See: http://urlquery.net/report/f045dd30-aeab-4d77-98fc-493e2b906e9e
See the Plesk Webserver’s Default Page for http://37.97.242.166/
Re: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2F37.97.242.166%2F&useragent=Fetch+useragent&accept_encoding=
Cannot find hostname “_.opdefoto.net” → http://toolbar.netcraft.com/site_report?url=_.opdefoto.net+

Consider: http://whois.domaintools.com/opdefoto.net and http://www.dnsinspect.com/opdefoto.net/10154781
This could be used maliciously? On attack, read: https://www.acunetix.com/vulnerabilities/web/host-header-attack

polonus (volunteer website security analyst and website eroor-hunter)

Another such anomaly IDS alert we find here: http://urlquery.net/report/6664e488-954e-4a11-ba85-92e99870a5ed
ET INFO HTTP Request to a *.pw domain

What is this, read, comes with an exploit kit: http://www.malware-traffic-analysis.net/2014/01/24/index.html
as this: http://www.malware-traffic-analysis.net/2014/02/03/part-04.html

Read the discussion here: https://supportforums.cisco.com/discussion/13053421/firesight-classifying-pw-dns-requests-trojan-detected

Discussion whether this should be alerted as trojan with Snort: https://forum.pfsense.org/index.php?topic=93617.0
and the alerts from Emerging Threats: http://doc.emergingthreats.net/bin/view/Main/2016777 which were triggered in the urlquery dot net report.

polonus (volunteer website security analyst and website error-hunter)

Just another such alert, ET INFO Possible Phish - Mirrored Website Comment Observed, for this website:
https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=kosher-coffee.com&ref_sel=GSP2&ua_sel=ff&fs=1
See it flagged here: http://urlquery.net/report/2cbf02d2-5bf0-419e-a324-9e180b66cd24

Not detected here: http://isithacked.com/check/kosher-coffee.com%20
Not given as detected here either: https://www.virustotal.com/en/url/09698c2d413bc54983e51e35f9b65d71dc3b5ba3be7d4854d2a2d9a5d5837d78/analysis/1500236399/
Given as likely safe here: http://phishcheck.me/110741/details

polonus