Report - shimall-ups.sbs/

Report Overview

Visited public
2025-06-11 11:57:51
Tags
Submit Tags
URL
shimall-ups.sbs/
Finishing URL
shimall-ups.sbs/
IP / ASN
103.42.28.74
#62468 HKCLOUDX
Title
Shop

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

100

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ipapi.co	195030	2016-04-19	2017-01-31	2025-06-08	419 B	866 B	172.67.69.226
shimall-ups.sbs	unknown	unknown	No data	No data	22 kB	4.8 MB	103.42.28.74
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-06-04	2.2 kB	154 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-06-04	500 B	12 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed
2025-06-11	medium	shimall-ups.sbs	Sinkholed

ThreatFox

No alerts detected

JavaScript (35)

	URL	From	Size	First Seen	Last Seen
	shimall-ups.sbs/assets/js/aos.min.js	ScriptElement	14 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/aos.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen472 Hash e0041457719a9b541a81669201b820b7 10bc52e3895f57acf7e9de24a465a1f3abb6d9fa 397c09afcedde7c04a774ce7738d7a1ab0a7cf69814bf1e281226888582a9519 Loading...

	shimall-ups.sbs/	Function	37 B	2023-04-11	2025-07-09
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-07-09 10:35 Times Seen293892 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	shimall-ups.sbs/config.js	ImportedModule	371 B	2025-06-11	2025-06-12
Pretty URL shimall-ups.sbs/config.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by importedModule Embedded in HTML false Observations First Seen2025-06-11 11:57 Last Seen2025-06-12 11:35 Times Seen2 Hash 90b6ee8d4c09830052c23561ae12799d 7389faf0c09d2e29f3121bdf854be903fd03c138 742cacfc6f8701da749137f75d16966ca7dcb3f1433712cd8c9a44260755e595 Loading...

	shimall-ups.sbs/	Function	246 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen145 Hash 97304bb47f6a29f0c116b962563e216e 0c8b30a590cb5355572da34baa15eb9504d7977f 7ebef5414b30e5d7d7054f13cca22b0acc660dabe10e9e98f8e4f1132b337202 Loading...

	shimall-ups.sbs/assets/js/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-07-09
Pretty URL shimall-ups.sbs/assets/js/jquery.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-09 10:36 Times Seen236398 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	shimall-ups.sbs/assets/js/lazysizes.min.js	ScriptElement	8.0 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/lazysizes.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen472 Hash 1676485dd72c3bcd843fe5edac986faa 9cb71a19d578da4b9ae6fd477b2e28b47160d1c9 0bb1ea7499d5431a76a643de7c6f1be2379cc39ad3d84e5d1ba228f77b5ac2c3 Loading...

	shimall-ups.sbs/assets/js/jquery.magnific-popup.min.js	ScriptElement	20 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/jquery.magnific-popup.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen474 Hash c15be16610f0ec6cc7483b0d84982197 07f1aeec984f3af6b7b098d5d0270186d3e95d03 5f1b25dc09b49c104b8676e0186d6c24f7a6335d8bd82570f3257349d5b7bbff Loading...

	shimall-ups.sbs/	Function	79 B	2023-04-11	2025-07-09
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-07-09 10:01 Times Seen117752 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	shimall-ups.sbs/assets/js/script.js	ScriptElement	75 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/script.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen470 Hash d761ec041c6f157149dd799cda5dd4f4 883627490847fb151f4eb93d7ac66d1a45483dbb f6ffeffd873fcc4a66c6b9d04c934ea99e5469c8fa44902efbf14d3ca8ee189a Loading...

	shimall-ups.sbs/	Function	3.0 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen320 Hash 4dfac37e3ec1ab04acff077e8a25d76e 4e7fa58ad9af36efc7f0c8a36114e49837d50fa1 2e41ec05d2d305fc65756c82feb979359a403d83b992735d1a0687b922bcd87f Loading...

	shimall-ups.sbs/	Function	2.6 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen321 Hash 363a2833d5ee24fee736107a7a263a1d c494d3e2689c8c904dd0fc175dc28aca04ee3d54 d62a0475219c4d65acfcf30232067490671f2912e45498d22d5ab8447629ccbb Loading...

	shimall-ups.sbs/assets/js/jquery.nice-select.min.js	ScriptElement	4.5 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/jquery.nice-select.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen301 Hash 6da8d42255961163046979da18f54b72 6262d03800d298badf3d8188df5212f4d3fa0d7d 00095a8b4be4fffdfc68d53607b18dfc6ec6fa5248025323f6667c53d192d6f0 Loading...

	shimall-ups.sbs/	Function	301 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen171 Hash 47b5b21ca01bd66664417e86715e6de4 2475193fffd58c7fb616b0bcf2de000b9a48e13a b77b55c507f3c6fe9963dc1ff1297488e1d115b54d437378eecd1dd7999bdcfd Loading...

	shimall-ups.sbs/	Function	962 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen336 Hash 5b3f2ddf33de1a31553fd9f512c56b36 8b2a5f767064990478bad9b28ab73dcdd3b9e1b7 a02a4e3ab35c78a502a6cc2ec0cbd3255b63deb143382a39952b2d24f3b594b7 Loading...

	shimall-ups.sbs/	Function	246 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen145 Hash 81c1c372c408fddff2b21a8cecda9f11 0804333bb4ab0deba93b5bf2d68b1e984a659ff6 03b978d21adf0c245eb00f3529552bc042be2d0ba95617c8ec7c8687ca04cc8c Loading...

	shimall-ups.sbs/	Function	37 kB	2025-04-08	2025-06-18
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2025-04-08 11:26 Last Seen2025-06-18 12:04 Times Seen25 Hash 9f3177f693bbdcc1356d0c5b7fab519d 58fc06e16e850a295410a4647972b6813f2dbe44 6ed82e276303791b88236b8d552285d5f74614d4a4880e0837e3f91aa398bf29 Loading...

	shimall-ups.sbs/assets/js/tilt.jquery.min.js	ScriptElement	5.6 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/tilt.jquery.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen472 Hash a7c41f525cd406ce3261ed432d417f6b 038a72b0440d0eebd6332f32375438889d0cec17 8c343b24bfa1ada9122d5f5b38bfaa6fbcbf8f075dd751ff9d72c98278b46d9e Loading...

	shimall-ups.sbs/language.js	ImportedModule	74 kB	2024-09-29	2025-06-30
Pretty URL shimall-ups.sbs/language.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by importedModule Embedded in HTML false Observations First Seen2024-09-29 13:57 Last Seen2025-06-30 13:02 Times Seen119 Hash fdd1a6f41ae1b4a75d7ebd7028beff61 61a1fb404efe84e0cc486635d6a2bf5cd5b9056c a932ca627cd2c651f6004d163fe68d974b3a8d17aeb2e389b6b59336b022f727 Loading...

	shimall-ups.sbs/	Function	926 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen336 Hash fcf4dba33bc528efbde6c90d60e14bf7 8e4bf03fa83805d4b7f0302902e8f2b515483853 c28230a935b6c0181d456c504a9612a14a43a29e5e26597be8bed5028b09cacc Loading...

	shimall-ups.sbs/	Function	47 B	2023-04-11	2025-07-09
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:25 Last Seen2025-07-09 09:07 Times Seen7372 Hash 2512414f817df8312569d55032748f81 13467df6e962aa77bb36867ff1412e1ba9f8feb1 e193735f8d500f10e2cdc6a94f5a43fb0257c1e2f8afc10fa04f0e3761d258de Loading...

	shimall-ups.sbs/	Function	116 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen331 Hash cd946c3e98f281b109d36b0295203061 5f1aa73e0d67cb8c213acd57b722f98874ba01a2 7868df9f4443fb827c8f601e15bb36d470c16e21b46c5ccf2ebe99321291423a Loading...

	shimall-ups.sbs/assets/js/jquery.counterup.min.js	ScriptElement	21 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/jquery.counterup.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen474 Hash ac8c7cd057d291dc5f8992182887e554 a2f19870b9bfc913dd3f877b1801f9c6c3c3aa8e d787c8b33d180fa608d2cc2224a6fa91bb4a178c1d47a0cb33a8408c808510df Loading...

	shimall-ups.sbs/	Function	743 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen172 Hash a759fe6db93d3fccdff3faa3dec0394c 4ff7b86a590eced74fabc9a73973522de9b2d408 80ac54e797dd71f43594830bec2b985faaa053446fcfd1eaac60a60e77d444a2 Loading...

	shimall-ups.sbs/	Function	236 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen145 Hash 397d3a86fa91a03b645eba5612c4c02b 4f5f55742a02b48a0e565ea8ed003771728a0daa fa3dab8a873a57c6ac139716ccb63ea87367c84fe6b1de7aee21b269579a958a Loading...

	shimall-ups.sbs/assets/js/bootstrap.min.js	ScriptElement	80 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/bootstrap.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen474 Hash 5dd8c20243d232a12ba5d3371e406bae 741b98fb8faf65719edab5c712b7ea4df7b2faba 2549ead0944c11eb5de73825c107487f2032dd0042b2c762a1cc6f430f6ed609 Loading...

	shimall-ups.sbs/assets/js/swiper-bundle.min.js	ScriptElement	144 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/swiper-bundle.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen465 Hash c9a9f38aa0acaa7ce04312456f7d23c1 bf3c40e57dd84da986337920ef4d5bfef476b115 1ab59033075783342dbec81fa17026d5591d0ed4645fc6faa048ba6741e6d0be Loading...

	shimall-ups.sbs/assets/js/zone.js	ScriptElement	4.2 kB	2025-04-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/zone.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-04 12:02 Last Seen2025-07-08 14:42 Times Seen119 Hash 038ca2c2d54e043ca57e152004894fcc de9896197b2313687305bde3b879da23ccafdcd9 38d44bc0055ce3666f7b5f9c98449ea10745a9e372197b60bd395f871d85550b Loading...

	shimall-ups.sbs/	Function	2.9 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen323 Hash d8f699b15cbabee5b41b54d057ff3598 908524fee1220e4f01fe3c2a10ac42b764607401 d4217c7eb09e68fc2656be8bc011e04073a491f5d7f18d83cdb77c070135e7cb Loading...

	shimall-ups.sbs/	Function	1.5 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen336 Hash 230f8915efb1812a3a836aacfdf6a73e 9d3b75e6b60e17ee30d3f0243307a0a84a0de18a 8461bb14582d5af81b67c268bbdbdc7b10e95ca3143985ed5a1b2590d75aa8b9 Loading...

	shimall-ups.sbs/	Function	682 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen336 Hash 71f65b25e9149004866666a3b7728202 630cf404eddba1854f8ed804cd264d647a4bc790 b676b3a1ad079c117303e119fed01ae7ea8542065a86ef07b8fd4a24f41a2280 Loading...

	shimall-ups.sbs/assets/js/tweenMax.min.js	ScriptElement	116 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/tweenMax.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen472 Hash 6296e4cbdcf8f726fbbe2f56a246ef33 0d477ae74145be06f9681ae626b3816694115bd0 b2eb575eacb77fd139ffdf2cb86a12295189043fce93e000210dd88b41afc57a Loading...

	shimall-ups.sbs/	Function	3.0 kB	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen320 Hash 2b57fb4b230fa053aa3a7c1ca9d864a7 b6546e067a21af27ab3c12b95c754eb073bc458e 2fafb890a7c433514b178c5f9b30b93ad1c52994edb111f280bc2d9ab0f6572a Loading...

	shimall-ups.sbs/	Function	1.9 kB	2025-06-11	2025-06-11
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2025-06-11 11:57 Last Seen2025-06-11 11:57 Times Seen1 Hash fa3978f895feefcc429103ae642b2183 7fb249cd57a834517c963689184ad863183d69da 954e80ca873b278042795fa1a8af898830189f2058836981c8fe5b87130c4afc Loading...

	shimall-ups.sbs/	Function	618 B	2024-07-04	2025-07-08
Pretty URL shimall-ups.sbs/ IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by Function Embedded in HTML false Observations First Seen2024-07-04 22:43 Last Seen2025-07-08 14:42 Times Seen179 Hash 842d9ecb2c8896940ea54681cf8f12ad 0df3f6368125fd265d99ac60119e112599ad9c54 ab6c0b948bda709521f1fb421e499c515880439bb04604c6ff42b12b4d905172 Loading...

	shimall-ups.sbs/assets/js/vue.min.js	ScriptElement	108 kB	2023-12-27	2025-07-08
Pretty URL shimall-ups.sbs/assets/js/vue.min.js IP 103.42.28.74 ASN #62468 HKCLOUDX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-27 12:14 Last Seen2025-07-08 17:49 Times Seen886 Hash 8da91780fa9815752579efedb7b6ee03 4525cbd167c96324016eaa2584703e2024e85c90 3c1d4b0c549e8de9d4a9bafb12ab70b6a1ac747d07293b98c5b25b6632999afd Loading...

HTTP Transactions (56)

URL IP Response Size

GET shimall-ups.sbs/

103.42.28.74

200 OK

72 kB

URL User Request GET
shimall-ups.sbs/
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2909)
Size
72 kB (71494 bytes)
Hash
1380a284423759996eee84fab3c748f4
6027a042787bd50e9a01db16d9c7efd35a86fa53
6e28997d7a675966276be3fd10a094b5ac4073d62e04cdaf99d09deaf67b81b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:27 GMT
content-type: text/html
last-modified: Tue, 17 Dec 2024 13:53:26 GMT
vary: Accept-Encoding
etag: W/"67618256-11746"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/swiper-bundle.min.js

103.42.28.74

200 OK

144 kB

URL GET
shimall-ups.sbs/assets/js/swiper-bundle.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65199)
Size
144 kB (143790 bytes)
Hash
c9a9f38aa0acaa7ce04312456f7d23c1
bf3c40e57dd84da986337920ef4d5bfef476b115
1ab59033075783342dbec81fa17026d5591d0ed4645fc6faa048ba6741e6d0be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/swiper-bundle.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:20 GMT
vary: Accept-Encoding
etag: W/"67618304-231ae"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/plusjakartasans/v11/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2

142.250.74.35

200 OK

27 kB

URL GET
fonts.gstatic.com/s/plusjakartasans/v11/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://shimall-ups.sbs/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27348, version 1.0
Size
27 kB (27348 bytes)
Hash
7660bd9909fb097989b19471a75f1b7a
a389d97de580a2d6a3723112234bd2b3839ce0db
153fc85b70298beeb1d61a5f723331649e7f23bb77302a66e61cb3e2fbdb5e79

HTTP Headers

GET /s/plusjakartasans/v11/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shimall-ups.sbs
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jun 2025 19:31:27 GMT
expires: Mon, 08 Jun 2026 19:31:27 GMT
cache-control: public, max-age=31536000
age: 231962
last-modified: Thu, 29 May 2025 22:06:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/nice-select.css

103.42.28.74

200 OK

4.4 kB

URL GET
shimall-ups.sbs/assets/css/nice-select.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
4.4 kB (4372 bytes)
Hash
85159172c4f47eff80712fec2577f798
f06d049fd7068802722fedbd5b580a8f4b8eb7ac
1f83e0ee8dcfc77afc8364d414c57f29616bc42099283c9f964cc607143357c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/nice-select.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:44 GMT
vary: Accept-Encoding
etag: W/"676182a4-1114"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/jquery.magnific-popup.min.js

103.42.28.74

200 OK

20 kB

URL GET
shimall-ups.sbs/assets/js/jquery.magnific-popup.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (20087)
Size
20 kB (20369 bytes)
Hash
c15be16610f0ec6cc7483b0d84982197
07f1aeec984f3af6b7b098d5d0270186d3e95d03
5f1b25dc09b49c104b8676e0186d6c24f7a6335d8bd82570f3257349d5b7bbff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery.magnific-popup.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:08 GMT
vary: Accept-Encoding
etag: W/"676182f8-4f91"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/2.mp4

103.42.28.74

206 Partial Content

271 kB

URL GET
shimall-ups.sbs/assets/video/2.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
271 kB (271153 bytes)
Hash
d706668c1cdda2721558bc93dfd76f0a
12b4c9d53b507c267b602be100118530a7d93d39
f5bebc82c7056235b74e39370499fdd7075c904318bf03923c0122c37eb1d8f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/2.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: video/mp4
content-length: 271153
last-modified: Tue, 17 Dec 2024 14:10:08 GMT
etag: "67618640-42331"
strict-transport-security: max-age=31536000
content-range: bytes 0-271152/271153
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/hero-banner-bg-1.png

103.42.28.74

200 OK

8.8 kB

URL GET
shimall-ups.sbs/assets/images/hero-banner-bg-1.png
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
PNG image data, 2880 x 1440, 4-bit colormap, non-interlaced
Size
8.8 kB (8771 bytes)
Hash
e62aaa01df9bcef41f04ccaad92d87a1
48faabc4dfef2645db295a7904c134d17d618dc0
398f84b0ce8b1ce8276885781d8d5162dd0999eaf22496e77fb0004ffb196e49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/hero-banner-bg-1.png HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:29 GMT
content-type: image/png
last-modified: Tue, 17 Dec 2024 13:59:14 GMT
vary: Accept-Encoding
etag: W/"676183b2-2243"
expires: Fri, 11 Jul 2025 11:57:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/2.mp4

103.42.28.74

206 Partial Content

271 kB

URL GET
shimall-ups.sbs/assets/video/2.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
271 kB (271153 bytes)
Hash
d706668c1cdda2721558bc93dfd76f0a
12b4c9d53b507c267b602be100118530a7d93d39
f5bebc82c7056235b74e39370499fdd7075c904318bf03923c0122c37eb1d8f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/2.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:31 GMT
content-type: video/mp4
content-length: 271153
last-modified: Tue, 17 Dec 2024 14:10:08 GMT
etag: "67618640-42331"
strict-transport-security: max-age=31536000
content-range: bytes 0-271152/271153
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/avatar-3.jpg

103.42.28.74

200 OK

20 kB

URL GET
shimall-ups.sbs/assets/images/avatar-3.jpg
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3
Size
20 kB (19657 bytes)
Hash
7f4e88b0dc91c63acd501d5eefab5e05
7d083a1ec1ca2a4dcab5c6eda740a5818a054ac1
29aa525cb16afd6e8a9a233035ddb8171d8cd6dc6ad82ef743d9bbe2725517eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/avatar-3.jpg HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:36 GMT
content-type: image/jpeg
last-modified: Tue, 17 Dec 2024 13:59:26 GMT
vary: Accept-Encoding
etag: W/"676183be-4cc9"
expires: Fri, 11 Jul 2025 11:57:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/avatar-2.jpg

103.42.28.74

200 OK

31 kB

URL GET
shimall-ups.sbs/assets/images/avatar-2.jpg
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3
Size
31 kB (31390 bytes)
Hash
1c03b908f62008df8e7e02ca5db8cf50
515976a79fe5ee2392616b0651182240c6ee3d65
eb36c0f955a29a4125a2e195d4ff15db120f833a91b8d13a6998ad1b285a74b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/avatar-2.jpg HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:36 GMT
content-type: image/jpeg
last-modified: Tue, 17 Dec 2024 13:59:28 GMT
vary: Accept-Encoding
etag: W/"676183c0-7a9e"
expires: Fri, 11 Jul 2025 11:57:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/bootstrap.min.css

103.42.28.74

200 OK

254 kB

URL GET
shimall-ups.sbs/assets/css/bootstrap.min.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (562)
Size
254 kB (254163 bytes)
Hash
6c12d80686998c2cb6b6fdb1576ebcb9
cd129462264cd99a81e1f06bf69725b0e9df25e3
8bd22adafce11eb3e7971268da60a8586f9e6834557d7dfc8cdbb1091a83b9c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/bootstrap.min.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:36 GMT
vary: Accept-Encoding
etag: W/"6761829c-3e0d3"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Inter:wght@400;500&family=Plus+Jakarta+Sans:wght@400;500;600;700&display=swap

142.250.74.10

200 OK

12 kB

URL GET
fonts.googleapis.com/css2?family=Inter:wght@400;500&family=Plus+Jakarta+Sans:wght@400;500;600;700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://shimall-ups.sbs/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text
Size
12 kB (11630 bytes)
Hash
8385089a42377e24cb608041761914b9
7fec06f3a3b31bfef2d1b0cd76a59fddb0211b52
b679e5b8e3facd9ae869fa99a1ef517a2d264cf91b668a37b26fb10582ebaf0d

HTTP Headers

GET /css2?family=Inter:wght@400;500&family=Plus+Jakarta+Sans:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 11 Jun 2025 11:57:29 GMT
date: Wed, 11 Jun 2025 11:57:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://shimall-ups.sbs/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48256, version 1.0
Size
48 kB (48256 bytes)
Hash
260c81a4759baf163c025001c4f27872
f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298
3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shimall-ups.sbs
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:36:32 GMT
expires: Wed, 10 Jun 2026 02:36:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
age: 120057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/tiktok.mp4

103.42.28.74

206 Partial Content

262 kB

URL GET
shimall-ups.sbs/assets/video/tiktok.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
262 kB (262144 bytes)
Hash
b7fd5bd6004529215cf6e15136a34599
a2ead55770ae40a29b9270daf02fe6d735923019
b9f362fdcc81b6327df0c2473bf9395e356b07d57058316c8e692f35eb58c441

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/tiktok.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:31 GMT
content-type: video/mp4
content-length: 9024074
last-modified: Tue, 17 Dec 2024 14:10:48 GMT
etag: "67618668-89b24a"
strict-transport-security: max-age=31536000
content-range: bytes 0-9024073/9024074
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/1.mp4

103.42.28.74

206 Partial Content

562 kB

URL GET
shimall-ups.sbs/assets/video/1.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
562 kB (561958 bytes)
Hash
c9e9d44ff722002fae76d923472a1b01
cf4d834c4aaa1d4cea21d38da367add8259f78f6
af6908a80017d4dac46a7e9a631b17d61db853f5d7bfee6ac4a14585786503f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/1.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:31 GMT
content-type: video/mp4
content-length: 561958
last-modified: Tue, 17 Dec 2024 14:09:06 GMT
etag: "67618602-89326"
strict-transport-security: max-age=31536000
content-range: bytes 0-561957/561958
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/bootstrap.min.js

103.42.28.74

200 OK

80 kB

URL GET
shimall-ups.sbs/assets/js/bootstrap.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65223)
Size
80 kB (79943 bytes)
Hash
5dd8c20243d232a12ba5d3371e406bae
741b98fb8faf65719edab5c712b7ea4df7b2faba
2549ead0944c11eb5de73825c107487f2032dd0042b2c762a1cc6f430f6ed609

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/bootstrap.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:02 GMT
vary: Accept-Encoding
etag: W/"676182f2-13847"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ipapi.co/json/

172.67.69.226

429 Too Many Requests

109 B

URL GET
ipapi.co/json/
IP
172.67.69.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://shimall-ups.sbs/
Certificate
IssuerGoogle Trust Services
Subjectipapi.co
FingerprintE8:73:1B:99:98:12:30:B0:43:37:41:B7:A6:D7:09:A5:E8:31:78:8B
ValiditySun, 27 Apr 2025 01:39:42 GMT - Sat, 26 Jul 2025 02:39:37 GMT

File type
ASCII text, with no line terminators
Size
109 B (109 bytes)
Hash
ab659b4740ccdd670604fbf5eb826c51
04296101f6784e53d5ab97b1755a1fd3fc13c121
f45852e5c4a7a113e052c51c5637c8d79391557a6c917685043fbe8c65844785

HTTP Headers

GET /json/ HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shimall-ups.sbs/
Origin: https://shimall-ups.sbs
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 429 Too Many Requests
date: Wed, 11 Jun 2025 11:57:31 GMT
content-type: text/plain
content-length: 109
retry-after: 1393
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEG75eLhZw%2B2wJaPzazZ0aRYLz9pY5kTjLg1AUliahdMC1KK94%2FrIgEJCvSlHMrp66OqNBIuUwQCrM06OBsAxnchyOQankwLSXkdFu0Kc%2FfCf3C1AT%2B%2Bhd38"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94e0ee703c770b65-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1097&min_rtt=505&rtt_var=1236&sent=9&recv=11&lost=0&retrans=1&sent_bytes=3280&recv_bytes=1122&delivery_rate=6983922&cwnd=255&unsent_bytes=0&cid=608767e0f1c1649a&ts=26&x=0"
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/animate.min.css

103.42.28.74

200 OK

72 kB

URL GET
shimall-ups.sbs/assets/css/animate.min.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ASCII text, with very long lines (65365)
Size
72 kB (71873 bytes)
Hash
1a069f675d26ce109b5a405112a7fd33
b880afa27c03eac2d954b1cadcd7004c6c5978d3
aa0b5d2e1bac36e844b2224d2c0940622ab9e298f21e1cf9d440a7bc0a5d3de5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/animate.min.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:30 GMT
vary: Accept-Encoding
etag: W/"67618296-118c1"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/poster.png

103.42.28.74

200 OK

81 kB

URL GET
shimall-ups.sbs/assets/images/poster.png
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
PNG image data, 1056 x 1770, 8-bit/color RGBA, non-interlaced
Size
81 kB (81365 bytes)
Hash
efac23272269a1893db2cc4880a2550a
2641aedfc665089c11345f2312569ca5f0eb3857
80027eddf9f995e06621e688570583b175c8c9a6a904a68a213a35b9f37b2df6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/poster.png HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: image/png
last-modified: Tue, 17 Dec 2024 14:00:04 GMT
vary: Accept-Encoding
etag: W/"676183e4-13dd5"
expires: Fri, 11 Jul 2025 11:57:28 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/script.js

103.42.28.74

200 OK

75 kB

URL GET
shimall-ups.sbs/assets/js/script.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
75 kB (75092 bytes)
Hash
d761ec041c6f157149dd799cda5dd4f4
883627490847fb151f4eb93d7ac66d1a45483dbb
f6ffeffd873fcc4a66c6b9d04c934ea99e5469c8fa44902efbf14d3ca8ee189a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/script.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:18 GMT
vary: Accept-Encoding
etag: W/"67618302-12554"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/zone.js

103.42.28.74

200 OK

4.2 kB

URL GET
shimall-ups.sbs/assets/js/zone.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
4.2 kB (4220 bytes)
Hash
038ca2c2d54e043ca57e152004894fcc
de9896197b2313687305bde3b879da23ccafdcd9
38d44bc0055ce3666f7b5f9c98449ea10745a9e372197b60bd395f871d85550b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/zone.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:30 GMT
vary: Accept-Encoding
etag: W/"6761830e-107c"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://shimall-ups.sbs/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48256, version 1.0
Size
48 kB (48256 bytes)
Hash
260c81a4759baf163c025001c4f27872
f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298
3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62

HTTP Headers

GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shimall-ups.sbs
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:36:32 GMT
expires: Wed, 10 Jun 2026 02:36:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
age: 120057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/webfonts/fa-solid-900.woff2

103.42.28.74

200 OK

118 kB

URL GET
shimall-ups.sbs/assets/webfonts/fa-solid-900.woff2
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 117452, version 329.-17826
Size
118 kB (117452 bytes)
Hash
525bd4ae5b9eaa1e23b4a5c8b28c0d9f
0985532515d580890822bd544fab4a7aea46cb33
b5869f6bb9116c6dd0b6b691d57a17954f3c522cf9ae4497094e62146d8bac15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/assets/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:29 GMT
content-type: font/woff2
content-length: 117452
last-modified: Tue, 17 Dec 2024 13:56:50 GMT
etag: "67618322-1cacc"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/webfonts/fa-brands-400.woff2

103.42.28.74

200 OK

75 kB

URL GET
shimall-ups.sbs/assets/webfonts/fa-brands-400.woff2
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74700, version 329.-17826
Size
75 kB (74700 bytes)
Hash
dc83ddbbdd108b159117928063699c4e
36960c9095be11315ea5f9031b3d489629268511
30d34a03dcaa7bb6a46bb49960bd4d7648ca71068b0635da5784e3a1f9070ed6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/assets/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:29 GMT
content-type: font/woff2
content-length: 74700
last-modified: Tue, 17 Dec 2024 13:56:40 GMT
etag: "67618318-123cc"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET shimall-ups.sbs/config.js

103.42.28.74

200 OK

371 B

URL GET
shimall-ups.sbs/config.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text
Size
371 B (371 bytes)
Hash
90b6ee8d4c09830052c23561ae12799d
7389faf0c09d2e29f3121bdf854be903fd03c138
742cacfc6f8701da749137f75d16966ca7dcb3f1433712cd8c9a44260755e595

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /config.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/assets/js/zone.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:29 GMT
content-type: application/javascript
content-length: 371
last-modified: Wed, 30 Apr 2025 05:03:20 GMT
etag: "6811af18-173"
expires: Wed, 11 Jun 2025 23:57:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/favicon.ico

103.42.28.74

404 Not Found

146 B

URL GET
shimall-ups.sbs/assets/images/favicon.ico
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/favicon.ico HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 11 Jun 2025 11:57:32 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/jquery.counterup.min.js

103.42.28.74

200 OK

21 kB

URL GET
shimall-ups.sbs/assets/js/jquery.counterup.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (911)
Size
21 kB (21448 bytes)
Hash
ac8c7cd057d291dc5f8992182887e554
a2f19870b9bfc913dd3f877b1801f9c6c3c3aa8e
d787c8b33d180fa608d2cc2224a6fa91bb4a178c1d47a0cb33a8408c808510df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery.counterup.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:04 GMT
vary: Accept-Encoding
etag: W/"676182f4-53c8"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/tilt.jquery.min.js

103.42.28.74

200 OK

5.6 kB

URL GET
shimall-ups.sbs/assets/js/tilt.jquery.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (5640)
Size
5.6 kB (5641 bytes)
Hash
a7c41f525cd406ce3261ed432d417f6b
038a72b0440d0eebd6332f32375438889d0cec17
8c343b24bfa1ada9122d5f5b38bfaa6fbcbf8f075dd751ff9d72c98278b46d9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/tilt.jquery.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:22 GMT
vary: Accept-Encoding
etag: W/"67618306-1609"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/3.mp4

103.42.28.74

206 Partial Content

276 kB

URL GET
shimall-ups.sbs/assets/video/3.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
276 kB (276252 bytes)
Hash
4cdff2f18617a14345d4d9f4f078fa39
add7fa5ce4a8d5dacbb5e169b4f79331ab12edd1
333b209ea20ec8a006d254af9d19fef811278350589eeb1595b68548dd47b037

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/3.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: video/mp4
content-length: 276252
last-modified: Tue, 17 Dec 2024 14:10:20 GMT
etag: "6761864c-4371c"
strict-transport-security: max-age=31536000
content-range: bytes 0-276251/276252
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/tiktok.mp4

103.42.28.74

206 Partial Content

46 kB

URL GET
shimall-ups.sbs/assets/video/tiktok.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
data
Size
46 kB (45642 bytes)
Hash
9cd54cd7f84a40962b9eab39c38b939c
4f5b89bafa9f1dd8d37bb3b9c53d9f705f33d8f4
2681bed83901a54c62bbc96375ca6a69055000dc75027aad314b84e957b0ebfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/tiktok.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=8978432-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:32 GMT
content-type: video/mp4
content-length: 45642
last-modified: Tue, 17 Dec 2024 14:10:48 GMT
etag: "67618668-89b24a"
strict-transport-security: max-age=31536000
content-range: bytes 8978432-9024073/9024074
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/flaticon.css

103.42.28.74

200 OK

1.3 kB

URL GET
shimall-ups.sbs/assets/css/flaticon.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (1193), with no line terminators
Size
1.3 kB (1333 bytes)
Hash
d9042e4ea709cb4bafb5307713910470
60936ed1116b64491d4d68183cc79a94bb3a9a56
380dbc8a64bd7a6d639137ec62acb6a0164b1337cdafffc7cd37d2404e5c5cba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/flaticon.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:40 GMT
vary: Accept-Encoding
etag: W/"676182a0-535"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/swiper-bundle.min.css

103.42.28.74

200 OK

16 kB

URL GET
shimall-ups.sbs/assets/css/swiper-bundle.min.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (16297), with no line terminators
Size
16 kB (16507 bytes)
Hash
4d7a540ccde5035c2f1ffcd4e647c573
d6d3fcf1a33b79646625252139bd712fbd81238e
3cabfa9e15865c1831727e35e571f59a91deda8e48efc246d3e46634fdb93359

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/swiper-bundle.min.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:50 GMT
vary: Accept-Encoding
etag: W/"676182aa-407b"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/1.mp4

103.42.28.74

206 Partial Content

562 kB

URL GET
shimall-ups.sbs/assets/video/1.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
562 kB (561958 bytes)
Hash
c9e9d44ff722002fae76d923472a1b01
cf4d834c4aaa1d4cea21d38da367add8259f78f6
af6908a80017d4dac46a7e9a631b17d61db853f5d7bfee6ac4a14585786503f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/1.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: video/mp4
content-length: 561958
last-modified: Tue, 17 Dec 2024 14:09:06 GMT
etag: "67618602-89326"
strict-transport-security: max-age=31536000
content-range: bytes 0-561957/561958
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/webfonts/fa-light-300.woff2

103.42.28.74

200 OK

157 kB

URL GET
shimall-ups.sbs/assets/webfonts/fa-light-300.woff2
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 156896, version 329.-17826
Size
157 kB (156896 bytes)
Hash
6b1c4bcb2a11d69fc64a61f889dfa1d3
313d7b371459d715ffc4c18d483f8541b9d5747a
b6eaf663bf99a31d581721a42668207bdc3d3db6ff33625790019f3682eea9fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/webfonts/fa-light-300.woff2 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/assets/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:29 GMT
content-type: font/woff2
content-length: 156896
last-modified: Tue, 17 Dec 2024 13:56:44 GMT
etag: "6761831c-264e0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET shimall-ups.sbs/language.js

103.42.28.74

200 OK

76 kB

URL GET
shimall-ups.sbs/language.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (653), with CRLF line terminators
Size
76 kB (76447 bytes)
Hash
fdd1a6f41ae1b4a75d7ebd7028beff61
61a1fb404efe84e0cc486635d6a2bf5cd5b9056c
a932ca627cd2c651f6004d163fe68d974b3a8d17aeb2e389b6b59336b022f727

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /language.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/assets/js/zone.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:29 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:53:14 GMT
vary: Accept-Encoding
etag: W/"6761824a-12a9f"
expires: Wed, 11 Jun 2025 23:57:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/magnific-popup.min.css

103.42.28.74

200 OK

5.5 kB

URL GET
shimall-ups.sbs/assets/css/magnific-popup.min.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (5399), with no line terminators
Size
5.5 kB (5539 bytes)
Hash
900ebe8357742625554115838d986a54
75bb5ee58e87fb83a07617293d9a23479fce3683
055cea1a3fa7881c67f31315783333cb3b83f4062e76dd8a58f74d19a0371308

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/magnific-popup.min.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:42 GMT
vary: Accept-Encoding
etag: W/"676182a2-15a3"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/style.css

103.42.28.74

200 OK

138 kB

URL GET
shimall-ups.sbs/assets/css/style.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Unicode text, UTF-8 text
Size
138 kB (137784 bytes)
Hash
b4966e994abaf11825c56ebe2967f424
f7d0ab5b2b6284eccaf92320f64411031ea32033
82e47fdc39a65ca8dabdad524dd265f38b7ce478f30f22737a60550e6e620789

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:48 GMT
vary: Accept-Encoding
etag: W/"676182a8-21a38"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/play-store.png

103.42.28.74

200 OK

5.6 kB

URL GET
shimall-ups.sbs/assets/images/play-store.png
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
PNG image data, 155 x 52, 8-bit/color RGBA, non-interlaced
Size
5.6 kB (5580 bytes)
Hash
d559c38c7c7d418b00f3303188994a01
fcfba9069094dfa1620643c3c7b76f7ce0b0db7c
9036417b0f3d82337b5196a991cc8139bac6865f5aa3c0018f7105dd0e7aad87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/play-store.png HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:35 GMT
content-type: image/png
last-modified: Tue, 17 Dec 2024 13:59:58 GMT
vary: Accept-Encoding
etag: W/"676183de-15cc"
expires: Fri, 11 Jul 2025 11:57:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/responsive.css

103.42.28.74

200 OK

6.1 kB

URL GET
shimall-ups.sbs/assets/css/responsive.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Unicode text, UTF-8 text
Size
6.1 kB (6055 bytes)
Hash
86f73864491a0359592bac4adf1fca96
e6769d7d03bb33b2e487ea8d5af7bb8f9a027e8c
9b084bc827b445092af35075ad26d15f44827a1bc15d437f7643bf5a1bb91846

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/responsive.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:46 GMT
vary: Accept-Encoding
etag: W/"676182a6-17a7"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/lazysizes.min.js

103.42.28.74

200 OK

8.0 kB

URL GET
shimall-ups.sbs/assets/js/lazysizes.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (7862)
Size
8.0 kB (8042 bytes)
Hash
1676485dd72c3bcd843fe5edac986faa
9cb71a19d578da4b9ae6fd477b2e28b47160d1c9
0bb1ea7499d5431a76a643de7c6f1be2379cc39ad3d84e5d1ba228f77b5ac2c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/lazysizes.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:14 GMT
vary: Accept-Encoding
etag: W/"676182fe-1f6a"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/plusjakartasans/v11/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2

142.250.74.35

200 OK

27 kB

URL GET
fonts.gstatic.com/s/plusjakartasans/v11/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://shimall-ups.sbs/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27348, version 1.0
Size
27 kB (27348 bytes)
Hash
7660bd9909fb097989b19471a75f1b7a
a389d97de580a2d6a3723112234bd2b3839ce0db
153fc85b70298beeb1d61a5f723331649e7f23bb77302a66e61cb3e2fbdb5e79

HTTP Headers

GET /s/plusjakartasans/v11/LDIoaomQNQcsA88c7O9yZ4KMCoOg4Ko20yw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shimall-ups.sbs
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jun 2025 19:31:27 GMT
expires: Mon, 08 Jun 2026 19:31:27 GMT
cache-control: public, max-age=31536000
age: 231962
last-modified: Thu, 29 May 2025 22:06:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/jquery.min.js

103.42.28.74

200 OK

90 kB

URL GET
shimall-ups.sbs/assets/js/jquery.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:10 GMT
vary: Accept-Encoding
etag: W/"676182fa-15d9d"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/tiktok.mp4

103.42.28.74

206 Partial Content

131 kB

URL GET
shimall-ups.sbs/assets/video/tiktok.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
data
Size
131 kB (131072 bytes)
Hash
569e027395a3d2092c4890e6a0d238e0
c123431b882e477e46570e06e6e6a9036e78ed0d
0e5dbb6502d27557cc9b16484c54ea47dcf0da6ce4bca8d872fd0d4bbedc886b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/tiktok.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=131072-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:35 GMT
content-type: video/mp4
content-length: 8893002
last-modified: Tue, 17 Dec 2024 14:10:48 GMT
etag: "67618668-89b24a"
strict-transport-security: max-age=31536000
content-range: bytes 131072-9024073/9024074
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/aos.min.css

103.42.28.74

200 OK

29 kB

URL GET
shimall-ups.sbs/assets/css/aos.min.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (28857), with no line terminators
Size
29 kB (29067 bytes)
Hash
7543b5a52a6811252d6ad245b38ab641
4e18b858c909dc9f0ea4ddfc3313f9314c87b7cf
aa0c1409d6bdd4b59a5cbb9f76208d357153501e494baf39bf0df0a5f8f04f26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/aos.min.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:34 GMT
vary: Accept-Encoding
etag: W/"6761829a-718b"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/English.svg

103.42.28.74

200 OK

504 B

URL GET
shimall-ups.sbs/assets/images/English.svg
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
SVG Scalable Vector Graphics image
Size
504 B (504 bytes)
Hash
6dcadf6916764560c2f1fec586e2c1de
161ee20a0a75bb06d4f2ca9acdbb137d9a963cec
c8be1e7208798a4ae692ee1e937065d498bb29e741943f6172b29118b8ed8066

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/English.svg HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:31 GMT
content-type: image/svg+xml
content-length: 504
last-modified: Tue, 17 Dec 2024 13:58:40 GMT
etag: "67618390-1f8"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/aos.min.js

103.42.28.74

200 OK

14 kB

URL GET
shimall-ups.sbs/assets/js/aos.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (13875)
Size
14 kB (13952 bytes)
Hash
e0041457719a9b541a81669201b820b7
10bc52e3895f57acf7e9de24a465a1f3abb6d9fa
397c09afcedde7c04a774ce7738d7a1ab0a7cf69814bf1e281226888582a9519

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/aos.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:55:58 GMT
vary: Accept-Encoding
etag: W/"676182ee-3680"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/vue.min.js

103.42.28.74

200 OK

108 kB

URL GET
shimall-ups.sbs/assets/js/vue.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65362)
Size
108 kB (107679 bytes)
Hash
8da91780fa9815752579efedb7b6ee03
4525cbd167c96324016eaa2584703e2024e85c90
3c1d4b0c549e8de9d4a9bafb12ab70b6a1ac747d07293b98c5b25b6632999afd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/vue.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:26 GMT
vary: Accept-Encoding
etag: W/"6761830a-1a49f"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/app-store.png

103.42.28.74

200 OK

8.9 kB

URL GET
shimall-ups.sbs/assets/images/app-store.png
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
PNG image data, 174 x 58, 8-bit/color RGBA, non-interlaced
Size
8.9 kB (8941 bytes)
Hash
2307149fd16a93b368b9759daffc99c1
572db71ea067e6ebe3502f3d95efc2cd5c4975f2
2b970e31593d110544492f4ef959630d2aaae837484dcd60e9c61deeafac1ea3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/app-store.png HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:35 GMT
content-type: image/png
last-modified: Tue, 17 Dec 2024 13:59:32 GMT
vary: Accept-Encoding
etag: W/"676183c4-22ed"
expires: Fri, 11 Jul 2025 11:57:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/placeholder.png

103.42.28.74

200 OK

71 B

URL GET
shimall-ups.sbs/assets/images/placeholder.png
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
PNG image data, 3 x 2, 8-bit gray+alpha, non-interlaced
Size
71 B (71 bytes)
Hash
4843c348ca84c52ddacb3062cc63800b
a69d09452173765a46edf053dce2bb4a003601a8
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/placeholder.png HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: image/png
content-length: 71
last-modified: Tue, 17 Dec 2024 13:59:54 GMT
etag: "676183da-47"
expires: Fri, 11 Jul 2025 11:57:28 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/jquery.nice-select.min.js

103.42.28.74

200 OK

4.5 kB

URL GET
shimall-ups.sbs/assets/js/jquery.nice-select.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
4.5 kB (4539 bytes)
Hash
6da8d42255961163046979da18f54b72
6262d03800d298badf3d8188df5212f4d3fa0d7d
00095a8b4be4fffdfc68d53607b18dfc6ec6fa5248025323f6667c53d192d6f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery.nice-select.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:12 GMT
vary: Accept-Encoding
etag: W/"676182fc-11bb"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/webfonts/fa-regular-400.woff2

103.42.28.74

200 OK

145 kB

URL GET
shimall-ups.sbs/assets/webfonts/fa-regular-400.woff2
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 145152, version 329.-17826
Size
145 kB (145152 bytes)
Hash
935ae23ba86e111411100dca037d2f0a
d0454a905c24df15d3b53e046a01ab70fc8ce21f
6f15cf39100feae2e2bf4c38f08b2d89701c3f04a2ad84a1d6f89bc70f21cf6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/assets/css/all.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:29 GMT
content-type: font/woff2
content-length: 145152
last-modified: Tue, 17 Dec 2024 13:56:48 GMT
etag: "67618320-23700"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/avatar-1.jpg

103.42.28.74

200 OK

23 kB

URL GET
shimall-ups.sbs/assets/images/avatar-1.jpg
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3
Size
23 kB (22661 bytes)
Hash
df4ec799e50e4b0820999974126de66b
e6884723d8b81115e443e471552953f393a6f71e
372396d2ef1552755bec3be34d363ad967c0e807d6332daeb658d1d1a0080060

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/avatar-1.jpg HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:35 GMT
content-type: image/jpeg
last-modified: Tue, 17 Dec 2024 13:59:30 GMT
vary: Accept-Encoding
etag: W/"676183c2-5885"
expires: Fri, 11 Jul 2025 11:57:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/images/avatar-4.jpg

103.42.28.74

200 OK

26 kB

URL GET
shimall-ups.sbs/assets/images/avatar-4.jpg
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3
Size
26 kB (26364 bytes)
Hash
32f4ef445a831afc54c921957df06ee5
fcc35102be6b310cab662fec2cd4762cbcf4d946
7ea461e2b4b049841a3646a2b011a7701b1360b441c4a9834b427c718fbd691a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/avatar-4.jpg HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:36 GMT
content-type: image/jpeg
last-modified: Tue, 17 Dec 2024 13:59:22 GMT
vary: Accept-Encoding
etag: W/"676183ba-66fc"
expires: Fri, 11 Jul 2025 11:57:36 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/css/all.min.css

103.42.28.74

200 OK

80 kB

URL GET
shimall-ups.sbs/assets/css/all.min.css
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ASCII text, with very long lines (65400)
Size
80 kB (80028 bytes)
Hash
658b47262512a7aefcd6ef0bc8aac30f
7915a7ce2e7b388f94c0b7d0ce483aef0a3c0256
90b01450fc1a4c181fb3c880f7fb11c0befb22d4972f4e1e744591e9df4375ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/all.min.css HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: text/css
last-modified: Tue, 17 Dec 2024 13:54:28 GMT
vary: Accept-Encoding
etag: W/"67618294-1389c"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/js/tweenMax.min.js

103.42.28.74

200 OK

116 kB

URL GET
shimall-ups.sbs/assets/js/tweenMax.min.js
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
JavaScript source, ASCII text, with very long lines (32043)
Size
116 kB (116050 bytes)
Hash
6296e4cbdcf8f726fbbe2f56a246ef33
0d477ae74145be06f9681ae626b3816694115bd0
b2eb575eacb77fd139ffdf2cb86a12295189043fce93e000210dd88b41afc57a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/tweenMax.min.js HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 11 Jun 2025 11:57:28 GMT
content-type: application/javascript
last-modified: Tue, 17 Dec 2024 13:56:24 GMT
vary: Accept-Encoding
etag: W/"67618308-1c552"
expires: Wed, 11 Jun 2025 23:57:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET shimall-ups.sbs/assets/video/3.mp4

103.42.28.74

206 Partial Content

276 kB

URL GET
shimall-ups.sbs/assets/video/3.mp4
IP
103.42.28.74:443
ASN
#62468 HKCLOUDX

Requested by
https://shimall-ups.sbs/
Certificate
IssuerLet's Encrypt
Subjectshimall-ups.sbs
FingerprintAF:9A:40:58:62:06:E9:2B:79:8A:29:C0:D0:38:B5:F6:0D:F9:3F:97
ValidityWed, 30 Apr 2025 03:56:05 GMT - Tue, 29 Jul 2025 03:56:04 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
276 kB (276252 bytes)
Hash
4cdff2f18617a14345d4d9f4f078fa39
add7fa5ce4a8d5dacbb5e169b4f79331ab12edd1
333b209ea20ec8a006d254af9d19fef811278350589eeb1595b68548dd47b037

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/3.mp4 HTTP/1.1
Host: shimall-ups.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://shimall-ups.sbs/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Wed, 11 Jun 2025 11:57:31 GMT
content-type: video/mp4
content-length: 276252
last-modified: Tue, 17 Dec 2024 14:10:20 GMT
etag: "6761864c-4371c"
strict-transport-security: max-age=31536000
content-range: bytes 0-276251/276252
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML