Report - 106.105.83.16/

Report Overview

Submitted URL
106.105.83.16/
IP
106.105.83.16
ASN
#18049 Taiwan Infrastructure Network Technologie
Submitted
2024-05-07 21:29:27
Access
public
Website Title
Opening...
Final URL
106.105.83.16/webpages/index.html?t=9cfe5630
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
106.105.83.16	unknown	unknown	2020-10-23	2021-01-01	15 kB	2.1 MB	106.105.83.16
mitmdetection.services.mozilla.com	67826	1994-10-18	2019-07-22	2024-05-06	366 B	326 B	54.230.111.70

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed
2024-05-07	medium	106.105.83.16	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630	1.5 kB	2023-10-31	2024-05-28
Pretty URL 106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 22:18:50 Last Seen2024-05-28 00:10:29 Times Seen183 Hash 4f993937854b67c2c8ce9819786133af 32b493527dc9a3af145de5420371d5559fc7a919 e6a53e5de818d2bc3c496d023e80f6a03ba9cff3324bbd07f4a11e1aa9bade62 Loading...

	106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630	3.1 kB	2023-10-31	2024-05-28
Pretty URL 106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 22:18:50 Last Seen2024-05-28 00:10:29 Times Seen185 Hash 7c7d50597056d7447cbd2e9d674a4923 58a7c5b7a8529cfb4a940f267523711c6c31bf72 f39c5f2fab5da8317e550348f76739099c372f9c38cbc914bd21209b67dc5d0e Loading...

	106.105.83.16/webpages/js/su/char.js?t=9cfe5630	3.8 kB	2023-03-14	2024-05-28
Pretty URL 106.105.83.16/webpages/js/su/char.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:54:29 Last Seen2024-05-28 00:10:29 Times Seen150 Hash 492a8b26dc4ceee50242d80e4949efff cb78326c06ccc0ab873e0365d90b3a93abd7ff66 5249880594a0525556b122a6e1eed9a986040d8a901b8763d372d13c28c7d2a5 Loading...

	106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630	93 kB	2023-03-07	2024-05-28
Pretty URL 106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:50:44 Last Seen2024-05-28 00:34:19 Times Seen371 Hash 00ff34b67a328f219fa3ae2423d4f252 19715ffee604b54e95a0e9db76f6de2b5125c29e dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1 Loading...

	106.105.83.16/webpages/js/libs/encrypt.js?t=9cfe5630	19 kB	2023-12-06	2024-05-28
Pretty URL 106.105.83.16/webpages/js/libs/encrypt.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 04:16:42 Last Seen2024-05-28 00:10:29 Times Seen69 Hash 725ad30a9b43310ed26f3993ce020b45 3e8015359679df906e9c5cbf6f80b338a8564193 14638370ba54a7005d12d5ff62c3cfb4914b7e910c85f1ad646698185f252341 Loading...

	106.105.83.16/webpages/js/app/url.js?t=9cfe5630	323 B	2023-11-08	2024-05-28
Pretty URL 106.105.83.16/webpages/js/app/url.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 02:33:12 Last Seen2024-05-28 00:10:29 Times Seen125 Hash 6e7925ced5dc121458d9a719972e5ea9 6de4445680d6cb123fef1bc9add4f5de78c48d3a 30c12d0f3035f7a9d42cfc43f7adb6e0ecd7754906965a8181bfc19c1fa45187 Loading...

	106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630	4.4 kB	2023-12-17	2024-05-27
Pretty URL 106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-17 18:03:40 Last Seen2024-05-27 12:11:23 Times Seen28 Hash d00eae87038ac4282e14bfcdb0ef0b57 c69e3d6e47eef916b0c9f4c81d8eb11b4614942e 2972016a868ddd898f77ad9eb30e1df4e6dcdc1db3f48483ff75e52a8b75b3fd Loading...

	106.105.83.16/webpages/index.html?t=9cfe5630	0 B	2023-03-07	2024-05-29
Pretty URL 106.105.83.16/webpages/index.html?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-29 00:33:41 Times Seen38431971 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	106.105.83.16/webpages/js/libs/cryptoJS.min.js?t=9cfe5630	37 kB	2023-03-08	2024-05-28
Pretty URL 106.105.83.16/webpages/js/libs/cryptoJS.min.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:31:18 Last Seen2024-05-28 00:34:19 Times Seen296 Hash 242f7a6460d88d62952bc73f3fdee691 679c50b118801a48f13ab4a0e06c00370d48d719 fe07d716cf3b06012d630b58916b1863d3d2359805d1a2309c8bd199a10a4eb8 Loading...

	106.105.83.16/webpages/js/su/language.js?t=9cfe5630	1.8 kB	2024-05-03	2024-05-12
Pretty URL 106.105.83.16/webpages/js/su/language.js?t=9cfe5630 IP 106.105.83.16 ASN #18049 Taiwan Infrastructure Network Technologie Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 10:11:24 Last Seen2024-05-12 01:58:51 Times Seen14 Hash 09cc2c95d86f6c689ed557c675d27ea5 2929f18f65cbaaddc21f62a185a55675ba8d1806 7ae8ab0dfd8de0a16214c37009269ac0dc617b602276595156d2960fc4c182af Loading...

		Size	First Seen	Last Seen
	#1 Eval - fa1fc2a23d6d372f4db730e4fac97ddd	2.8 kB	2024-05-07	2024-05-10
Pretty Observations First Seen2024-05-07 23:29:34 Last Seen2024-05-10 23:25:05 Times Seen4 Hash fa1fc2a23d6d372f4db730e4fac97ddd a0cb7381fdb85f9d7128e27a2d905a74d8bd6582 f557c83fe2c4f7fb1629071aa73943739a6b5c4ee87fe87237689e260c0675b9 Loading...

	#2 Eval - fab9c90114dcfd38e2d37bd76f6633b3	1.4 kB	2024-05-01	2024-05-09
Pretty Observations First Seen2024-05-01 12:24:37 Last Seen2024-05-09 00:52:45 Times Seen4 Hash fab9c90114dcfd38e2d37bd76f6633b3 4e57892fb127531525384cc6a507156e518e6d65 f93de61f0d10b9937a55b4a0de579327c75f397b826c6e0a0c8a1e980ea2dab6 Loading...

HTTP Transactions (32)

URL IP Response Size

106.105.83.16/

106.105.83.16

5.2 kB

URL
106.105.83.16/
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
5.2 kB (5195 bytes)
Hash
40b095d890e281ae98d3ba61d4977023
e7738a4bc0af6bad94faffd2004c276451b96c1a
4b88f17096f8c7518b326a38a56bd6955a5f272f00081b7c60d44e2b4cdb88df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Location: https://106.105.83.16:443/
Connection: close

mitmdetection.services.mozilla.com/

54.230.111.70

0 B

URL
mitmdetection.services.mozilla.com/
IP
54.230.111.70:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: mitmdetection.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: application/xml
date: Tue, 07 May 2024 21:29:05 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x8xUNbsRe5sFIYWkp77ldg_ffxrN3tL7hzoEsoLpsWU1N1GCI5gLQA==
X-Firefox-Spdy: h2

106.105.83.16/

106.105.83.16

272 B

URL
106.105.83.16/
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

File type
XML 1.0 document, ASCII text
Size
272 B (272 bytes)
Hash
bf09f1ff72ee7a91714816f78a2fd976
dc5404c9571e34c3f637a4ca3082212d4fd4d89a
a0e089d1aca81cbe85313ac63b02086d5067eb0424bfa57c56b037314ccbd18a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "30b-110-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:05 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: no-cache
Expires: 0
Content-Type: text/html
Content-Length: 272

106.105.83.16/webpages/index.html

106.105.83.16

3.3 kB

URL
106.105.83.16/webpages/index.html
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

File type
HTML document, ASCII text
Size
3.3 kB (3250 bytes)
Hash
513fc64077750ba6e9c5b0c1da3befec
216d4a19ea0f6521849d9c30e68cb70276f38302
3280522cea1f4e66881cf4e0badc99d7b6d11d1b6944c98d447df0b3ddf9009c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/index.html HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "367-cb2-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:06 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: no-cache
Expires: 0
Content-Type: text/html
Content-Length: 3250

106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630

106.105.83.16

200 OK

93 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
JavaScript source, ASCII text, with very long lines (32099)
Size
93 kB (93026 bytes)
Hash
00ff34b67a328f219fa3ae2423d4f252
19715ffee604b54e95a0e9db76f6de2b5125c29e
dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/jquery.min.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "473-16b62-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:07 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 93026

106.105.83.16/webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630

106.105.83.16

200 OK

1.7 kB

URL GET HTTP/1.1
106.105.83.16/webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (1712), with no line terminators
Size
1.7 kB (1712 bytes)
Hash
2266db0e4804abc5551b10758d96d9ab
00aa0d250bcc5bb3962b8b597107c0eb14a80208
48b73d75d4d603b31f1c5e538603615adaf8143019776a7ec00248026bb62946

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "35e-6b0-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:07 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/css
Content-Length: 1712

106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630

106.105.83.16

200 OK

1.5 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (1511), with no line terminators
Size
1.5 kB (1511 bytes)
Hash
4f993937854b67c2c8ce9819786133af
32b493527dc9a3af145de5420371d5559fc7a919
e6a53e5de818d2bc3c496d023e80f6a03ba9cff3324bbd07f4a11e1aa9bade62

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/base64.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "474-5e7-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:08 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 1511

106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630

106.105.83.16

200 OK

3.1 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
JavaScript source, ASCII text, with very long lines (3124), with no line terminators
Size
3.1 kB (3124 bytes)
Hash
7c7d50597056d7447cbd2e9d674a4923
58a7c5b7a8529cfb4a940f267523711c6c31bf72
f39c5f2fab5da8317e550348f76739099c372f9c38cbc914bd21209b67dc5d0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "475-c34-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:08 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 3124

106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630

106.105.83.16

200 OK

4.4 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (4448), with no line terminators
Size
4.4 kB (4448 bytes)
Hash
d00eae87038ac4282e14bfcdb0ef0b57
c69e3d6e47eef916b0c9f4c81d8eb11b4614942e
2972016a868ddd898f77ad9eb30e1df4e6dcdc1db3f48483ff75e52a8b75b3fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/tpEncrypt.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "478-1160-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 4448

106.105.83.16/webpages/js/su/char.js?t=9cfe5630

106.105.83.16

200 OK

3.8 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/su/char.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (3828), with no line terminators
Size
3.8 kB (3828 bytes)
Hash
492a8b26dc4ceee50242d80e4949efff
cb78326c06ccc0ab873e0365d90b3a93abd7ff66
5249880594a0525556b122a6e1eed9a986040d8a901b8763d372d13c28c7d2a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/su/char.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "46f-ef4-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 3828

106.105.83.16/webpages/js/su/language.js?t=9cfe5630

106.105.83.16

200 OK

1.8 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/su/language.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
HTML document, ASCII text, with very long lines (1827), with no line terminators
Size
1.8 kB (1827 bytes)
Hash
09cc2c95d86f6c689ed557c675d27ea5
2929f18f65cbaaddc21f62a185a55675ba8d1806
7ae8ab0dfd8de0a16214c37009269ac0dc617b602276595156d2960fc4c182af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/su/language.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "46c-723-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 1827

106.105.83.16/webpages/js/app/url.js?t=9cfe5630

106.105.83.16

323 B

URL GET
106.105.83.16/webpages/js/app/url.js?t=9cfe5630
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630

File type
ASCII text, with very long lines (323), with no line terminators
Size
323 B (323 bytes)
Hash
6e7925ced5dc121458d9a719972e5ea9
6de4445680d6cb123fef1bc9add4f5de78c48d3a
30c12d0f3035f7a9d42cfc43f7adb6e0ecd7754906965a8181bfc19c1fa45187

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/app/url.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "47b-143-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 323

106.105.83.16/webpages/js/su/frame.js?t=9cfe5630

106.105.83.16

200 OK

645 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/su/frame.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Size
645 kB (645172 bytes)
Hash
71d0a0253608892f25cbdb57235d9955
0797a6dd125fc839e3aef79fd055b9b39a54501d
6f4b0b7db77d225b4b2c6d8d2c25de19e351a43eadfb460e006fe63526456db3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/su/frame.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "46d-9d834-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:09 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 645172

106.105.83.16/webpages/themes/default/img/replace/favicon.ico?t=9cfe5630

106.105.83.16

25 B

URL
106.105.83.16/webpages/themes/default/img/replace/favicon.ico?t=9cfe5630
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
95a48edf930f191149f6cc6d5aabd5d3
8a6cb568f806ffae868a77b519003a5df95ec0c3
d2c116f5a4270ada0a8d7c9a6e0aca4131c1d5e7be7182235df9cef727185092

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/themes/default/img/replace/favicon.ico?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Connection: close
Content-Type: text/plain
Transfer-Encoding: chunked

106.105.83.16/webpages/locale/zh_TW/lan.js?_=1715117350379

106.105.83.16

141 kB

URL
106.105.83.16/webpages/locale/zh_TW/lan.js?_=1715117350379
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

File type
Unicode text, UTF-8 text, with very long lines (43064), with no line terminators
Size
141 kB (141096 bytes)
Hash
085e6ebcce69488aad66d940b74af3a7
6cc489884c31ad4c457d975774050bfaca24474d
4fde0a753077d628a7e5ae86ab78d302b75117310ed7cdda4006c53e55b88e5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/locale/zh_TW/lan.js?_=1715117350379 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "49e-22728-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:13 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 141096

106.105.83.16/webpages/locale/zh_TW/lan.css?t=9cfe5630

106.105.83.16

80 B

URL
106.105.83.16/webpages/locale/zh_TW/lan.css?t=9cfe5630
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

File type
ASCII text, with CRLF line terminators
Size
80 B (80 bytes)
Hash
04572628f17c720bebb61879cfd191c3
4c0a53683dc35fbaaa3b8c3fcaf8264d38e821c2
fe294abdfacaea0531a13cdba0278c15064c28a8236c7f40bc718dfedef1e3e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/locale/zh_TW/lan.css?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "49c-50-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:15 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/css
Content-Length: 80

106.105.83.16/cgi-bin/luci/;stok=/locale?form=lang&operation=read

106.105.83.16

200 OK

136 B

URL GET HTTP/1.1
106.105.83.16/cgi-bin/luci/;stok=/locale?form=lang&operation=read
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
JSON text data
Size
136 B (136 bytes)
Hash
c4d8597b6e7e44549ea4db3cc5639b6f
0e0d1312a7c4066fae397f1691e1fc26dd97e690
728ef40a95dc604c07d8aae0b667bdf1617c7d878ef8db7e6361c9a2a8ef1ba3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cgi-bin/luci/;stok=/locale?form=lang&operation=read HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
Content-Type: application/json
Cache-Control: no-cache
Expires: 0

106.105.83.16/webpages/locale/language.js?_=1715117350381

106.105.83.16

2.8 kB

URL
106.105.83.16/webpages/locale/language.js?_=1715117350381
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

File type
Unicode text, UTF-8 text, with very long lines (2725), with no line terminators
Size
2.8 kB (2808 bytes)
Hash
4058a0d31cf5bcb37009d68a7485e201
a2a9cd3faeaef2f5ea8493c32dd5994f5adb3073
16a9d8da4d41b9fa60fb3691abfb39d7b029153893ed9b4b649121181a065636

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/locale/language.js?_=1715117350381 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "48f-af8-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:15 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 2808

106.105.83.16/webpages/index.html?t=9cfe5630

106.105.83.16

200 OK

3.3 kB

URL User Request GET HTTP/1.1
106.105.83.16/webpages/index.html?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
HTML document, ASCII text
Size
3.3 kB (3250 bytes)
Hash
513fc64077750ba6e9c5b0c1da3befec
216d4a19ea0f6521849d9c30e68cb70276f38302
3280522cea1f4e66881cf4e0badc99d7b6d11d1b6944c98d447df0b3ddf9009c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/index.html?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "367-cb2-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:16 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Cache-Control: no-cache
Expires: 0
Content-Type: text/html
Content-Length: 3250

106.105.83.16/webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630

106.105.83.16

200 OK

1.7 kB

URL GET HTTP/1.1
106.105.83.16/webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (1712), with no line terminators
Size
1.7 kB (1712 bytes)
Hash
2266db0e4804abc5551b10758d96d9ab
00aa0d250bcc5bb3962b8b597107c0eb14a80208
48b73d75d4d603b31f1c5e538603615adaf8143019776a7ec00248026bb62946

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/themes/default/css/perfect-scrollbar.css?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "35e-6b0-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:16 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/css
Content-Length: 1712

106.105.83.16/webpages/js/libs/encrypt.js?t=9cfe5630

106.105.83.16

200 OK

19 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/encrypt.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (18681), with no line terminators
Size
19 kB (18681 bytes)
Hash
725ad30a9b43310ed26f3993ce020b45
3e8015359679df906e9c5cbf6f80b338a8564193
14638370ba54a7005d12d5ff62c3cfb4914b7e910c85f1ad646698185f252341

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/encrypt.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "472-48f9-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:18 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 18681

106.105.83.16/webpages/themes/default/css/base.css?t=9cfe5630

106.105.83.16

200 OK

398 kB

URL GET HTTP/1.1
106.105.83.16/webpages/themes/default/css/base.css?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
398 kB (397522 bytes)
Hash
195b2fbbd80bd0520339874bad5783d8
a7e6d106fc6cb804b4e28127098304eec7ab5238
793028fb711fd91e6ffb905ef1254f749c4172627249762e8e8b96044bcadb41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/themes/default/css/base.css?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "363-3e0d2-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:07 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/css
Content-Length: 254162

106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630

106.105.83.16

200 OK

4.4 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/tpEncrypt.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (4448), with no line terminators
Size
4.4 kB (4448 bytes)
Hash
d00eae87038ac4282e14bfcdb0ef0b57
c69e3d6e47eef916b0c9f4c81d8eb11b4614942e
2972016a868ddd898f77ad9eb30e1df4e6dcdc1db3f48483ff75e52a8b75b3fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/tpEncrypt.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "478-1160-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:18 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 4448

106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630

106.105.83.16

200 OK

93 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/jquery.min.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
JavaScript source, ASCII text, with very long lines (32099)
Size
93 kB (93026 bytes)
Hash
00ff34b67a328f219fa3ae2423d4f252
19715ffee604b54e95a0e9db76f6de2b5125c29e
dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/jquery.min.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "473-16b62-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:18 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 93026

106.105.83.16/webpages/js/libs/cryptoJS.min.js?t=9cfe5630

106.105.83.16

200 OK

37 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/cryptoJS.min.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
JavaScript source, ASCII text, with very long lines (37061), with no line terminators
Size
37 kB (37061 bytes)
Hash
242f7a6460d88d62952bc73f3fdee691
679c50b118801a48f13ab4a0e06c00370d48d719
fe07d716cf3b06012d630b58916b1863d3d2359805d1a2309c8bd199a10a4eb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/cryptoJS.min.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "47a-90c5-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:18 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 37061

106.105.83.16/webpages/js/su/char.js?t=9cfe5630

106.105.83.16

200 OK

3.8 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/su/char.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (3828), with no line terminators
Size
3.8 kB (3828 bytes)
Hash
492a8b26dc4ceee50242d80e4949efff
cb78326c06ccc0ab873e0365d90b3a93abd7ff66
5249880594a0525556b122a6e1eed9a986040d8a901b8763d372d13c28c7d2a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/su/char.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "46f-ef4-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:19 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 3828

106.105.83.16/webpages/js/su/language.js?t=9cfe5630

106.105.83.16

200 OK

1.8 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/su/language.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
HTML document, ASCII text, with very long lines (1827), with no line terminators
Size
1.8 kB (1827 bytes)
Hash
09cc2c95d86f6c689ed557c675d27ea5
2929f18f65cbaaddc21f62a185a55675ba8d1806
7ae8ab0dfd8de0a16214c37009269ac0dc617b602276595156d2960fc4c182af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/su/language.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "46c-723-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:19 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 1827

106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630

106.105.83.16

200 OK

3.1 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
JavaScript source, ASCII text, with very long lines (3124), with no line terminators
Size
3.1 kB (3124 bytes)
Hash
7c7d50597056d7447cbd2e9d674a4923
58a7c5b7a8529cfb4a940f267523711c6c31bf72
f39c5f2fab5da8317e550348f76739099c372f9c38cbc914bd21209b67dc5d0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/jquery.backgroundSize.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "475-c34-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:19 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 3124

106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630

106.105.83.16

200 OK

1.5 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/libs/base64.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
ASCII text, with very long lines (1511), with no line terminators
Size
1.5 kB (1511 bytes)
Hash
4f993937854b67c2c8ce9819786133af
32b493527dc9a3af145de5420371d5559fc7a919
e6a53e5de818d2bc3c496d023e80f6a03ba9cff3324bbd07f4a11e1aa9bade62

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/libs/base64.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "474-5e7-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:20 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 1511

106.105.83.16/webpages/js/app/url.js?t=9cfe5630

106.105.83.16

323 B

URL GET
106.105.83.16/webpages/js/app/url.js?t=9cfe5630
IP
106.105.83.16:0
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630

File type
ASCII text, with very long lines (323), with no line terminators
Size
323 B (323 bytes)
Hash
6e7925ced5dc121458d9a719972e5ea9
6de4445680d6cb123fef1bc9add4f5de78c48d3a
30c12d0f3035f7a9d42cfc43f7adb6e0ecd7754906965a8181bfc19c1fa45187

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/app/url.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "47b-143-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:21 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 323

106.105.83.16/webpages/js/su/frame.js?t=9cfe5630

106.105.83.16

200 OK

645 kB

URL GET HTTP/1.1
106.105.83.16/webpages/js/su/frame.js?t=9cfe5630
IP
106.105.83.16:443
ASN
#18049 Taiwan Infrastructure Network Technologie

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630
Certificate
Issuer
Subjecttplinkwifi.net
FingerprintF2:CE:01:77:0F:09:08:B5:64:C5:C1:C6:FF:88:02:F8:F9:BB:71:75
ValidityFri, 01 Jan 2010 00:00:00 GMT - Tue, 31 Dec 2030 00:00:00 GMT

File type
Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Size
645 kB (645172 bytes)
Hash
71d0a0253608892f25cbdb57235d9955
0797a6dd125fc839e3aef79fd055b9b39a54501d
6f4b0b7db77d225b4b2c6d8d2c25de19e351a43eadfb460e006fe63526456db3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/js/su/frame.js?t=9cfe5630 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: close
ETag: "46d-9d834-62fa95af"
Last-Modified: Mon, 15 Aug 2022 18:51:27 GMT
Date: Tue, 07 May 2024 21:29:19 GMT
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
Content-Type: text/javascript
Content-Length: 645172

106.105.83.16/webpages/locale/zh_TW/lan.js?_=1715117360720

0.0.0.0

0 B

URL GET
106.105.83.16/webpages/locale/zh_TW/lan.js?_=1715117360720
IP
0.0.0.0:0
ASN
#0

Requested by
https://106.105.83.16/webpages/index.html?t=9cfe5630

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpages/locale/zh_TW/lan.js?_=1715117360720 HTTP/1.1
Host: 106.105.83.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://106.105.83.16/webpages/index.html?t=9cfe5630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML