Report - 74.65.212.29/

Report Overview

Submitted URL
74.65.212.29/
IP
74.65.212.29
ASN
#12271 TWC-12271-NYC
Submitted
2024-05-08 21:17:17
Access
public
Website Title
Wi-Fi APP Login
Final URL
74.65.212.29/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
74.65.212.29	unknown	unknown	No data	No data	5.8 kB	121 kB	74.65.212.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed
2024-05-08	medium	74.65.212.29	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	74.65.212.29/linux.js?r=6383	29 kB	2024-05-08	2024-05-08
Pretty URL 74.65.212.29/linux.js?r=6383 IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen1 Hash 94ae3b7058528e6f780997cb8a2ca471 7d92de525b19184d397df70ac66efdd353ca2556 0bc5bad162789b0c02c7aaa1aa2ac68ffafbf5f9d9eabcd111ac264d2fac464e Loading...

	74.65.212.29/	160 B	2024-05-08	2024-05-08
Pretty URL 74.65.212.29/ IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen1 Hash 02035841084912e90a3faee2a6edd9e8 79a0a214352e590a3861f5de214717327f224d21 4b1d3f3b2edd7ce3f1df371f7e5ccaac558db24b308a26680ab6cc7727eab3d9 Loading...

	74.65.212.29/	66 B	2023-11-15	2024-05-08
Pretty URL 74.65.212.29/ IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 05:12:04 Last Seen2024-05-08 23:17:24 Times Seen3 Hash e33a277a216b498759dee6ef160c29ef e87f895dd309c65660c0ddb35e7b18245f71b303 246e8181d00b18080535e629b242217f419b83d763be101facc326c64f43e436 Loading...

	74.65.212.29/	3.3 kB	2024-05-08	2024-05-08
Pretty URL 74.65.212.29/ IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen1 Hash 5c1b73804f3acca4d2b568b9eafbf79c 2613136d34314b0f0f3f84e6cc3eee6e6ee70637 fdc0d1953a6cfa05182ba9d81501d76a414a99b3e68b2fbede5163ac62e4518f Loading...

	74.65.212.29/	190 B	2023-11-15	2024-05-16
Pretty URL 74.65.212.29/ IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 05:12:04 Last Seen2024-05-16 00:32:07 Times Seen7 Hash 953db78db21ebf98b06927d332d496f7 baf4dcce8bde540379b0074f44e27d568cd1e9dc 5bf3d53de502f6e4b3f4a446c6cc8fdacab50f5d3e4410dda930304545a1c8ed Loading...

	74.65.212.29/	52 B	2023-11-15	2024-05-16
Pretty URL 74.65.212.29/ IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 05:12:04 Last Seen2024-05-16 00:32:07 Times Seen7 Hash 3e23eca8f6bce420c4e2e6464c207b25 417b14da532e5a5d9e2cc635ea32741b35f429d0 d9baa839b4b50a0ba06f9bffdf8b43ffa9b94204d0d532d354ee5a82162c6aad Loading...

	74.65.212.29/lang_conf.js?r=6383	3.5 kB	2024-05-08	2024-05-08
Pretty URL 74.65.212.29/lang_conf.js?r=6383 IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen1 Hash 111c1d55a9e111ee43b71e210846f3ce 3862b95e2ffc1befa2795bdce467a04f5d110bc9 58f8710b96d082809e3065e8fae12582be34530f5be3c7308e7681a996de79ed Loading...

	74.65.212.29/	776 B	2023-11-15	2024-05-16
Pretty URL 74.65.212.29/ IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 05:12:04 Last Seen2024-05-16 00:32:07 Times Seen7 Hash 88c27614c330b98a4e1432a40459a53a b5790fe91ea4de37480baaf950c7de312144ece7 ee3d4046eda26d9e374ac2419123e5aab4f707e275abc007b9c69a74bb622f76 Loading...

	unknown	11 B	2023-09-10	2024-05-16
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-09-10 21:27:33 Last Seen2024-05-16 00:32:07 Times Seen10 Hash 41ef778132fb28c821b3b498ca60474a cdf62e8a002883987be23ebb1b1a1dbca57325e1 c9f54cbfaee77f03478b98cf2ee34f162dcaa7d50375e7cf39319f2745a41dde Loading...

	74.65.212.29/md5.js	8.8 kB	2023-03-07	2024-05-16
Pretty URL 74.65.212.29/md5.js IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:16:57 Last Seen2024-05-16 00:32:08 Times Seen31 Hash 2e5d990219ab6b8280eb8330387a8f27 372b93f7c8f9623e93d904fcbff337c0b077ddcc 797675e04f714a8f53a91f2f29c6e6972b9e67dc09845a46ef934d7f4641c883 Loading...

	74.65.212.29/lang2_en.js?r=GetRandomn	28 kB	2024-05-08	2024-05-08
Pretty URL 74.65.212.29/lang2_en.js?r=GetRandomn IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen2 Hash fe32eebf18af6948dcafc22607b21dc3 c9fe7829b3cb9a675cc6051b7a5c904a08fd3ddf 1a9a50e4c90b4f9305439306478ac71b90ac5196476983fd9159d67630f78d99 Loading...

	74.65.212.29/	149 B	2023-11-15	2024-05-16
Pretty URL 74.65.212.29/ IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 05:12:04 Last Seen2024-05-16 00:32:07 Times Seen7 Hash 0d1c458a0a277c307e7ec28f0e33d394 750f956c7ea69a46b630e17d3921c3fe0d2b3dcf d41e66b53f6c763737810863bc1f264a9ae941b5c90939c4c5aaf8b8ebde8d65 Loading...

	74.65.212.29/	62 B	2024-05-08	2024-05-08
Pretty URL 74.65.212.29/ IP 74.65.212.29 ASN #12271 TWC-12271-NYC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen1 Hash 68039171b558539f273e20a603e8d5a5 c71015da833715dcdcd3b2efb6b9d797322f4ce1 b04b3052471b0cdff64f0b72dc049c2fb4fce9fa3619b846554a3bb6eaeb1220 Loading...

		Size	First Seen	Last Seen
	#1 Write - 2f857ee02e0ff5da29ce1c78df54bda1	72 B	2024-01-07	2024-05-08
Pretty Observations First Seen2024-01-07 09:10:49 Last Seen2024-05-08 23:17:24 Times Seen3 Hash 2f857ee02e0ff5da29ce1c78df54bda1 055f94b372a7672daa14011b270e7f4907303b4d d6edaffb960c932cade2ef3f02b98326d1573177316fbb60df1a33c744b42ba5 Loading...

	#2 Write - b410e65b3aea02d05fe9064d3d6bf909	174 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen1 Hash b410e65b3aea02d05fe9064d3d6bf909 78457b58dff92f0bd39a94c9cc832284d7028f5d f9b883d195718f710df69f345fd7ebc6f32a0f405cbb79f24c2043b0cc12bef6 Loading...

	#3 Write - a12dbd29331393abf1a7066f17a9cc2e	60 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen1 Hash a12dbd29331393abf1a7066f17a9cc2e 10e64b03af2f2637b67c2c366bc8092b04b58447 e75f7570744bd658876a7ea4a5c808bd5fc597a06111878a455cf616a19ffb8f Loading...

	#4 Write - fe8a9585b90fd611cafefbb9bae7845f	12 B	2024-01-07	2024-05-08
Pretty Observations First Seen2024-01-07 09:10:49 Last Seen2024-05-08 23:17:24 Times Seen3 Hash fe8a9585b90fd611cafefbb9bae7845f 43c47264d4ec714748aa4cc0cfe70afa853b4d54 a366cd66b261acd8f504060685fd9dece3f3fe6a937366a32a07d4b691ab3c0b Loading...

	#5 Write - 3aa06a93b1140c2824398e101351a3fc	45 B	2023-11-15	2024-05-08
Pretty Observations First Seen2023-11-15 05:12:04 Last Seen2024-05-08 23:17:24 Times Seen5 Hash 3aa06a93b1140c2824398e101351a3fc 4cf9945d242c77cae345cc407e51d84f7ca0c8ae a93e1ab86f8fd257aa0e2b243f97e82086a02a79c57bb953a3b39e5b6d1aae07 Loading...

	#6 Write - ce64829e06185e0aa8fba598ec7695be	37 B	2023-11-17	2024-05-16
Pretty Observations First Seen2023-11-17 03:56:57 Last Seen2024-05-16 00:32:07 Times Seen5 Hash ce64829e06185e0aa8fba598ec7695be 3897dc36ce3fe08b01198a6c1b76495464941a70 471a6489b50521726bc8177d5a6028bcd3b81e8175de00f8c26a94fa2a88a93a Loading...

	#7 Write - d104ac53bd8b3c556cb9ee50bcd63ad3	52 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 23:17:24 Last Seen2024-05-08 23:17:24 Times Seen1 Hash d104ac53bd8b3c556cb9ee50bcd63ad3 362304c146e7433ef124ea61aabfca52391cf02a ce3c55a2a963734e797e88f84132e01dfeafc3a3a41f87320724a55bc3c3d1f6 Loading...

	#8 Write - d601746853a2e70fb23f439c2d5da27b	37 B	2023-11-17	2024-05-16
Pretty Observations First Seen2023-11-17 03:56:57 Last Seen2024-05-16 00:32:07 Times Seen5 Hash d601746853a2e70fb23f439c2d5da27b 102c6d1da701d6e2e68bce0d50de951265637621 b478df7b623ba73ea84fe01a364260484a887ad33b9d99418cb2c6adf2b4cfd3 Loading...

	#9 Write - 99dea78007133396a7b8ed70578ac6ae	5 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 14:39:48 Last Seen2024-05-18 21:36:42 Times Seen109 Hash 99dea78007133396a7b8ed70578ac6ae 4e5a2893bdcc7d239c1db72e4c4ffbe4bea73174 9d6322c1f4d9d3f38aed8bfbe0b2bcadf66ad82c008476fa62541fa069138e94 Loading...

HTTP Transactions (17)

URL IP Response Size

74.65.212.29/

74.65.212.29

200 OK

12 kB

URL User Request GET HTTP/1.1
74.65.212.29/
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
12 kB (12118 bytes)
Hash
d33d6bde93083d3dce2324ad4b9de325
1425ec420f4f94ee1f744a14eda2672fd37737e1
fe06018e0e66052fe675e244e2723d9c0d1d1a2a4bf26f7d4e148a861aef66d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 12118
Date: Wed, 08 May 2024 21:16:52 GMT
Server: lighttpd

74.65.212.29/md5.js

74.65.212.29

200 OK

8.8 kB

URL GET HTTP/1.1
74.65.212.29/md5.js
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
ASCII text, with CRLF line terminators
Size
8.8 kB (8825 bytes)
Hash
2e5d990219ab6b8280eb8330387a8f27
372b93f7c8f9623e93d904fcbff337c0b077ddcc
797675e04f714a8f53a91f2f29c6e6972b9e67dc09845a46ef934d7f4641c883

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /md5.js HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Accept-Ranges: bytes
ETag: "1578996819"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 8825
Date: Wed, 08 May 2024 21:16:52 GMT
Server: lighttpd

74.65.212.29/lang_conf.js?r=6383

74.65.212.29

200 OK

3.5 kB

URL GET HTTP/1.1
74.65.212.29/lang_conf.js?r=6383
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
3.5 kB (3470 bytes)
Hash
a64b28370f3f2a63b5df078f010b0e4b
e36f2606182bb0c3653c0dde058ab982891f10dd
4dd340c86e9afeb10aa4cc61255a475307404cc8162eef2ccc78f9c402dc32d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lang_conf.js?r=6383 HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Accept-Ranges: bytes
ETag: "213554827"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 3470
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/linux.css?r=6383

74.65.212.29

200 OK

7.9 kB

URL GET HTTP/1.1
74.65.212.29/linux.css?r=6383
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators
Size
7.9 kB (7926 bytes)
Hash
356ee4e95fcbab9be9f1a115cec9e2ba
e7ee6507c6ecdbd48a71245b021f79f5177b1da8
0ad7569caa4bb6da4f2f585b49da9927946a24f513fed5c68c25b23e03c40cc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /linux.css?r=6383 HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Accept-Ranges: bytes
ETag: "1180473233"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 7926
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/linux.js?r=6383

74.65.212.29

200 OK

29 kB

URL GET HTTP/1.1
74.65.212.29/linux.js?r=6383
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
Non-ISO extended-ASCII text, with CRLF, NEL line terminators
Size
29 kB (28979 bytes)
Hash
c4b0a44220c22cf6578b8be281c53a62
29cfb7a06d0036b21cde5c943faaf1602f02afb9
219b43f56b0ac31445f55faadda7c15f9abbb143ff8c26a7f5256911dca24822

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /linux.js?r=6383 HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Accept-Ranges: bytes
ETag: "96824392"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 28979
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/login_bg01.png

74.65.212.29

200 OK

1.1 kB

URL GET HTTP/1.1
74.65.212.29/images/login_bg01.png
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
PNG image data, 11 x 15, 8-bit colormap, non-interlaced
Size
1.1 kB (1091 bytes)
Hash
ad99169d7608e012c6acabdb12cc1d9a
3d71a0fbc5527f5b541eadd537c43d940727a7d3
fe87ded3fc54318e6c9f1e531fc6a5572e9dc26903887869cea63f10fb7c5b41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login_bg01.png HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "4052850179"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 1091
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/login_lang.png

74.65.212.29

200 OK

1.3 kB

URL GET HTTP/1.1
74.65.212.29/images/login_lang.png
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1338 bytes)
Hash
220a30eb26bda246dbb017db9e31d059
34f40a0f51bf56bf4a8a39b06953b149862ea81d
27aca3d329631295824743b1d2eced18a62027f85b0207afb3891bba1caae659

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login_lang.png HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1431868933"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 1338
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/login_bg04.png

74.65.212.29

200 OK

1.1 kB

URL GET HTTP/1.1
74.65.212.29/images/login_bg04.png
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
PNG image data, 11 x 15, 8-bit colormap, non-interlaced
Size
1.1 kB (1090 bytes)
Hash
34ae71dcec99e9a7ea2eb31a589dd7dd
be136cee06b6f649a24778ccde16c7011d94626f
f144ede7a8d092ef2f97457c8c934daf24f1a1b5cb9a00ea19f396ec557094f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login_bg04.png HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "3986200067"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 1090
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/login_bg02.png

74.65.212.29

200 OK

1.1 kB

URL GET HTTP/1.1
74.65.212.29/images/login_bg02.png
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
PNG image data, 11 x 15, 8-bit colormap, non-interlaced
Size
1.1 kB (1091 bytes)
Hash
7df8076314884b0e8b4e901ec081743c
076fae39d5799e1f71c4a0a3bb7df8fd8201f736
cbd11391bffac92510981bf5c95691ddbe65d329a797bcdd48cfe2db6b058fa8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login_bg02.png HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "3977876995"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 1091
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/login_bg03.png

74.65.212.29

200 OK

1.1 kB

URL GET HTTP/1.1
74.65.212.29/images/login_bg03.png
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
PNG image data, 11 x 15, 8-bit colormap, non-interlaced
Size
1.1 kB (1091 bytes)
Hash
d217b43f65d33a34862e951bef54fef1
2b54023ed84c0f78a384a800f892c13a42396fec
edb5168a5245eba5f23e78960b7dfd381efaa2503786157e9367beeea6f564b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login_bg03.png HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "4028274179"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 1091
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/space.gif

74.65.212.29

200 OK

45 B

URL GET HTTP/1.1
74.65.212.29/images/space.gif
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
GIF image data, version 89a, 5 x 5
Size
45 B (45 bytes)
Hash
2ae3c8f1f6f6ae7d3bb5dacac38a2243
37fee1af4fb584061dd745aff6e61af0b0bd3238
4c17b5fc0b8aec443c6ff4a4bf28bad201f59a99f571bd63a3618d67a6fa3b89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/space.gif HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "3910881017"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 45
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/login_passwd.png

74.65.212.29

200 OK

1.1 kB

URL GET HTTP/1.1
74.65.212.29/images/login_passwd.png
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
PNG image data, 18 x 20, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1105 bytes)
Hash
1ace4306385ffd1eb7629540bf26e6a1
26d746e38c24691d9bfa5cf5862d1c6464ebf454
dfe545596a3db17b28e58bf3e7d99834d1e0fca0b12b852f2a45bdd50f336448

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login_passwd.png HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2136839681"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 1105
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/lang2_en.js?r=GetRandomn

74.65.212.29

200 OK

28 kB

URL GET HTTP/1.1
74.65.212.29/lang2_en.js?r=GetRandomn
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
HTML document, ASCII text, with very long lines (480), with CRLF line terminators
Size
28 kB (28433 bytes)
Hash
fe32eebf18af6948dcafc22607b21dc3
c9fe7829b3cb9a675cc6051b7a5c904a08fd3ddf
1a9a50e4c90b4f9305439306478ac71b90ac5196476983fd9159d67630f78d99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lang2_en.js?r=GetRandomn HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Accept-Ranges: bytes
ETag: "1141206098"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 28433
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/STANDARD-logo.png

74.65.212.29

200 OK

1.0 kB

URL GET HTTP/1.1
74.65.212.29/images/STANDARD-logo.png
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
PNG image data, 167 x 131, 4-bit colormap, non-interlaced
Size
1.0 kB (1036 bytes)
Hash
36e668975161f622b1f64220a37ee585
0c811e25b3400a905050691a6506af66f170d227
98aea1f992ddfe7b95f11fb89387900ae46050f864d8314ffef2cea7660d3988

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/STANDARD-logo.png HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1388156419"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 1036
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/JETSTREAM-logo.gif

74.65.212.29

200 OK

2.1 kB

URL GET HTTP/1.1
74.65.212.29/images/JETSTREAM-logo.gif
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
PNG image data, 218 x 44, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2134 bytes)
Hash
d8a24c673b94c42a00021cb06afc4cc1
214e22e646c1e5b730a7d97d5928404fecf991d7
47f88a175990a946418420ac1451e80b15e41db6fb33ad3140d89294c1521776

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/JETSTREAM-logo.gif HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "1409193665"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 2134
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/images/shouye_1_02_02.jpg

74.65.212.29

200 OK

17 kB

URL GET HTTP/1.1
74.65.212.29/images/shouye_1_02_02.jpg
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x1033, components 3
Size
17 kB (16827 bytes)
Hash
d7499fb20c8b60d207effe89017147b5
77586f51a8919fbafc601088bfcf6f9821bced50
52fbc19dbe4c1d5eee7b8855425347b9cf9762a4c40b402f37fd136f36ad32e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/shouye_1_02_02.jpg HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "1258649545"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 16827
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

74.65.212.29/favicon.ico

74.65.212.29

200 OK

1.2 kB

URL GET HTTP/1.1
74.65.212.29/favicon.ico
IP
74.65.212.29:80
ASN
#12271 TWC-12271-NYC

Requested by
http://74.65.212.29/

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
fa55edbee865f534f67745674b3fabea
806d4976b8227736e7dfbd9475547dee4e74a46c
4d844a31cac428fa97126cfd381cac6a5482474b71bf70b3d59ccc768d5f5b84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 74.65.212.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.65.212.29/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
ETag: "748262913"
Last-Modified: Thu, 09 Aug 2018 09:27:24 GMT
Content-Length: 1150
Date: Wed, 08 May 2024 21:16:53 GMT
Server: lighttpd

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML