Report - 74.132.231.199/

Report Overview

Submitted URL
74.132.231.199/
IP
74.132.231.199
ASN
#10796 TWC-10796-MIDWEST
Submitted
2024-04-26 22:06:11
Access
public
Website Title
Ruckus Wireless Admin
Final URL
74.132.231.199/login.asp
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
74.132.231.199	unknown	unknown	No data	No data	2.6 kB	152 kB	74.132.231.199

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	74.132.231.199	Sinkholed
2024-04-26	medium	74.132.231.199	Sinkholed
2024-04-26	medium	74.132.231.199	Sinkholed
2024-04-26	medium	74.132.231.199	Sinkholed
2024-04-26	medium	74.132.231.199	Sinkholed
2024-04-26	medium	74.132.231.199	Sinkholed
2024-04-26	medium	74.132.231.199	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	74.132.231.199/login.asp	0 B	2023-03-07	2024-05-07
Pretty URL 74.132.231.199/login.asp IP 74.132.231.199 ASN #10796 TWC-10796-MIDWEST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 12:08:30 Times Seen37401198 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	74.132.231.199/js/prototype.js	140 kB	2023-03-07	2024-05-01
Pretty URL 74.132.231.199/js/prototype.js IP 74.132.231.199 ASN #10796 TWC-10796-MIDWEST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:47 Last Seen2024-05-01 00:57:13 Times Seen145 Hash 965fe52b851d8ff3c2b915ada9fb273f c147a1a86a2c33e60f160b8861501f43f4638c8d e6e2a78094b7589346c1a8a15f9155ab0300e52d1b97aabb0752d3fa2c3bcb38 Loading...

HTTP Transactions (7)

URL IP Response Size

74.132.231.199/images/goahead.gif

74.132.231.199

200 OK

847 B

URL GET HTTP/1.0
74.132.231.199/images/goahead.gif
IP
74.132.231.199:80
ASN
#10796 TWC-10796-MIDWEST

Requested by
http://74.132.231.199/login.asp

File type
GIF image data, version 89a, 155 x 31
Size
847 B (847 bytes)
Hash
9f3e769011e9a95f67eadeaeee60493e
271885292740c99582e007db428a21b228ee83d6
5d4d1508d7847ca287aac997cde482e86c70c1c69a0e5813372af8fa7ac52c57

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/goahead.gif HTTP/1.1
Host: 74.132.231.199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.132.231.199/login.asp
Cookie: sid=0
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 200 OK
Date: Fri Apr 26 22:05:49 2024
Server: GoAhead-Webs
Last-modified: Mon Aug 28 19:26:57 2017
Content-length: 847
Content-type: image/gif

74.132.231.199/images/login.gif

74.132.231.199

200 OK

1.8 kB

URL GET HTTP/1.0
74.132.231.199/images/login.gif
IP
74.132.231.199:80
ASN
#10796 TWC-10796-MIDWEST

Requested by
http://74.132.231.199/login.asp

File type
GIF image data, version 89a, 207 x 34
Size
1.8 kB (1806 bytes)
Hash
58768e0c6bc35756d49aed86011e4b8a
742464bdd8fb25d20ee3185fa630ed98536c53e5
2813d09bb364d078eec896418ebd901207fd95af61ca86379e660eaf04b3a365

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login.gif HTTP/1.1
Host: 74.132.231.199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.132.231.199/login.asp
Cookie: sid=0
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 200 OK
Date: Fri Apr 26 22:05:49 2024
Server: GoAhead-Webs
Last-modified: Mon Aug 28 19:26:57 2017
Content-length: 1806
Content-type: image/gif

74.132.231.199/login.asp

74.132.231.199

200 OK

3.9 kB

URL User Request GET HTTP/1.0
74.132.231.199/login.asp
IP
74.132.231.199:80
ASN
#10796 TWC-10796-MIDWEST

File type
data
Size
3.9 kB (3935 bytes)
Hash
022726962c7a52db9cafdd149e737318
72e34d472d547236fafff6ae8c8fd20747143b3d
01fdc19aded0b5364ca4f8a96de340504766074dd1f7edf7aed57f6ac70971c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login.asp HTTP/1.1
Host: 74.132.231.199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: sid=0
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 200 OK
Date: Fri Apr 26 22:05:49 2024
Server: GoAhead-Webs
Pragma: no-cache
Cache-Control: no-cache
Content-type: text/html

74.132.231.199/js/prototype.js

74.132.231.199

200 OK

140 kB

URL GET HTTP/1.0
74.132.231.199/js/prototype.js
IP
74.132.231.199:80
ASN
#10796 TWC-10796-MIDWEST

Requested by
http://74.132.231.199/login.asp

File type
JavaScript source, ASCII text
Size
140 kB (139854 bytes)
Hash
965fe52b851d8ff3c2b915ada9fb273f
c147a1a86a2c33e60f160b8861501f43f4638c8d
e6e2a78094b7589346c1a8a15f9155ab0300e52d1b97aabb0752d3fa2c3bcb38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/prototype.js HTTP/1.1
Host: 74.132.231.199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.132.231.199/login.asp
Cookie: sid=0
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 200 OK
Date: Fri Apr 26 22:05:49 2024
Server: GoAhead-Webs
Last-modified: Mon Aug 28 19:26:57 2017
Content-length: 139854
Content-type: application/x-javascript

74.132.231.199/favicon.ico

74.132.231.199

200 OK

2.9 kB

URL GET HTTP/1.0
74.132.231.199/favicon.ico
IP
74.132.231.199:80
ASN
#10796 TWC-10796-MIDWEST

Requested by
http://74.132.231.199/login.asp

File type
MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel
Size
2.9 kB (2862 bytes)
Hash
ed8cf53ef6836184587ee3a987be074a
776988f69410827212397cc73fc475f285d699d1
44648ca99e1d18589d4b72b19156bf61117c09e311b9f26fa771d9acf5cf463f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 74.132.231.199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.132.231.199/login.asp
Cookie: sid=0
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 200 OK
Date: Fri Apr 26 22:05:50 2024
Server: GoAhead-Webs
Last-modified: Mon Aug 28 19:26:57 2017
Content-length: 2862
Content-type: text/plain

74.132.231.199/images/logo_login.gif

74.132.231.199

200 OK

1.8 kB

URL GET HTTP/1.0
74.132.231.199/images/logo_login.gif
IP
74.132.231.199:80
ASN
#10796 TWC-10796-MIDWEST

Requested by
http://74.132.231.199/login.asp

File type
GIF image data, version 89a, 173 x 52
Size
1.8 kB (1779 bytes)
Hash
5ba0bb42c0400280b45fb43500a6f0f5
ac037040ddfb15199ee2e4972699fba0eac3fa79
db3f7f8801cd002257b6a0a29c89f01c14f9eadb8ecb9b612b8750bb4ad10cc0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo_login.gif HTTP/1.1
Host: 74.132.231.199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://74.132.231.199/login.asp
Cookie: sid=0
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 200 OK
Date: Fri Apr 26 22:05:49 2024
Server: GoAhead-Webs
Last-modified: Mon Aug 28 19:26:57 2017
Content-length: 1779
Content-type: image/gif

74.132.231.199/

74.132.231.199

302 Redirect

0 B

URL User Request GET HTTP/1.0
74.132.231.199/
IP
74.132.231.199:80
ASN
#10796 TWC-10796-MIDWEST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 74.132.231.199
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 302 Redirect
Server: GoAhead-Webs
Date: Fri Apr 26 22:05:47 2024
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Set-Cookie: sid=0; path=/; HttpOnly;
Location: http://74.132.231.199/login.asp

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL GET HTTP/1.0

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.0

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.0

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.0

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.0

IP

ASN

Requested by