URL User Request GET HTTP/1.1IP198.24.170.27:80
File typeHTML document, ASCII text, with CRLF line terminators Hash62af72ae6f40f115845e3dc532fe4c06 126b5f48d10f6ff6bec1755d12463b932bd520ed cfa2302a35c1ae6c0fc50470dd0777ee6046935fa80273e7a8cb938019ccea26
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 198.24.170.27
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private,no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: /GenericErrorPage.htm?aspxerrorpath=/tmpmht/
Server: Microsoft-IIS/10.0
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Date: Thu, 18 Apr 2024 11:39:30 GMT
Content-Length: 161
|
| 198.24.170.27/GenericErrorPage.htm?aspxerrorpath=/tmpmht/ | 198.24.170.27 | 500 Internal Server Error | 1.8 kB |
URL User Request GET HTTP/1.1198.24.170.27/GenericErrorPage.htm?aspxerrorpath=/tmpmht/ IP198.24.170.27:80
File typeHTML document, ASCII text, with CRLF line terminators Hash73a135251a51e465c5e0ac69988475b9 184f0ff01fd20e45f4d974cb74246da25affbc12 e6819a78fcb576b103b18b9dcc5b6a9cf737a87494a29b86178fc7f4ddd1e3e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /GenericErrorPage.htm?aspxerrorpath=/tmpmht/ HTTP/1.1
Host: 198.24.170.27
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 500 Internal Server Error
Cache-Control: private,no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/10.0
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Date: Thu, 18 Apr 2024 11:39:30 GMT
Content-Length: 1763
|
| 198.24.170.27/favicon.ico | 198.24.170.27 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1198.24.170.27/favicon.ico IP198.24.170.27:80
Requested byhttp://198.24.170.27/GenericErrorPage.htm?aspxerrorpath=/tmpmht/
File typeHTML document, ASCII text, with CRLF line terminators Hash5343c1a8b203c162a3bf3870d9f50fd4 04b5b886c20d88b57eea6d8ff882624a4ac1e51d dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 198.24.170.27
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://198.24.170.27/GenericErrorPage.htm?aspxerrorpath=/tmpmht/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Cache-Control: private,no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/10.0
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Date: Thu, 18 Apr 2024 11:39:30 GMT
Content-Length: 1245
|