www.fumi.com Open in urlscan Pro
106.55.244.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shibmall.com/
Effective URL:
https://www.fumi.com/buy_domain/shibmall.com
Submission: On May 29 via api (May 29th 2021, 8:07:24 pm UTC) from CH

Summary HTTP 12 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 106.55.244.100, located in China and belongs to CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is www.fumi.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 17th 2020. Valid for: a year.

This is the only time www.fumi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1	101.33.125.230 101.33.125.230		132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	106.55.244.100 106.55.244.100		45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
2	58.144.136.99 58.144.136.99		4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
6	211.91.160.215 211.91.160.215		4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
12	4

1 101.33.125.230 (Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

shibmall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 106.55.244.100 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

www.fumi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 58.144.136.99 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cdn.bootcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 211.91.160.215 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

www.layuicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	layuicdn.com www.layuicdn.com	139 KB
3	fumi.com www.fumi.com	12 KB
2	bootcss.com cdn.bootcss.com	62 KB
1	shibmall.com shibmall.com	9 KB
12	4

	Domain	Requested by
6	www.layuicdn.com	www.fumi.com www.layuicdn.com
3	www.fumi.com	shibmall.com cdn.bootcss.com
2	cdn.bootcss.com	shibmall.com www.fumi.com
1	shibmall.com
12	4

This site contains no links.

Subject Issuer	Validity	Valid
fumi.com Encryption Everywhere DV TLS CA - G1	`2020-11-17` - `2021-11-17`	a year	crt.sh
*.bootcss.com R3	`2021-05-06` - `2021-08-04`	3 months	crt.sh
www.layuicdn.com TrustAsia TLS RSA CA	`2021-05-07` - `2022-06-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.fumi.com/buy_domain/shibmall.com
Frame ID: 7DE87948B6591DED4587C9B5C873241E
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://shibmall.com/ Page URL
https://www.fumi.com/buy_domain/shibmall.com Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

222 kB
Transfer

602 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shibmall.com/ Page URL
https://www.fumi.com/buy_domain/shibmall.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
shibmall.com/ 8 KB
9 KB 754ms
421ms Document
text/html 101.33.125.230
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: http://shibmall.com/
Protocol: HTTP/1.1
Server: 101.33.125.230 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: e8c94e8049c261ec49d2600f885b6f511d524e0e82a8c7962a7bdc65a67f9308

Request headers

Host: shibmall.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 20:07:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Wed, 26 May 2021 12:23:35 GMT
ETag: "21ec-5c33ab632967c"
Accept-Ranges: bytes
Content-Length: 8684
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200 logo.svg
www.fumi.com/img/pc/ 7 KB
7 KB 707ms
237ms Image
image/svg+xml 106.55.244.100
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fumi.com/img/pc/logo.svg
Requested by: Host: shibmall.com
URL: http://shibmall.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 106.55.244.100 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: d5b72562cf66fa6c06f2d93210abf6e90caf82a253bec96887d9b0536c647be4

Request headers

Referer: http://shibmall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 20:07:06 GMT
Last-Modified: Fri, 28 May 2021 04:56:12 GMT
Server: nginx/1.15.6
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: image/svg+xml;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type,X-CAF-Authorization-Token,sessionToken,X-TOKEN
Content-Length: 6749

GET
H2 200 jquery.min.js Show response
cdn.bootcss.com/jquery/3.4.1/ 86 KB
31 KB 1479ms
425ms Script
application/javascript 58.144.136.99
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js

Requested by

Host: shibmall.com
URL: http://shibmall.com/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

58.144.136.99 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

NWS_TCloud_S1 /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://shibmall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 20:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: Hit From Disktank3 Gz
x-nws-uuid-verify: 6f69f9260cc0c76a2a30c384f84323e6
age: 399218
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30708
cf-request-id: 0a3347075400000cd3c634d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: NWS_TCloud_S1
cf-cdnjs-via: cfworker/kv
etag: W/"5eb03ec4-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OB%2FIWg2C7XjedfYXSra0qX5e8yWXK1IPTtugtWEtw1gVsgdDIcvp4CPOjB8pahYky7KfvbArpoUBcXYnQKO%2FCMjNcm4gFWvu0ta0I91QmO%2BXnQb8rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 70f9d7b7-93f1-443f-9b36-338da8079760
cf-ray: 6532411ee9290cd3-LAX
expires: Mon, 28 Jun 2021 20:07:06 GMT

GET
H/1.1 200 getDomainByName
www.fumi.com/api/domainData/ 441 B
844 B 1704ms
1244ms XHR
application/json 106.55.244.100
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fumi.com/api/domainData/getDomainByName?title=shibmall.com
Requested by: Host: cdn.bootcss.com
URL: https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 106.55.244.100 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://shibmall.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 May 2021 20:07:08 GMT
Server: nginx/1.15.6
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-CAF-Authorization-Token,sessionToken,X-TOKEN

GET
H/1.1 200 Primary Request shibmall.com Show response
www.fumi.com/buy_domain/ 4 KB
5 KB 235ms
234ms Document
text/html 106.55.244.100
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fumi.com/buy_domain/shibmall.com
Requested by: Host: shibmall.com
URL: http://shibmall.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 106.55.244.100 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: 7b39c1cf5af5977650f4d35d8bdf4748dee6cdc1eb75844495999bf1b67dae75

Request headers

Host: www.fumi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://shibmall.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://shibmall.com/

Response headers

Server: nginx/1.15.6
Date: Sat, 29 May 2021 20:07:09 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Headers: Content-Type,X-CAF-Authorization-Token,sessionToken,X-TOKEN
Content-Language: en-US

GET
H2 200 layui.css
www.layuicdn.com/layui/css/ 78 KB
15 KB 2179ms
261ms Stylesheet
text/css 211.91.160.215
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.layuicdn.com/layui/css/layui.css
Requested by: Host: www.fumi.com
URL: https://www.fumi.com/buy_domain/shibmall.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.91.160.215 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: NWS_TCloud_static_msoc2 /
Resource Hash: 1aeca5b75e0d8c5b59db3116ec7d4c05e6d2922776e41043278d26d02dfdee9c

Request headers

Referer: https://www.fumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 23:37:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-bce-request-id: 30e2e190-55f2-45db-b4ff-8bb5f6871ad9
content-md5: S57Xj7rFe90a2WWCi7dHqQ==
x-bce-meta-md5: S57Xj7rFe90a2WWCi7dHqQ==
x-bce-storage-class: STANDARD
content-length: 14311
last-modified: Sat, 22 May 2021 14:55:21 GMT
server: NWS_TCloud_static_msoc2
etag: "4b9ed78fbac57bdd1ad965828bb747a9"
access-control-max-age: 2592000
access-control-allow-methods: OPTIONS,GET,POST
content-type: text/css
access-control-allow-origin: *
x-bce-debug-id: BH4Dh2Ikc2V72QOEJveud9hI6/2yk5rycfFwn6s77xWIPO77BgUdWAd06jQOgMYJTQIX5MHKanRhFtwXDwlR6g==
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 5722494252552396051
accept-ranges: bytes
x-bce-content-crc32: 890631912
expires: Fri, 28 May 2021 23:47:52 GMT

GET
H2 200 jquery.min.js Show response
cdn.bootcss.com/jquery/3.4.1/ 86 KB
31 KB 788ms
487ms Script
application/javascript 58.144.136.99
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js

Requested by

Host: www.fumi.com
URL: https://www.fumi.com/buy_domain/shibmall.com

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

58.144.136.99 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

NWS_TCloud_S1 /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 20:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: Hit From Disktank3 Gz
x-nws-uuid-verify: 6f69f9260cc0c76a2a30c384f84323e6
age: 399218
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30708
cf-request-id: 0a3347075400000cd3c634d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: NWS_TCloud_S1
cf-cdnjs-via: cfworker/kv
etag: W/"5eb03ec4-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OB%2FIWg2C7XjedfYXSra0qX5e8yWXK1IPTtugtWEtw1gVsgdDIcvp4CPOjB8pahYky7KfvbArpoUBcXYnQKO%2FCMjNcm4gFWvu0ta0I91QmO%2BXnQb8rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: df22e034-2aa0-4b42-8000-9c8935c5f07a
cf-ray: 6532411ee9290cd3-LAX
expires: Mon, 28 Jun 2021 20:07:08 GMT

GET
H2 200 layui.js Show response
www.layuicdn.com/layui/ 284 KB
92 KB 2197ms
279ms Script
application/javascript 211.91.160.215
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.layuicdn.com/layui/layui.js
Requested by: Host: www.fumi.com
URL: https://www.fumi.com/buy_domain/shibmall.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.91.160.215 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: NWS_TCloud_static_msoc2 /
Resource Hash: 2ab9c8d891c7dcc844c389b51ef0a7a85b14c5a49b15b540e46928937a216e00

Request headers

Referer: https://www.fumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 08:13:02 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-bce-request-id: 9edca262-dc0d-400e-8e68-f7fbd62b4cb4
content-md5: wEWISk8mny3DqB/71+EZ/Q==
x-bce-meta-md5: wEWISk8mny3DqB/71+EZ/Q==
x-bce-storage-class: STANDARD
content-length: 93843
last-modified: Sat, 22 May 2021 14:55:21 GMT
server: NWS_TCloud_static_msoc2
etag: "c045884a4f269f2dc3a81ffbd7e119fd"
access-control-max-age: 2592000
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/javascript
access-control-allow-origin: *
x-bce-debug-id: dC5Ex3nrPJ03Nkrst1E/n6SvOGO/OF01PeZ6eVCfGtKPagegdN1104q0i5L1vozwhjEpzXefhTvxGetK2NYLIQ==
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 4884956856261312993
accept-ranges: bytes
x-bce-content-crc32: 1467077306
expires: Sat, 29 May 2021 08:23:02 GMT

GET
H2 200 iconfont.woff2
www.layuicdn.com/layui/font/ 25 KB
26 KB 1018ms
339ms Font
application/octet-stream 211.91.160.215
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.layuicdn.com/layui/font/iconfont.woff2?v=256
Requested by: Host: www.layuicdn.com
URL: https://www.layuicdn.com/layui/css/layui.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.91.160.215 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: NWS_TCloud_static_msoc2 /
Resource Hash: bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09

Request headers

Origin: https://www.fumi.com
Referer: https://www.layuicdn.com/layui/css/layui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 02:27:05 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-bce-request-id: 699962e9-6d46-415d-b8bf-7a0e7fd9ae05
content-md5: 2MIUyJ4zp76pPWVr2GXoaQ==
x-bce-meta-md5: 2MIUyJ4zp76pPWVr2GXoaQ==
x-bce-storage-class: STANDARD
content-length: 25964
last-modified: Sat, 22 May 2021 14:55:23 GMT
server: NWS_TCloud_static_msoc2
etag: "d8c214c89e33a7bea93d656bd865e869"
access-control-max-age: 2592000
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/octet-stream
access-control-allow-origin: *
x-bce-debug-id: rH6A9zMqkeAWBYOA/JDOK3bj4J6KgWVE2oPTwmXaJliH1Mha5Fjy9miAaptX/eE4BTUMipvWAveguBdO2V2Y+w==
cache-control: max-age=600
access-control-allow-credentials: true
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 11538576112655672186
accept-ranges: bytes
x-bce-content-crc32: 979519629
expires: Sat, 29 May 2021 02:37:05 GMT

GET
H2 200 laydate.css
www.layuicdn.com/layui/css/modules/laydate/default/ 7 KB
2 KB 261ms
261ms Stylesheet
text/css 211.91.160.215
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.layuicdn.com/layui/css/modules/laydate/default/laydate.css?v=5.3.1
Requested by: Host: www.layuicdn.com
URL: https://www.layuicdn.com/layui/layui.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.91.160.215 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: NWS_TCloud_static_msoc2 /
Resource Hash: ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f

Request headers

Referer: https://www.fumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 08:09:32 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-bce-request-id: dc1645dd-7bca-492c-8aa9-86fd9ea32de0
content-md5: 6QeO7zT+mkTkS91VtI/cVQ==
x-bce-meta-md5: 6QeO7zT+mkTkS91VtI/cVQ==
x-bce-storage-class: STANDARD
content-length: 1704
last-modified: Sat, 22 May 2021 14:55:22 GMT
server: NWS_TCloud_static_msoc2
etag: "e9078eef34fe9a44e44bdd55b48fdc55"
access-control-max-age: 2592000
access-control-allow-methods: OPTIONS,GET,POST
content-type: text/css
access-control-allow-origin: *
x-bce-debug-id: qKdUkLV9gO2r3V33owo/zFS3+84aab8WuALcKoaxZ5fuEiiLgnsyiSmD5JPZaqip6O2ofn8tI6hS4tlgD6BF6A==
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 17318561375729826842
accept-ranges: bytes
x-bce-content-crc32: 3505125031
expires: Sat, 29 May 2021 08:19:32 GMT

GET
H2 200 layer.css
www.layuicdn.com/layui/css/modules/layer/default/ 14 KB
3 KB 261ms
260ms Stylesheet
text/css 211.91.160.215
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.layuicdn.com/layui/css/modules/layer/default/layer.css?v=3.5.1
Requested by: Host: www.layuicdn.com
URL: https://www.layuicdn.com/layui/layui.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.91.160.215 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: NWS_TCloud_static_msoc2 /
Resource Hash: 5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540

Request headers

Referer: https://www.fumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 00:16:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-bce-request-id: 301f41d9-b59d-47f1-9e0f-5c72cfaa5067
content-md5: wjTrBtXzIFUJIpTniVfxfQ==
x-bce-meta-md5: wjTrBtXzIFUJIpTniVfxfQ==
x-bce-storage-class: STANDARD
content-length: 2789
last-modified: Sat, 22 May 2021 14:55:24 GMT
server: NWS_TCloud_static_msoc2
etag: "c234eb06d5f32055092294e78957f17d"
access-control-max-age: 2592000
access-control-allow-methods: OPTIONS,GET,POST
content-type: text/css
access-control-allow-origin: *
x-bce-debug-id: v1xsCRtge90gz5i1eQ/LTzfsfOAxfpWz4sxNdsB3DoNj3hokajhJJ0uEjn6x40NdraOQr7VugHUde+P9m9tlLA==
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 1228616263801688279
accept-ranges: bytes
x-bce-content-crc32: 3513779780
expires: Sat, 29 May 2021 00:26:13 GMT

GET
H2 200 code.css
www.layuicdn.com/layui/css/modules/ 1 KB
909 B 260ms
260ms Stylesheet
text/css 211.91.160.215
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.layuicdn.com/layui/css/modules/code.css?v=2
Requested by: Host: www.layuicdn.com
URL: https://www.layuicdn.com/layui/layui.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.91.160.215 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: NWS_TCloud_static_msoc2 /
Resource Hash: 3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431

Request headers

Referer: https://www.fumi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 23:03:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-bce-request-id: a6b1cbfa-fdc6-490a-a345-d73bdb902c13
content-md5: mG0NcLAzoZX8G9FSewaZOw==
x-bce-meta-md5: mG0NcLAzoZX8G9FSewaZOw==
x-bce-storage-class: STANDARD
content-length: 491
last-modified: Sat, 22 May 2021 14:55:21 GMT
server: NWS_TCloud_static_msoc2
etag: "986d0d70b033a195fc1bd1527b06993b"
access-control-max-age: 2592000
access-control-allow-methods: OPTIONS,GET,POST
content-type: text/css
access-control-allow-origin: *
x-bce-debug-id: AAYK1by+x7MduN5lxBFkkzcHbIe/iY5jPrZDV4XUtrkA9hlzfKFrfOTVB3p2UdZqo/P8xLWbWoy/wz76X7Gf2g==
cache-control: max-age=600
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 14220102034668152098
accept-ranges: bytes
x-bce-content-crc32: 426256892
expires: Fri, 28 May 2021 23:13:38 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| calculateSize function| $ function| jQuery object| layui function| lay number| errors object| layer function| offerAmount

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bootcss.com
shibmall.com
www.fumi.com
www.layuicdn.com
101.33.125.230
106.55.244.100
211.91.160.215
58.144.136.99
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1aeca5b75e0d8c5b59db3116ec7d4c05e6d2922776e41043278d26d02dfdee9c
2ab9c8d891c7dcc844c389b51ef0a7a85b14c5a49b15b540e46928937a216e00
3f27194c2e479212781a76f993b778d724ac9838e780b19472c0357cd3081431
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
7b39c1cf5af5977650f4d35d8bdf4748dee6cdc1eb75844495999bf1b67dae75
ab9dbdf922a26509951347fcfa83704d86afd2df855c827740c23df72fd8ab3f
bef73f87b8a3972427dcece922ed8f59d1d01c4a3fd572316efa70de9aec9c09
d5b72562cf66fa6c06f2d93210abf6e90caf82a253bec96887d9b0536c647be4
e8c94e8049c261ec49d2600f885b6f511d524e0e82a8c7962a7bdc65a67f9308