70.32.23.17/
140 B IP
File type HTML document text\012- HTML document, ASCII text
Hash f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 70.32.23.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 02:58:02 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 17 Jun 2020 20:01:33 GMT
ETag: "6793c24-a3-5a84d20652140-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 140
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html
70.32.23.17/cgi-sys/defaultwebpage.cgi
6.9 kB URL User Request GET 70.32.23.17/cgi-sys/defaultwebpage.cgi
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash afd5626f50ae705a9a57a9eb8c264d73
9e315ad7e936a5bbc8e61e91f3f6282120003579
4367f1fb027e1d3da728ef67eb51f56c493141c846001b17d3969d3e023149de
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cgi-sys/defaultwebpage.cgi HTTP/1.1
Host: 70.32.23.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 02:58:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
70.32.23.17/img-sys/IP_changed.png
200 OK 3.0 kB URL GET HTTP/1.1 70.32.23.17/img-sys/IP_changed.png
IP
Requested by http://70.32.23.17/cgi-sys/defaultwebpage.cgi
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ec081653bd4c836483e6d612588d18ec
91c7e4cfa061808881575a875741773a949a9e0a
b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img-sys/IP_changed.png HTTP/1.1
Host: 70.32.23.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://70.32.23.17/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 02:58:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Jan 2019 18:46:47 GMT
ETag: "c67275-b7b-58038a1f0f3c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 2962
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/png
70.32.23.17/img-sys/error-bg-left.png
200 OK 7.7 kB URL GET HTTP/1.1 70.32.23.17/img-sys/error-bg-left.png
IP
Requested by http://70.32.23.17/cgi-sys/defaultwebpage.cgi
File type PNG image data, 410 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash cdbe46a0178886162bdedff35336154e
f5acc131f7d3fdfbebfc4a55be73cf51c7638937
862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img-sys/error-bg-left.png HTTP/1.1
Host: 70.32.23.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://70.32.23.17/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 02:58:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Jan 2019 18:46:47 GMT
ETag: "c67285-1f88-58038a1f0f3c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 7651
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/png
70.32.23.17/img-sys/server_moved.png
200 OK 3.4 kB URL GET HTTP/1.1 70.32.23.17/img-sys/server_moved.png
IP
Requested by http://70.32.23.17/cgi-sys/defaultwebpage.cgi
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f6590a396da81a8e4cce7ca046874ffd
7e68db322c32ca079b2c836812d3a25204ab93cc
3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img-sys/server_moved.png HTTP/1.1
Host: 70.32.23.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://70.32.23.17/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 02:58:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Jan 2019 18:46:47 GMT
ETag: "c67293-cff-58038a1f0f3c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 3350
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/png
70.32.23.17/img-sys/powered_by_cpanel.svg
200 OK 5.6 kB URL GET HTTP/1.1 70.32.23.17/img-sys/powered_by_cpanel.svg
IP
Requested by http://70.32.23.17/cgi-sys/defaultwebpage.cgi
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5616)
Hash c47b4b5200566a2a496a11ba472ec5da
3bd0da9a6ffd62217d3e781fa1356f40d9f91d4c
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img-sys/powered_by_cpanel.svg HTTP/1.1
Host: 70.32.23.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://70.32.23.17/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 02:58:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Jan 2019 18:46:47 GMT
ETag: "c6727f-15f1-58038a1f0f3c0"
Accept-Ranges: bytes
Content-Length: 5617
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/svg+xml
70.32.23.17/img-sys/server_misconfigured.png
200 OK 3.2 kB URL GET HTTP/1.1 70.32.23.17/img-sys/server_misconfigured.png
IP
Requested by http://70.32.23.17/cgi-sys/defaultwebpage.cgi
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f79adaf00f83dc9757086cdbe8645ff0
82f37b8be7668eab8e1a06de828cb336799c8134
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img-sys/server_misconfigured.png HTTP/1.1
Host: 70.32.23.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://70.32.23.17/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 08 Dec 2023 02:58:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Jan 2019 18:46:47 GMT
ETag: "c67292-c5c-58038a1f0f3c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 3187
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: image/png
70.32.23.17/favicon.ico
404 Not Found 874 B IP
Requested by http://70.32.23.17/cgi-sys/defaultwebpage.cgi
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash e56598adbf4db41080e5497019ecfd2a
1ac9176510f28f656ee62faf01e2eb00fa64366b
d32716b8ca8c91a5bc3392ae3dbd55dcbbc1aa54ff708b482bf19e6e40676990
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 70.32.23.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://70.32.23.17/cgi-sys/defaultwebpage.cgi
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 08 Dec 2023 02:58:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600, must-revalidate
Pragma: no-cache
Expires: 0
Content-Length: 874
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: text/html
70.32.23.17