DNS Lookup

[De Master Yoda]

It may be, so I did another scan with the same result.

Report 2011-08-30 08:01:08 (GMT 1)
Website nirsoft.net
Domain Hash ff396ff6f62ad65a4b0315efe84a5a8d
IP Address 69.73.166.124 [SCAN]
IP Hostname static-124-166-73-69.nocdirect.com
IP Country US (United States)
AS Number 3595
AS Name GNAXNET-AS - Global Net Access, LLC
Detections 1 / 23 (4 %)
Status SUSPICIOUS
Scanning site with: VSCAN DETECTED.
The date is not todays but should still be relevant.


I then did a scan of the IP

Report 2011-09-17 07:29:09 (GMT 1)
IP Address 69.73.166.124
IP Hostname static-124-166-73-69.nocdirect.com
IP Country US
AS Number N/A
AS Name N/A
Detections 1 / 26 (4 %)
Status SUSPICIOUS

Scanning IP with: MyWOT DETECTED

Maybe we need to do further checks, I can only report the results that I found.

[Mr Unnatural]

Some of their tools do get picked up by some antivirus software but I suspect it's because of their behaviour in ferretting out info rather than true viral activity.

I hope so anyway: for one thing I use a lot of the tools and for another, how good would it look if my first post sent everyone to a virus site!

[Garreg Ddu]

hxxp://headertool.apelord.com/ Is no longer active as far as I am aware.

Its security was in question so it is best not to use it even if it comes back.

Apelord is defunct, and has been replaced by http://www.iptrackeronline.com/header.php which offers a much better analysis output. The thread at Basic email header analysis tools - a short tutorial has been updated to reflect this.

[Techmaster]

Maybe we need to do further checks, I can only report the results that I found.

I understand completely, due to the outrageous number of web sites out there that are viral. I stumble across infected sites all the time, and the new safe search shield in the newly released AVG 2012 (I use the free edition) has been doing a remarkable job in stopping exploit codes from executing. But I still think there is nothing to be feared with this particular site. However, it always pays to be cautious. It's common for criminals to hack into clean web sites and inject their viral codes into them.

[Dick H Box]

This is a Firefox add-on that loads & searches the URL of the target site using several different tools, e.g. CentralOps, Netcraft, DomainTools, Robtex, amongst other sites, all with the click of a mouse on the PR icon. Simple, safe & quick, it saves having to copy-&-paste anything, & does not communicate with the target site at all from your machine.


https://addons.mozilla.org/en-US/fir...n/passiverecon

PassiveRecon provides information security professionals with the ability to perform "packetless" discovery of target resources utilizing publicly available information.