sheba.smgsoftech.com Open in urlscan Pro
162.213.253.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://feedproxy.google.com/~r/dtmvpqlhvom/~3/E7Z4-bcOZsQ/balky.php
Effective URL:
http://sheba.smgsoftech.com/login.php
Submission: On November 03 via automatic, source urlhaus (November 3rd 2021, 6:06:49 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 162.213.253.68, located in United States and belongs to NAMECHEAP-NET, US. The main domain is sheba.smgsoftech.com.

This is the only time sheba.smgsoftech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
10	162.213.253.68 162.213.253.68	22612 (NAMECHEAP...) (NAMECHEAP-NET)
10	1

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

feedproxy.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.213.253.68 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium45-1.web-hosting.com

sheba.smgsoftech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	smgsoftech.com sheba.smgsoftech.com	134 KB
1	google.com 1 redirects feedproxy.google.com	462 B
10	2

	Domain	Requested by
10	sheba.smgsoftech.com	sheba.smgsoftech.com
1	feedproxy.google.com	1 redirects
10	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://sheba.smgsoftech.com/login.php
Frame ID: F6102687B08871EE3ACDD3DF33E546E6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SMG ERP

Page URL History Show full URLs

http://feedproxy.google.com/~r/dtmvpqlhvom/~3/E7Z4-bcOZsQ/balky.php HTTP 301
http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpql... Page URL
http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpql... Page URL
http://sheba.smgsoftech.com/ Page URL
http://sheba.smgsoftech.com/login.php Page URL

Page Statistics

10
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

134 kB
Transfer

357 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://feedproxy.google.com/~r/dtmvpqlhvom/~3/E7Z4-bcOZsQ/balky.php HTTP 301
http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29 Page URL
http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29 Page URL
http://sheba.smgsoftech.com/ Page URL
http://sheba.smgsoftech.com/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://feedproxy.google.com/~r/dtmvpqlhvom/~3/E7Z4-bcOZsQ/balky.php HTTP 301
http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	balky.php Show response sheba.smgsoftech.com/ Redirect Chain http://feedproxy.google.com/~r/dtmvpqlhvom/~3/E7Z4-bcOZsQ/balky.php http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29	937 B 729 B	431ms 229ms	Document text/html	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29 Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / PHP/5.6.40 Resource Hash `2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers keep-alive timeout=5, max=100 x-powered-by PHP/5.6.40 content-type text/html; charset=UTF-8 content-length 457 content-encoding gzip vary Accept-Encoding date Wed, 03 Nov 2021 18:06:42 GMT server LiteSpeed x-turbo-charged-by LiteSpeed Redirect headers Location http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29 Content-Type text/html; charset=UTF-8 Content-Encoding gzip Date Wed, 03 Nov 2021 18:06:42 GMT Expires Wed, 03 Nov 2021 18:06:42 GMT Cache-Control private, max-age=0 X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Length 260 Server GSE
GET H/1.1	200 OK	balky.php sheba.smgsoftech.com/	961 B 775 B	763ms 763ms	Document text/html	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29 Requested by Host: sheba.smgsoftech.com URL: http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29 Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / PHP/5.6.40 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29 Response headers keep-alive timeout=5, max=100 x-powered-by PHP/5.6.40 content-type text/html; charset=UTF-8 content-length 503 content-encoding gzip vary Accept-Encoding date Wed, 03 Nov 2021 18:06:43 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H/1.1	200 OK	/ sheba.smgsoftech.com/	53 B 534 B	204ms 203ms	Document text/html	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/ Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / PHP/5.6.40 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://sheba.smgsoftech.com/balky.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dtmvpqlhvom+%28interproximalinternetwork%29 Response headers keep-alive timeout=5, max=100 x-powered-by PHP/5.6.40 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache content-type text/html; charset=UTF-8 content-length 68 content-encoding gzip vary Accept-Encoding date Wed, 03 Nov 2021 18:06:44 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H/1.1	200 OK	Primary Request login.php Show response sheba.smgsoftech.com/	2 KB 1 KB	202ms 202ms	Document text/html	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/login.php Requested by Host: sheba.smgsoftech.com URL: http://sheba.smgsoftech.com/ Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / PHP/5.6.40 Resource Hash `28f591dce142d0d48d6d4bd6b24e24f9912971ee6d37b01ac00755598a53dde4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://sheba.smgsoftech.com/ Response headers keep-alive timeout=5, max=100 x-powered-by PHP/5.6.40 content-type text/html; charset=UTF-8 content-length 792 content-encoding gzip vary Accept-Encoding date Wed, 03 Nov 2021 18:06:44 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H/1.1	200 OK	bootstrap.min.css sheba.smgsoftech.com/vendors/bootstrap/dist/css/	118 KB 25 KB	202ms 201ms	Stylesheet text/css	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/vendors/bootstrap/dist/css/bootstrap.min.css Requested by Host: sheba.smgsoftech.com URL: http://sheba.smgsoftech.com/login.php Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / Resource Hash `5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a` Request headers Accept-Language de-DE,de;q=0.9 Referer http://sheba.smgsoftech.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 03 Nov 2021 18:06:44 GMT content-encoding gzip last-modified Sat, 18 Jul 2020 14:46:48 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 25201 expires Wed, 10 Nov 2021 18:06:44 GMT
GET H/1.1	200 OK	font-awesome.min.css sheba.smgsoftech.com/vendors/font-awesome/css/	28 KB 8 KB	416ms 217ms	Stylesheet text/css	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/vendors/font-awesome/css/font-awesome.min.css Requested by Host: sheba.smgsoftech.com URL: http://sheba.smgsoftech.com/login.php Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / Resource Hash `ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42` Request headers Accept-Language de-DE,de;q=0.9 Referer http://sheba.smgsoftech.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 03 Nov 2021 18:06:45 GMT content-encoding gzip last-modified Sat, 18 Jul 2020 14:46:50 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 7499 expires Wed, 10 Nov 2021 18:06:45 GMT
GET H/1.1	200 OK	nprogress.css sheba.smgsoftech.com/vendors/nprogress/	1 KB 972 B	416ms 218ms	Stylesheet text/css	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/vendors/nprogress/nprogress.css Requested by Host: sheba.smgsoftech.com URL: http://sheba.smgsoftech.com/login.php Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / Resource Hash `4a39ac43a1612a5a1e3ff1cafaebefa77f314ec9bbd2d51f719a278f419c894a` Request headers Accept-Language de-DE,de;q=0.9 Referer http://sheba.smgsoftech.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 03 Nov 2021 18:06:45 GMT content-encoding gzip last-modified Sat, 18 Jul 2020 14:46:52 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 595 expires Wed, 10 Nov 2021 18:06:45 GMT
GET H/1.1	200 OK	animate.min.css sheba.smgsoftech.com/vendors/animate.css/	52 KB 6 KB	416ms 217ms	Stylesheet text/css	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/vendors/animate.css/animate.min.css Requested by Host: sheba.smgsoftech.com URL: http://sheba.smgsoftech.com/login.php Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / Resource Hash `e91e33855a7203b1828fba1d326c1a629c375d49cdbf0a52aa050e5331fb3125` Request headers Accept-Language de-DE,de;q=0.9 Referer http://sheba.smgsoftech.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 03 Nov 2021 18:06:45 GMT content-encoding gzip last-modified Sat, 18 Jul 2020 14:46:46 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 5289 expires Wed, 10 Nov 2021 18:06:45 GMT
GET H/1.1	200 OK	custom.min.css sheba.smgsoftech.com/build/css/	83 KB 21 KB	415ms 216ms	Stylesheet text/css	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/build/css/custom.min.css Requested by Host: sheba.smgsoftech.com URL: http://sheba.smgsoftech.com/login.php Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / Resource Hash `f06f44ca38b01e9f76fb8fd38c4efebe18ee599f543401752e6281b60a4b1353` Request headers Accept-Language de-DE,de;q=0.9 Referer http://sheba.smgsoftech.com/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 03 Nov 2021 18:06:45 GMT content-encoding gzip last-modified Sat, 18 Jul 2020 14:46:44 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 20983 expires Wed, 10 Nov 2021 18:06:45 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 sheba.smgsoftech.com/vendors/font-awesome/fonts/	70 KB 71 KB	204ms 204ms	Font font/woff2	162.213.253.68 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL http://sheba.smgsoftech.com/vendors/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: sheba.smgsoftech.com URL: http://sheba.smgsoftech.com/vendors/font-awesome/css/font-awesome.min.css Protocol HTTP/1.1 Server 162.213.253.68 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium45-1.web-hosting.com Software LiteSpeed / Resource Hash `7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73` Request headers Referer http://sheba.smgsoftech.com/vendors/font-awesome/css/font-awesome.min.css Origin http://sheba.smgsoftech.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 03 Nov 2021 18:06:45 GMT last-modified Sat, 18 Jul 2020 14:46:50 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes keep-alive timeout=5, max=100 content-length 71896 expires Wed, 10 Nov 2021 18:06:45 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sheba.smgsoftech.com/	1970-01-19 22:26:02	Name: d Value: 0
sheba.smgsoftech.com/	1970-01-19 22:26:02	Name: n Value: Etc/Unknown
sheba.smgsoftech.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: e6mp9gh25rl1nav5n1iqqgpvt3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

feedproxy.google.com
sheba.smgsoftech.com
162.213.253.68
2a00:1450:4001:801::200e
28f591dce142d0d48d6d4bd6b24e24f9912971ee6d37b01ac00755598a53dde4
2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe
4a39ac43a1612a5a1e3ff1cafaebefa77f314ec9bbd2d51f719a278f419c894a
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
e91e33855a7203b1828fba1d326c1a629c375d49cdbf0a52aa050e5331fb3125
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
f06f44ca38b01e9f76fb8fd38c4efebe18ee599f543401752e6281b60a4b1353

sheba.smgsoftech.com Open in urlscan Pro 162.213.253.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

0 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

134 kBTransfer

357 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

Indicators

sheba.smgsoftech.com Open in urlscan Pro
162.213.253.68 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

134 kB
Transfer

357 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions