm3W39oACErDkWWX/FOFVkx2QBAA== Vary: Accept-Encoding Link: </riak/software>; rel="up" Last-Modified: Mon, 05 Dec 2011 18:44:48 GMT Etag: "59UzW9itwskD2EtxQuxbzN" Content-Length: 7016960