Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=198.65.23.43
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://198.65.23.43/ | 200 OK Content-Length: 16511 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: henthorns.com ...[9153 bytes skipped]... so-yfti-irow:0;mso-yfti-firstrow:yes'> <td width="96%" style='width:96.96%;padding:3.0pt 3.0pt 3.0pt 3.0pt'> <p class=MsoNormal align=center style='text-align:center;mso-element:frame; mso-element-frame-hspace:2.25pt;mso-element-wrap:around;mso-element-anchor-vertical: paragraph;mso-element-anchor-horizontal:column;mso-height-rule:exactly'><span style='color:windowtext'><a href="http://henthorns.com/fogmc/fogmc.html">Motorcycles (Do it in the Dirt) ""</a><u6:p></u6:p></span><span style='color:black'><o:p></o:p></span></p> </td> </tr> <tr style='mso-yfti-irow:1'> <td width="96%" style='width:96.96%;padding:3.0pt 3.0pt 3.0pt 3.0pt'> <p class=MsoNormal align=center style='text-align:center;mso-element:frame; mso-element-fram ...[10777 bytes skipped]... | ||
http://198.65.23.43/test404page.js | 404 Not Found Content-Length: 393 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: henthorns.com <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <HTML><HEAD> <TITLE>404 Not Found</TITLE> </HEAD><BODY> <H1>Not Found</H1> The requested URL /test404page.js was not found on this server.<P> <P>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. <HR> <ADDRESS>Apache/1.3.42 Server at henthorns.com Port 80</ADDRESS> </BODY></HTML> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 198.65.23.43
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 06 Jun 2014 18:17:10 GMT
Accept-Ranges: bytes
ETag: "2970cdb-407f-5387706d"
Server: Apache/1.3.42 (Unix) mod_auth_tkt/2.1.0 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8r
Content-Length: 16511
Content-Type: text/html
Last-Modified: Thu, 29 May 2014 17:37:49 GMT
...16511 bytes of data.
GET / HTTP/1.1
Host: 198.65.23.43
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 06 Jun 2014 18:17:10 GMT
Accept-Ranges: bytes
ETag: "2970cdb-407f-5387706d"
Server: Apache/1.3.42 (Unix) mod_auth_tkt/2.1.0 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8r
Content-Length: 16511
Content-Type: text/html
Last-Modified: Thu, 29 May 2014 17:37:49 GMT
...16511 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 198.65.23.43
Referer: http://www.google.com/search?q=198.65.23.43
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 198.65.23.43
Referer: http://www.google.com/search?q=198.65.23.43
Result:
The result is similar to the first query. There are no suspicious redirects found.