Report - landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html

Report Overview

Visited public
2023-11-30 12:31:16
Tags
URL
landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Finishing URL
landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
IP / ASN
47.251.57.116
#45102 Alibaba US Technology Co., Ltd.
Title
Legal Land Description Writer

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.drv.tw	unknown	2017-12-20	2018-01-19 15:16:46	2023-11-22 15:26:14	449 B	963 B	51.124.12.35
landsurveyorsuniteddocs.on.drv.tw	unknown	unknown	No data	No data	1.1 kB	6.9 kB	47.251.57.116
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-11-30 05:09:14	842 B	466 B	216.239.32.36
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-11-30 05:09:24	1.4 kB	80 kB	151.101.193.229
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-11-30 05:09:11	978 B	50 kB	104.17.24.14
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-30 08:05:45	1.4 kB	229 kB	142.250.74.168
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-11-30 06:00:14	597 B	578 B	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-30	medium	drv.tw	Sinkholed
2023-11-30	medium	drv.tw	Sinkholed
2023-11-30	medium	drv.tw	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	www.drv.tw/inc/wd.js?s=landsurveyorsuniteddocs	ScriptElement	690 B	2023-03-07	2025-04-21
Pretty URL www.drv.tw/inc/wd.js?s=landsurveyorsuniteddocs IP 51.124.12.35 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-04-21 11:12 Times Seen80 Hash f057198986863ece3157c91696b93e74 3f2de7cdc5cd16df803ba1cf6c6902d10ad15166 4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f Loading...

	www.googletagmanager.com/gtag/js?id=UA-85417367-1	ScriptElement	135 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=UA-85417367-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 13:31 Last Seen2023-11-30 13:31 Times Seen1 Hash 37e9c9764104e18e6f71b2f6f937d287 ac1de9ea579279d9cd145c040ae493e915561b14 99dc697f2ed697dbacb7e5ab5005f473f231ff03dd19a9a0e8b14a0902f7f188 Loading...

	landsurveyorsuniteddocs.on.drv.tw/membertools/toools/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL landsurveyorsuniteddocs.on.drv.tw/membertools/toools/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 09:38 Times Seen341407 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 09:38 Times Seen340606 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c	ScriptElement	292 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 13:31 Last Seen2023-11-30 13:31 Times Seen1 Hash f28eb9ab7b296a530f3b60a57b7a2343 f784aac1e3540c1f4a6a3b1f10ceda1f46b012a0 e8cf80b6a1d72cf121289163fbdb49d74412cd4cefa1be0cd53a3feee6dd404e Loading...

	www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c	ScriptElement	222 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 13:31 Last Seen2023-11-30 13:31 Times Seen1 Hash 86eb005a68fbce70bb623ec377641ccb dac357ee109aee678067de89ec5f88214cca1538 2031be84980b28c6f45452e4ab5bd3bdfb0d22ae9a913ef869bf8599bb7dca8f Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js	ScriptElement	60 kB	2023-03-09	2025-05-08
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:23 Last Seen2025-05-08 16:43 Times Seen595 Hash b0794583ec020a7852f0fc04d5cefc52 847dff899b5bcf8ee434e389e2a910ba1dbad76f 9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0 Loading...

	landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html IP 47.251.57.116 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:43 Times Seen4635142 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (13)

URL IP Response Size

cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

151.101.193.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
3f30c2c47d7d23c7a994db0c862d45a5
7791dd1f3173a0d62cc39c21d2ad71fc8dad0e72
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

HTTP Headers

GET /npm/bootstrap@5.2.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.3
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
content-encoding: br
accept-ranges: bytes
date: Thu, 30 Nov 2023 12:31:01 GMT
age: 3099136
x-served-by: cache-fra-eddf8230122-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

151.101.193.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
3f30c2c47d7d23c7a994db0c862d45a5
7791dd1f3173a0d62cc39c21d2ad71fc8dad0e72
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

HTTP Headers

GET /npm/bootstrap@5.2.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.3
x-jsd-version-type: version
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
content-encoding: br
accept-ranges: bytes
date: Thu, 30 Nov 2023 12:31:01 GMT
age: 3099136
x-served-by: cache-fra-eddf8230122-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js

151.101.193.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (60125)
Size
17 kB (17319 bytes)
Hash
b0794583ec020a7852f0fc04d5cefc52
847dff899b5bcf8ee434e389e2a910ba1dbad76f
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0

HTTP Headers

GET /npm/bootstrap@5.2.3/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.3
x-jsd-version-type: version
etag: W/"ebf4-hH3/iZtbz47kNOOJ4qkQuh26128"
content-encoding: br
accept-ranges: bytes
date: Thu, 30 Nov 2023 12:31:01 GMT
age: 12888329
x-served-by: cache-fra-eddf8230085-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17319
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootswatch/5.3.2/slate/bootstrap.min.css

104.17.24.14

200 OK

24 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootswatch/5.3.2/slate/bootstrap.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65195)
Size
24 kB (24074 bytes)
Hash
5f6f401e01883fa6358e35e4444dcdc2
7f107e29bf5293420340452d52e0db4890e69f6c
123131e12469ede09301fe49359058a5f23f60ca3dd8d0ade96234b96288ef5c

HTTP Headers

GET /ajax/libs/bootswatch/5.3.2/slate/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 12:31:01 GMT
content-type: text/css; charset=utf-8
content-length: 24074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "650ab6a2-5e0a"
last-modified: Wed, 20 Sep 2023 09:08:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Tue, 19 Nov 2024 12:31:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSL8h6qqdqyqzSavppNfjqFaGsmLLktEjReejHgm61%2BiOUB2q%2BXHEQ5YVtMHaS79Zf9Wdr0gc0iBNhd5szigf1f7tYq57CyCt9mnWrlD37g6ToR9J2hmcnGIIBLcDkIDmVM7qSud"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82e31ae039afb509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootswatch/5.3.2/slate/bootstrap.min.css

104.17.24.14

200 OK

24 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootswatch/5.3.2/slate/bootstrap.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65195)
Size
24 kB (24074 bytes)
Hash
5f6f401e01883fa6358e35e4444dcdc2
7f107e29bf5293420340452d52e0db4890e69f6c
123131e12469ede09301fe49359058a5f23f60ca3dd8d0ade96234b96288ef5c

HTTP Headers

GET /ajax/libs/bootswatch/5.3.2/slate/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 12:31:01 GMT
content-type: text/css; charset=utf-8
content-length: 24074
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "650ab6a2-5e0a"
last-modified: Wed, 20 Sep 2023 09:08:50 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
expires: Tue, 19 Nov 2024 12:31:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FenMtJceqG1OBiJWffXEj4wW43LGJ8iJbpB%2BbNvk8uujLvTHkSN7VfVR15bCpFFC6hQjnVOt5h7wgYdHwU6H51kW3UaM8fUNJwhAQRZrjRBqdkEkxnDumRO4SDLRCGd2fnPCUwl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82e31ae039b7b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-85417367-1

142.250.74.168

200 OK

51 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-85417367-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (2213)
Size
51 kB (51375 bytes)
Hash
37e9c9764104e18e6f71b2f6f937d287
ac1de9ea579279d9cd145c040ae493e915561b14
99dc697f2ed697dbacb7e5ab5005f473f231ff03dd19a9a0e8b14a0902f7f188

HTTP Headers

GET /gtag/js?id=UA-85417367-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 12:31:02 GMT
expires: Thu, 30 Nov 2023 12:31:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (7711)
Size
95 kB (95141 bytes)
Hash
f28eb9ab7b296a530f3b60a57b7a2343
f784aac1e3540c1f4a6a3b1f10ceda1f46b012a0
e8cf80b6a1d72cf121289163fbdb49d74412cd4cefa1be0cd53a3feee6dd404e

HTTP Headers

GET /gtag/js?id=G-LHL0SH0Z7S&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 12:31:02 GMT
expires: Thu, 30 Nov 2023 12:31:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c

142.250.74.168

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3120)
Size
81 kB (81100 bytes)
Hash
86eb005a68fbce70bb623ec377641ccb
dac357ee109aee678067de89ec5f88214cca1538
2031be84980b28c6f45452e4ab5bd3bdfb0d22ae9a913ef869bf8599bb7dca8f

HTTP Headers

GET /gtag/js?id=G-NBGQJBJMEG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 12:31:02 GMT
expires: Thu, 30 Nov 2023 12:31:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LHL0SH0Z7S&cid=686193610.1701347467&gtm=45je3b60v898224655&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=405581233

142.250.74.131

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LHL0SH0Z7S&cid=686193610.1701347467&gtm=45je3b60v898224655&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=405581233
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LHL0SH0Z7S&cid=686193610.1701347467&gtm=45je3b60v898224655&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=405581233 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 12:31:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.drv.tw/inc/wd.js?s=landsurveyorsuniteddocs

51.124.12.35

200 OK

425 B

URL GET HTTP/2
www.drv.tw/inc/wd.js?s=landsurveyorsuniteddocs
IP
51.124.12.35:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerDigiCert, Inc.
Subjectwww.drv.tw
FingerprintCA:04:59:4A:C7:19:12:12:2B:87:D0:87:4F:3C:38:78:8E:BA:3D:C5
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 31 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (690), with no line terminators
Size
425 B (425 bytes)
Hash
f057198986863ece3157c91696b93e74
3f2de7cdc5cd16df803ba1cf6c6902d10ad15166
4f33b00ff60ba75c03cfd1a1a5d0be37fb7bba6718ef54bf9898a53e1c72f87f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /inc/wd.js?s=landsurveyorsuniteddocs HTTP/1.1
Host: www.drv.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
date: Thu, 30 Nov 2023 12:31:01 GMT
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "55789111"
last-modified: Sun, 29 May 2022 11:24:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2

landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html

47.251.57.116

200 OK

4.3 kB

URL User Request GET HTTP/2
landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
IP
47.251.57.116:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectdrv.tw
FingerprintBD:0D:AA:1B:07:C2:70:4D:DA:66:C6:66:40:5B:14:B8:4E:A9:2E:75
ValidityFri, 20 Oct 2023 15:36:02 GMT - Thu, 18 Jan 2024 15:36:01 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4488), with no line terminators
Size
4.3 kB (4269 bytes)
Hash
a026da59dbf6d21974df151b4fb6dad5
88def17bb7a713703e5128840cfbca543117b428
096192f9d32b809a95f6cdb55eec46686f0b37c24f070261f02e37d616f9b214

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /membertools/toools/legaldescriptions.html HTTP/1.1
Host: landsurveyorsuniteddocs.on.drv.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Thu, 30 Nov 2023 12:31:00 GMT
content-type: text/html
last-modified: Mon, 23 Oct 2023 19:56:14 GMT
cache-control: public, s-maxage=43200, max-age=43200
vary: Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding
content-encoding: gzip
x-cache: BYPASS
set-cookie: uid=rBI//GVogIRwqAJfFkWeAg==; path=/
X-Firefox-Spdy: h2

landsurveyorsuniteddocs.on.drv.tw/favicon.ico

47.251.57.116

404 Not Found

2.0 kB

URL GET HTTP/2
landsurveyorsuniteddocs.on.drv.tw/favicon.ico
IP
47.251.57.116:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerLet's Encrypt
Subjectdrv.tw
FingerprintBD:0D:AA:1B:07:C2:70:4D:DA:66:C6:66:40:5B:14:B8:4E:A9:2E:75
ValidityFri, 20 Oct 2023 15:36:02 GMT - Thu, 18 Jan 2024 15:36:01 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2097), with no line terminators
Size
2.0 kB (2009 bytes)
Hash
f3182bd57e4486d29f5ab12035c8b6f3
260616db75d8d8ecabdef1fd6dc75446585d529a
a6b3a43224127ad6a916cb3ae92d8a69f82e264721a390e6b1c56c97b4372cb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: landsurveyorsuniteddocs.on.drv.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Cookie: uid=rBI//GVogIRwqAJfFkWeAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx/1.14.0 (Ubuntu)
date: Thu, 30 Nov 2023 12:31:02 GMT
content-type: text/html
cache-control: public, s-maxage=604800, max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je3b60v898224655&_p=1701347466510&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=686193610.1701347467&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1701347466&sct=1&seg=0&dl=https%3A%2F%2Flandsurveyorsuniteddocs.on.drv.tw%2Fmembertools%2Ftoools%2Flegaldescriptions.html&dt=Legal%20Land%20Description%20Writer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3730

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je3b60v898224655&_p=1701347466510&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=686193610.1701347467&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1701347466&sct=1&seg=0&dl=https%3A%2F%2Flandsurveyorsuniteddocs.on.drv.tw%2Fmembertools%2Ftoools%2Flegaldescriptions.html&dt=Legal%20Land%20Description%20Writer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3730
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://landsurveyorsuniteddocs.on.drv.tw/membertools/toools/legaldescriptions.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-LHL0SH0Z7S&gtm=45je3b60v898224655&_p=1701347466510&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=686193610.1701347467&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1701347466&sct=1&seg=0&dl=https%3A%2F%2Flandsurveyorsuniteddocs.on.drv.tw%2Fmembertools%2Ftoools%2Flegaldescriptions.html&dt=Legal%20Land%20Description%20Writer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3730 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://landsurveyorsuniteddocs.on.drv.tw
DNT: 1
Connection: keep-alive
Referer: https://landsurveyorsuniteddocs.on.drv.tw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://landsurveyorsuniteddocs.on.drv.tw
date: Thu, 30 Nov 2023 12:31:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2