Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=68.169.37.249
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://68.169.37.249/ | HTTP/1.1 200 OK Connection: close Date: Sun, 01 Mar 2015 16:14:57 GMT Accept-Ranges: bytes ETag: "318ed1-6f-4eec7c94cd180" Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.8.8 Content-Length: 111 Content-Type: text/html Last-Modified: Mon, 30 Dec 2013 22:15:50 GMT | clean |
http://68.169.37.249/cgi-sys/defaultwebpage.cgi | 200 OK Content-Length: 6542 Content-Type: text/html | clean |
http://68.169.37.249/test404page.js | 404 Not Found Content-Length: 2007 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: etherealhosting.com ...[1698 bytes skipped]... br/> SERVER_PORT_SECURE doesn't seem to be used SERVER_PORT logic would break if they use alternate ports --> <h1>404 Not Found</h1> <p>The server can not find the requested page:</p> <blockquote> 68.169.37.249/test404page.js (port 80) </blockquote> <p> Please forward this error screen to 68.169.37.249's <a href="mailto:info@etherealhosting.com?subject=Error message [404] 404 Not Found for 68.169.37.249/test404page.js port 80 on Sunday, 01-Mar-2015 09:14:59 MST"> WebMaster</a>. </p> <hr /> <!-- end content --> </div> </body> </html> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 68.169.37.249
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Mar 2015 16:14:57 GMT
Accept-Ranges: bytes
ETag: "318ed1-6f-4eec7c94cd180"
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.8.8
Content-Length: 111
Content-Type: text/html
Last-Modified: Mon, 30 Dec 2013 22:15:50 GMT
...111 bytes of data.
GET / HTTP/1.1
Host: 68.169.37.249
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Mar 2015 16:14:57 GMT
Accept-Ranges: bytes
ETag: "318ed1-6f-4eec7c94cd180"
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.8.8
Content-Length: 111
Content-Type: text/html
Last-Modified: Mon, 30 Dec 2013 22:15:50 GMT
...111 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 68.169.37.249
Referer: http://www.google.com/search?q=68.169.37.249
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 68.169.37.249
Referer: http://www.google.com/search?q=68.169.37.249
Result:
The result is similar to the first query. There are no suspicious redirects found.