Zulu URL Risk Analyzer

By | February 22, 2012

Zulu is a dynamic risk scoring engine for web based content. For a given URL, Zulu will retrieve the content and apply a variety of checks in three different categories:

  • Content Checks – Inspection of page content to identify potentially malicious code in a variety of categories
  • URL Checks – Inspection of the full URL to identify malicious patterns and check the URL/FQDN/TLD against third party and Zscaler block lists
  • Host Checks – IP, DNS and netblock reputation checks

All algorithms generate both a risk score between 0-100 and a risk categorization (Low, Medium,High). Individual scores are then consolidated and weighted to calculate an overall page score and deliver a final categorization of Benign, Suspicious or Malicious based on overall page risk. Meta data for the page is also provided along with a history of past scans.

http://zulu.zscaler.com/

Below are the results for this site

How safe is your web destination?

URL: http://blog.qualtechsoftware.com/

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)

Referer:

Submitted on 02/07/2012 at 15:07 PST

Status: finished

 

Redirections: http://blog.qualtechsoftware.com/ (301 Moved Permanently)

HTTP Status Code: 200 OK

Content Size: 54324 bytes

Content Type: text/html; charset=UTF-8

IP Address: 184.168.38.237

Country: United States

Web Server: Apache

Benign
24/100 Send us feedback

 

Domain history:

Content checks9/100

Test Score Description Risk
Zscaler Content Check 10 Detected risky WRI patterns. Low
Zscaler Obfuscated Javascript Check 0 No match Low
Phishing Heuristics 0 Not a phishing page Low

URL checks0/100

Test Score Description Risk
Suspicious Domain name 0 URL Domain: qualtechsoftware has suspicious character score 2.25 Low
Suspicious sub-Domain Name 0 www. has suspicious character score 0.00 Low
Zscaler URL Check 0 No match Low
Top-Level Domain Risk 0 TLD of com has risk 0.0 Low
SURBL Block 0 URL Domain Result: None Low
SURBL Block 0 Nameserver Domain Result: None Low

Host checks15/100

Test Score Description Risk
Autonomous System Risk 50 ASN 26496 (GoDaddy) has risk 50.0 Medium
Geo-location Risk 0 Risk associated with country location of server: Low
Netblock Size Risk 0 Netblock size has size 65535 Low
Park/Disabled Domain 0 Parked domains may indicate that the domain is suspended or has not been used Low

Leave a Reply