| 106.105.83.16/ | 106.105.83.16 | | 5.2 kB |
IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash40b095d890e281ae98d3ba61d4977023 e7738a4bc0af6bad94faffd2004c276451b96c1a 4b88f17096f8c7518b326a38a56bd6955a5f272f00081b7c60d44e2b4cdb88df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Location: https://106.105.83.16:443/
Connection: close
|
|
| mitmdetection.services.mozilla.com/ | 54.230.111.70 | | 0 B |
URL mitmdetection.services.mozilla.com/ IP54.230.111.70:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: mitmdetection.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: application/xml
date: Tue, 07 May 2024 21:29:05 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x8xUNbsRe5sFIYWkp77ldg_ffxrN3tL7hzoEsoLpsWU1N1GCI5gLQA==
X-Firefox-Spdy: h2
|
|
| 106.105.83.16/ | 106.105.83.16 | | 272 B |
IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
File typeXML 1.0 document, ASCII text Hashbf09f1ff72ee7a91714816f78a2fd976 dc5404c9571e34c3f637a4ca3082212d4fd4d89a a0e089d1aca81cbe85313ac63b02086d5067eb0424bfa57c56b037314ccbd18a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "30b-110-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:05 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: no-cache
Expires: 0
Content-Type: text/html
Content-Length: 272
|
|
| 106.105.83.16/webpages/index.html | 106.105.83.16 | | 3.3 kB |
URL 106.105.83.16/webpages/index.html IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
File typeHTML document, ASCII text Hash513fc64077750ba6e9c5b0c1da3befec 216d4a19ea0f6521849d9c30e68cb70276f38302 3280522cea1f4e66881cf4e0badc99d7b6d11d1b6944c98d447df0b3ddf9009c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/index.html HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "367-cb2-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:06 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: no-cache
Expires: 0
Content-Type: text/html
Content-Length: 3250
|
|
| 106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 93 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeJavaScript source, ASCII text, with very long lines (32099) Hash00ff34b67a328f219fa3ae2423d4f252 19715ffee604b54e95a0e9db76f6de2b5125c29e dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/jquery.min.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "473-16b62-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:07 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 93026
|
|
| 106.105.83.16/webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630 | 106.105.83.16 | 200 OK | 1.7 kB |
URL GET HTTP/1.1106.105.83.16/webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (1712), with no line terminators Hash2266db0e4804abc5551b10758d96d9ab 00aa0d250bcc5bb3962b8b597107c0eb14a80208 48b73d75d4d603b31f1c5e538603615adaf8143019776a7ec00248026bb62946
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "35e-6b0-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:07 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/css
Content-Length: 1712
|
|
| 106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 1.5 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (1511), with no line terminators Hash4f993937854b67c2c8ce9819786133af 32b493527dc9a3af145de5420371d5559fc7a919 e6a53e5de818d2bc3c496d023e80f6a03ba9cff3324bbd07f4a11e1aa9bade62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/base64.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "474-5e7-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:08 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 1511
|
|
| 106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 3.1 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeJavaScript source, ASCII text, with very long lines (3124), with no line terminators Hash7c7d50597056d7447cbd2e9d674a4923 58a7c5b7a8529cfb4a940f267523711c6c31bf72 f39c5f2fab5da8317e550348f76739099c372f9c38cbc914bd21209b67dc5d0e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "475-c34-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:08 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 3124
|
|
| 106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 4.4 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (4448), with no line terminators Hashd00eae87038ac4282e14bfcdb0ef0b57 c69e3d6e47eef916b0c9f4c81d8eb11b4614942e 2972016a868ddd898f77ad9eb30e1df4e6dcdc1db3f48483ff75e52a8b75b3fd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/tpEncrypt.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "478-1160-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 4448
|
|
| 106.105.83.16/webpages/js/su/char.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 3.8 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/su/char.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (3828), with no line terminators Hash492a8b26dc4ceee50242d80e4949efff cb78326c06ccc0ab873e0365d90b3a93abd7ff66 5249880594a0525556b122a6e1eed9a986040d8a901b8763d372d13c28c7d2a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/su/char.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "46f-ef4-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 3828
|
|
| 106.105.83.16/webpages/js/su/language.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 1.8 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/su/language.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeHTML document, ASCII text, with very long lines (1827), with no line terminators Hash09cc2c95d86f6c689ed557c675d27ea5 2929f18f65cbaaddc21f62a185a55675ba8d1806 7ae8ab0dfd8de0a16214c37009269ac0dc617b602276595156d2960fc4c182af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/su/language.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "46c-723-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 1827
|
|
| 106.105.83.16/webpages/js/app/url.js?t=9cfe5630 | 106.105.83.16 | | 323 B |
URL GET 106.105.83.16/webpages/js/app/url.js?t=9cfe5630 IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630
File typeASCII text, with very long lines (323), with no line terminators Hash6e7925ced5dc121458d9a719972e5ea9 6de4445680d6cb123fef1bc9add4f5de78c48d3a 30c12d0f3035f7a9d42cfc43f7adb6e0ecd7754906965a8181bfc19c1fa45187
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/app/url.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "47b-143-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 323
|
|
| 106.105.83.16/webpages/js/su/frame.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 645 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/su/frame.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeUnicode text, UTF-8 text, with very long lines (65516), with no line terminators Size645 kB (645172 bytes) Hash71d0a0253608892f25cbdb57235d9955 0797a6dd125fc839e3aef79fd055b9b39a54501d 6f4b0b7db77d225b4b2c6d8d2c25de19e351a43eadfb460e006fe63526456db3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/su/frame.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "46d-9d834-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 645172
|
|
| 106.105.83.16/webpages/themes/default/img/replace/favicon.ico?t=9cfe5630 | 106.105.83.16 | | 25 B |
URL 106.105.83.16/webpages/themes/default/img/replace/favicon.ico?t=9cfe5630 IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
File typeASCII text, with no line terminators Hash95a48edf930f191149f6cc6d5aabd5d3 8a6cb568f806ffae868a77b519003a5df95ec0c3 d2c116f5a4270ada0a8d7c9a6e0aca4131c1d5e7be7182235df9cef727185092
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/themes/default/img/replace/favicon.ico?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Connection: close
Content-Type: text/plain
Transfer-Encoding: chunked
|
|
| 106.105.83.16/webpages/locale/zh_TW/lan.js?_=1715117350379 | 106.105.83.16 | | 141 kB |
URL 106.105.83.16/webpages/locale/zh_TW/lan.js?_=1715117350379 IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
File typeUnicode text, UTF-8 text, with very long lines (43064), with no line terminators Size141 kB (141096 bytes) Hash085e6ebcce69488aad66d940b74af3a7 6cc489884c31ad4c457d975774050bfaca24474d 4fde0a753077d628a7e5ae86ab78d302b75117310ed7cdda4006c53e55b88e5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/locale/zh_TW/lan.js?_=1715117350379 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "49e-22728-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:13 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 141096
|
|
| 106.105.83.16/webpages/locale/zh_TW/lan.css?t=9cfe5630 | 106.105.83.16 | | 80 B |
URL 106.105.83.16/webpages/locale/zh_TW/lan.css?t=9cfe5630 IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
File typeASCII text, with CRLF line terminators Hash04572628f17c720bebb61879cfd191c3 4c0a53683dc35fbaaa3b8c3fcaf8264d38e821c2 fe294abdfacaea0531a13cdba0278c15064c28a8236c7f40bc718dfedef1e3e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/locale/zh_TW/lan.css?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "49c-50-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:15 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/css
Content-Length: 80
|
|
| 106.105.83.16/cgi-bin/luci/;stok=/locale?form=lang&operation=read | 106.105.83.16 | 200 OK | 136 B |
URL GET HTTP/1.1106.105.83.16/cgi-bin/luci/;stok=/locale?form=lang&operation=read IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
Hashc4d8597b6e7e44549ea4db3cc5639b6f 0e0d1312a7c4066fae397f1691e1fc26dd97e690 728ef40a95dc604c07d8aae0b667bdf1617c7d878ef8db7e6361c9a2a8ef1ba3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi-bin/luci/;stok=/locale?form=lang&operation=read HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
Content-Type: application/json
Cache-Control: no-cache
Expires: 0
|
|
| 106.105.83.16/webpages/locale/language.js?_=1715117350381 | 106.105.83.16 | | 2.8 kB |
URL 106.105.83.16/webpages/locale/language.js?_=1715117350381 IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
File typeUnicode text, UTF-8 text, with very long lines (2725), with no line terminators Hash4058a0d31cf5bcb37009d68a7485e201 a2a9cd3faeaef2f5ea8493c32dd5994f5adb3073 16a9d8da4d41b9fa60fb3691abfb39d7b029153893ed9b4b649121181a065636
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/locale/language.js?_=1715117350381 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "48f-af8-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:15 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 2808
|
|
| 106.105.83.16/webpages/index.html?t=9cfe5630 | 106.105.83.16 | 200 OK | 3.3 kB |
URL User Request GET HTTP/1.1106.105.83.16/webpages/index.html?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeHTML document, ASCII text Hash513fc64077750ba6e9c5b0c1da3befec 216d4a19ea0f6521849d9c30e68cb70276f38302 3280522cea1f4e66881cf4e0badc99d7b6d11d1b6944c98d447df0b3ddf9009c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/index.html?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "367-cb2-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:16 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: no-cache
Expires: 0
Content-Type: text/html
Content-Length: 3250
|
|
| 106.105.83.16/webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630 | 106.105.83.16 | 200 OK | 1.7 kB |
URL GET HTTP/1.1106.105.83.16/webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (1712), with no line terminators Hash2266db0e4804abc5551b10758d96d9ab 00aa0d250bcc5bb3962b8b597107c0eb14a80208 48b73d75d4d603b31f1c5e538603615adaf8143019776a7ec00248026bb62946
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "35e-6b0-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:16 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/css
Content-Length: 1712
|
|
| 106.105.83.16/webpages/js/libs/encrypt.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 19 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/encrypt.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (18681), with no line terminators Hash725ad30a9b43310ed26f3993ce020b45 3e8015359679df906e9c5cbf6f80b338a8564193 14638370ba54a7005d12d5ff62c3cfb4914b7e910c85f1ad646698185f252341
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/encrypt.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "472-48f9-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:18 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 18681
|
|
| 106.105.83.16/webpages/themes/default/css/base.css?t=9cfe5630 | 106.105.83.16 | 200 OK | 398 kB |
URL GET HTTP/1.1106.105.83.16/webpages/themes/default/css/base.css?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size398 kB (397522 bytes) Hash195b2fbbd80bd0520339874bad5783d8 a7e6d106fc6cb804b4e28127098304eec7ab5238 793028fb711fd91e6ffb905ef1254f749c4172627249762e8e8b96044bcadb41
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/themes/default/css/base.css?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "363-3e0d2-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:07 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/css
Content-Length: 254162
|
|
| 106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 4.4 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (4448), with no line terminators Hashd00eae87038ac4282e14bfcdb0ef0b57 c69e3d6e47eef916b0c9f4c81d8eb11b4614942e 2972016a868ddd898f77ad9eb30e1df4e6dcdc1db3f48483ff75e52a8b75b3fd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/tpEncrypt.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "478-1160-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:18 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 4448
|
|
| 106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 93 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeJavaScript source, ASCII text, with very long lines (32099) Hash00ff34b67a328f219fa3ae2423d4f252 19715ffee604b54e95a0e9db76f6de2b5125c29e dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/jquery.min.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "473-16b62-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:18 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 93026
|
|
| 106.105.83.16/webpages/js/libs/cryptoJS.min.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 37 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/cryptoJS.min.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeJavaScript source, ASCII text, with very long lines (37061), with no line terminators Hash242f7a6460d88d62952bc73f3fdee691 679c50b118801a48f13ab4a0e06c00370d48d719 fe07d716cf3b06012d630b58916b1863d3d2359805d1a2309c8bd199a10a4eb8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/cryptoJS.min.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "47a-90c5-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:18 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 37061
|
|
| 106.105.83.16/webpages/js/su/char.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 3.8 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/su/char.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (3828), with no line terminators Hash492a8b26dc4ceee50242d80e4949efff cb78326c06ccc0ab873e0365d90b3a93abd7ff66 5249880594a0525556b122a6e1eed9a986040d8a901b8763d372d13c28c7d2a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/su/char.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "46f-ef4-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:19 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 3828
|
|
| 106.105.83.16/webpages/js/su/language.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 1.8 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/su/language.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeHTML document, ASCII text, with very long lines (1827), with no line terminators Hash09cc2c95d86f6c689ed557c675d27ea5 2929f18f65cbaaddc21f62a185a55675ba8d1806 7ae8ab0dfd8de0a16214c37009269ac0dc617b602276595156d2960fc4c182af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/su/language.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "46c-723-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:19 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 1827
|
|
| 106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 3.1 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeJavaScript source, ASCII text, with very long lines (3124), with no line terminators Hash7c7d50597056d7447cbd2e9d674a4923 58a7c5b7a8529cfb4a940f267523711c6c31bf72 f39c5f2fab5da8317e550348f76739099c372f9c38cbc914bd21209b67dc5d0e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "475-c34-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:19 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 3124
|
|
| 106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 1.5 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeASCII text, with very long lines (1511), with no line terminators Hash4f993937854b67c2c8ce9819786133af 32b493527dc9a3af145de5420371d5559fc7a919 e6a53e5de818d2bc3c496d023e80f6a03ba9cff3324bbd07f4a11e1aa9bade62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/libs/base64.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "474-5e7-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:20 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 1511
|
|
| 106.105.83.16/webpages/js/app/url.js?t=9cfe5630 | 106.105.83.16 | | 323 B |
URL GET 106.105.83.16/webpages/js/app/url.js?t=9cfe5630 IP106.105.83.16:0 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630
File typeASCII text, with very long lines (323), with no line terminators Hash6e7925ced5dc121458d9a719972e5ea9 6de4445680d6cb123fef1bc9add4f5de78c48d3a 30c12d0f3035f7a9d42cfc43f7adb6e0ecd7754906965a8181bfc19c1fa45187
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/app/url.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "47b-143-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:21 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 323
|
|
| 106.105.83.16/webpages/js/su/frame.js?t=9cfe5630 | 106.105.83.16 | 200 OK | 645 kB |
URL GET HTTP/1.1106.105.83.16/webpages/js/su/frame.js?t=9cfe5630 IP106.105.83.16:443 ASN#18049 Taiwan Infrastructure Network Technologie
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630 CertificateIssuer Subjecttplinkwifi.net FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75 ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT
File typeUnicode text, UTF-8 text, with very long lines (65516), with no line terminators Size645 kB (645172 bytes) Hash71d0a0253608892f25cbdb57235d9955 0797a6dd125fc839e3aef79fd055b9b39a54501d 6f4b0b7db77d225b4b2c6d8d2c25de19e351a43eadfb460e006fe63526456db3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/js/su/frame.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
ETag: "46d-9d834-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:19 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 645172
|
|
| 106.105.83.16/webpages/locale/zh_TW/lan.js?_=1715117360720 | 0.0.0.0 | | 0 B |
URL GET 106.105.83.16/webpages/locale/zh_TW/lan.js?_=1715117360720 IP0.0.0.0:0
Requested byhttps://106.105.83.16/webpages/index.html?t=9cfe5630
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /webpages/locale/zh_TW/lan.js?_=1715117360720 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|