Report - hstebxcjxdgf.shop/

Report Overview

Submitted URL
hstebxcjxdgf.shop/
IP
172.67.131.72
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 13:52:17
Access
public
Website Title
Work
Final URL
hstebxcjxdgf.shop/#/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
94

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
hstebxcjxdgf.shop	unknown	unknown	No data	No data	22 kB	1.6 MB	172.67.131.72
m.imtokem.vip	unknown	unknown	No data	No data	1.2 kB	67 kB	101.44.160.52
huobicfg.s3.amazonaws.com	686140	2005-08-18	2021-11-22	2024-03-31	6.2 kB	306 kB	52.219.136.117

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed
2024-04-25	medium	hstebxcjxdgf.shop	Sinkholed

ThreatFox

No alerts detected

JavaScript (34)

	URL	Size	First Seen	Last Seen
	hstebxcjxdgf.shop/	0 B	2023-03-07	2024-05-05
Pretty URL hstebxcjxdgf.shop/ IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 01:53:32 Times Seen37351824 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	hstebxcjxdgf.shop/assets/index.0617e005.js	1.5 MB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/index.0617e005.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen14 Hash 8b1d25592f0db62abef25f41d67c8438 70a702a0472078ddb7feb8eeb68aee798fb8177d ac890f45cac75bec5f3bd437dacaea084b2708bbde230d8eaaa4a306fa79d69a Loading...

	hstebxcjxdgf.shop/assets/tm-input.e931f66a.js	13 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-input.e931f66a.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen23 Hash e88c6caffde22d0c7e0846047c4a19e5 e405aa1625574f59d127decc56b91d964be5e1f5 6aabff30da255935496a9bbf51c4b1dbea6524b30a51bad991e342ede673adf4 Loading...

	unknown	141 B	2023-04-13	2024-04-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 00:16:19 Last Seen2024-04-30 04:58:09 Times Seen101 Hash 1ca49f0e439cf34669924908e59b2897 efea6ef6bd12f3ded99d07b429c6af21c23ed826 9f9ee6011e8f88513c2761906180f430478c9d9835d4e74a211cafd3c79b955e Loading...

	hstebxcjxdgf.shop/assets/pages-index-init.c1805d61.js	1.0 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/pages-index-init.c1805d61.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen18 Hash aea2b211df27313890aed8ef0748f2ef cb441acc0ef9ab3388b203b573cacc96a769db1d 1105edc39c3b1613457ff1d533ca09e1c828595653ba741c56c12b1f554e0ee8 Loading...

	unknown	149 B	2023-05-08	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:32 Last Seen2024-04-25 15:52:26 Times Seen39 Hash a75ab93c4db9073c13fb419ef7c2c46a 856072c405dfaa708e23622cad35d78372e23f07 da656c2f3889dfb9eaeecb26f30c2b5ff695b991d6c5fbdd8f8978fc0ed2907e Loading...

	unknown	145 B	2023-05-08	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:32 Last Seen2024-04-25 15:52:26 Times Seen20 Hash ce2a497ed52d60984017d6c50050212f e5061d81325e8091799c99881264070b9ac648df 87fe3ff7d869ecf3e942e21576e5622bea21282217409f77a14020c2160da30f Loading...

	hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js	5.7 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen12 Hash 19128ad7250a98454816ecf2ad2ef9b9 0fdd5e85d1949887326a6e2aafdb920f1c563d8d 07490e10b7ffdfbc39576d52aae6b0190f1f5d01180443a15f0110049472a112 Loading...

	hstebxcjxdgf.shop/assets/tm-app.066f35d0.js	2.6 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-app.066f35d0.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen15 Hash 4fdfb20ce8f684d8b1a86f8d22de749b 0756a25e6db58b2fb91dba88a4a9ef6c143557b7 4bcdfb15b90cd12101f4f5dc793bd148c3cdc04d217090e87d3ab2ac7f2297f1 Loading...

	hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js	4.0 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen12 Hash ebd352a8b36c566f9c9d15691d5b30d3 3d92466172dec99ccd0844071adefd5c490e0ca9 e475549b0db4de52309607b04440badf1f442305b2e2082cba675a452f145ea4 Loading...

	hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js	2.0 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen11 Hash 9abe594551b28619a32efaaf29b4f69b 2df3f8951e992ab5b928c702bff711d82316664c 28538eda53a740869bf998676f9c6e02f749f951c53e8e61d4461b1524046e7b Loading...

	hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js	2.8 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen13 Hash 82dd9c2153a468e039908508b2dc8962 c9d55397febc424192af65a91fb351601d3419cd 1b9eeb62c871a70cd0f68ea31ee0006bb49ea4e51efdc9e6218927eae031b635 Loading...

	hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js	72 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen24 Hash 98f12447316c0eeab47409dd7133a13c c8b5cd2f6f23dc1c63354d53dbdf770469a644da 7856878fc8f20ce8c4013c055b4e52941edfe2157a8c7a646af4ef3aeee6a56e Loading...

	unknown	137 B	2023-05-08	2024-04-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:31 Last Seen2024-04-30 05:17:51 Times Seen62 Hash ad53bdca95253da3ed0339a52f219d8e 1acba9622b6c70c03ce56310becd1d72226538e4 3fecdc9cf7339d52588891d5d7b0c4b4ebfd82fe813b141fd5b81fdc70694f81 Loading...

	unknown	135 B	2023-05-08	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:31 Last Seen2024-04-25 15:52:26 Times Seen41 Hash 7c2bd803183c9eb6ccac9978d49fa819 224d7d7beedd5b01f1cb107495ab1f2e5bf078d2 7117536f358653602a49d94190c1371644f9cbfe936b0ad9dcedf867aec56daf Loading...

	unknown	148 B	2023-05-08	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:32 Last Seen2024-04-25 15:52:26 Times Seen15 Hash de240aff5ce2ed6d66ad358f8f464c00 da00f5d148a5248121ec3f0e1dab16c35d116794 b2beff5c35d46795448bd01ead81600781b9dcb73229d8d2bba5e7f3f7c7a7d3 Loading...

	hstebxcjxdgf.shop/assets/index.6eaf1a90.js	612 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/index.6eaf1a90.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen14 Hash 9b0b45833a97011daabfe576c3cef7c4 b678eda600553480a85c6d315b3a3e6e9e4a39e2 41a1d19d0b4ef171d030fa472947b914bdf55f2ec18d6b945febf99766a9ec85 Loading...

	hstebxcjxdgf.shop/assets/tm-segtab.723e6c29.js	4.7 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-segtab.723e6c29.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen13 Hash a578d7dbf93a39ea666be4fd40bbb0ba d51013a16e92e04078684787d6e8ef7201891da8 8b468df5c23863245ce0c799bad99bb3c51ac0bc2293caec459ae0944c7fbc29 Loading...

	hstebxcjxdgf.shop/assets/tm-message.297347c7.js	3.1 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-message.297347c7.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen13 Hash 2c558cf70ed6e6a75f54239ce3dd00fc cb5d3d171b8d65018e18c7f3de1dc615b3d8329f 5a92689b3b90b99336c8c72b5ff316b1e6c9e7cbd3b62c766a4c63901d3472ef Loading...

	unknown	143 B	2023-05-08	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:32 Last Seen2024-04-25 15:52:26 Times Seen55 Hash 1d0663d39d873f0eb6f219b0801c983c 2da20244f55d5a15a7a0695b8fd3dcedad9f3cd3 67602cc36eb6e60ad520d10b21efd241ce5e573e9935a6901302dcca11f36ac5 Loading...

	unknown	141 B	2023-05-08	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:32 Last Seen2024-04-25 15:52:26 Times Seen22 Hash bef081f524ddb508c7a6a01c843e746e 644824ced55dc625424020717891cb8be4ecf675 c1c5881e29cb85c2d3bfd01f806caa106720c1781722c2c88d5004990db93a66 Loading...

	hstebxcjxdgf.shop/	0 B	2023-03-07	2024-05-05
Pretty URL hstebxcjxdgf.shop/ IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 01:53:32 Times Seen37351824 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js	7.9 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen13 Hash 68e0e3f3dc9738c9109a5e77e8b5130d b7b38f236eeca0557bb9cfe1047436cf8880b0d7 94bd367355ac57a0e2e2e35af691235a5d2ba00ddc223d87ad938d6ae8fd1694 Loading...

	unknown	138 B	2023-05-05	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-05 08:00:34 Last Seen2024-04-25 15:52:26 Times Seen36 Hash 7e98f35f23795ecb1a944bbefa9e40a7 9f6826623e1d677abe50f4755523c8986d229bc3 2f34fa8f7eea8ee00070214da3db09639f6d9b89111c8ca090fcf04954be6ed3 Loading...

	unknown	139 B	2023-05-08	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:32 Last Seen2024-04-25 15:52:26 Times Seen35 Hash a15c447f08875de3100ed8997d5994ea b77d1c8bbbbcc5d0ac532e1362d796508029192f edd33609ab9f781e02fcf2c8e5ecd9f1e9b7bfdcbb576f01e9b2e78747b47e47 Loading...

	unknown	138 B	2023-05-08	2024-04-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-08 20:49:32 Last Seen2024-04-25 15:52:26 Times Seen24 Hash 6db6ac15339e58de97d8d22aec944a2b 3b0ba47693be14f9a46402a4beb1c28940c20156 53168f253d02b1350bf6325f97d206ed8a5ba3f13eb4deec32d0055bbbaaf629 Loading...

	m.imtokem.vip/matomo.js	67 kB	2023-12-04	2024-05-04
Pretty URL m.imtokem.vip/matomo.js IP 101.44.160.52 ASN #136907 HUAWEI CLOUDS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 12:51:07 Last Seen2024-05-04 21:47:37 Times Seen545 Hash 14cdc4216e8570c05349164d12516056 51bd805b6a84d245aaa345bcc7d221c43780bd3b b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce Loading...

	hstebxcjxdgf.shop/assets/tm-button.9829dd99.js	4.8 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/tm-button.9829dd99.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen13 Hash 44e47fbd11ed17bf1a9479dbfb2f14fe a9d755f399a807e7dd8ba7dff2e44c1bcdc57348 97f3e6e0a0eb441fdbb5f463b7916bc209b5cb0b5fe448c6bde0ceb13da8f4aa Loading...

	hstebxcjxdgf.shop/assets/activity.b0ea2403.js	319 B	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/activity.b0ea2403.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen23 Hash 1e7b5aebde83d3ba325d9dcfcc4e4b25 43e7b54c034fa9794faf42b702e372c3b99d89b8 34713cb4857f84b72bcd7b611c0ba07249f88cdde2e87bd3a6e4f46bcabefd10 Loading...

	hstebxcjxdgf.shop/assets/index.1bde2e87.js	5.4 kB	2023-10-26	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/index.1bde2e87.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-10-26 08:18:57 Last Seen2024-04-25 15:52:26 Times Seen13 Hash 151c88638f2eef7b8d530ab271345ff8 7d8b85696bb326d84e81cf1bd095e3f0fa13a2ba 84adc0494801577cc359ecf5e0e00d7d2e9ca86bffee77d97eb436c5c7cfcf4c Loading...

	unknown	137 B	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 00:16:19 Last Seen2024-05-04 10:19:10 Times Seen273 Hash 0f40806f855fc503ec7fe0e2cdc6da5f ad59d99993690064ee6565eea713ee4c5260f572 954bc1931a5584c910a5391a0e2c05ba7190f3c672433a85c162ac948a74a44f Loading...

	hstebxcjxdgf.shop/assets/index.0fbdd17c.js	18 kB	2023-04-30	2024-04-25
Pretty URL hstebxcjxdgf.shop/assets/index.0fbdd17c.js IP 172.67.131.72 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-04-30 07:16:13 Last Seen2024-04-25 15:52:27 Times Seen117 Hash b1e2e78a90c2b102fa89aede1b13b620 e8fd4173f205fd60e0cbbea40ff02a74af4de355 ca1b81f8a8416c52d48e6d8ae0381dddcb9552c88d7df920cdde8d91fa52685c Loading...

	unknown	37 B	2023-04-11	2024-05-05
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-05 01:41:41 Times Seen234291 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3d5272693eb411e5b8b13a243f76c720	148 B	2023-03-07	2024-05-03
Pretty Observations First Seen2023-03-07 01:10:06 Last Seen2024-05-03 19:41:28 Times Seen1728 Hash 3d5272693eb411e5b8b13a243f76c720 6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c 9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8 Loading...

HTTP Transactions (63)

URL IP Response Size

hstebxcjxdgf.shop/static/images/tabBar/home-on.png

172.67.131.72

200 OK

605 B

URL GET HTTP/3
hstebxcjxdgf.shop/static/images/tabBar/home-on.png
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
605 B (605 bytes)
Hash
def19a0db24fe00a493b990c113b892e
d61ec86b8f6d09170f76746cd9412b432d40fed5
d279492339d20af5561086bafb7acf11427bf1b4a3a755a599bbb71192085056

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/tabBar/home-on.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 605
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-25d"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBxxNqU%2BDQyWzDN%2F2OLw97ny4FHX458%2FYvg6JuNJ1nwN83B2SKUUZu1ujpb6RHpHy0%2F0VzYQ59LXaNHMmxZH6%2F%2B6EBridtPHsz81cCJD2pLTGfWLxNWntSasky1v6zJ5vC7lOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75bfc6569a-OSL
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/static/images/tabBar/order.png

172.67.131.72

200 OK

623 B

URL GET HTTP/3
hstebxcjxdgf.shop/static/images/tabBar/order.png
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
623 B (623 bytes)
Hash
0897c7b0cb2bfbf9634a00807a6de57d
29ba0909b568033163559a19b9d7f7325730622f
3e8fee8f371d7d34ea9eb22d7597d2610ae85e333bd6231a625c2e72e7c9c349

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/tabBar/order.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 623
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-26f"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOxWGXslGbtMIcQhuMLtO7iTg6IvDNmlenC78bl4mO%2Bt3Fry3fs7XqznFoY%2F5Keds1SFRRX95SeKJrASykEQIvUFqicE4aF5lwOuIBnLcB7e6q5b66loKRc11VIFG0EtHfPp3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75cfd7569a-OSL
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/static/images/tabBar/jy.png

172.67.131.72

200 OK

1.1 kB

URL GET HTTP/3
hstebxcjxdgf.shop/static/images/tabBar/jy.png
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1057 bytes)
Hash
0eccebc7bf864ab6f6432b3940225365
e5a941399606443f76e8ed05f26dca79c8888d52
0dfc4fb9eaa75a6985df6fae71271d38bd8b267c5eff4db97238b5323dcd94bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/tabBar/jy.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 1057
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-421"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBkzD7yAd2UfqENn2Fkb%2FAY6lXiO0imzvzPfOyEeLWoZNUL%2Ff%2Bs4QOom2jWwHUrwosj8Hevb%2BSQ6gBG1ztFA4LVoWJ8u%2BO9RgdnkDCVRdmpO7dKxWWO7eN1cHoB05KmJft8xpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75cfd9569a-OSL
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/uni.49fc0fa4.css

172.67.131.72

200 OK

6.0 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/uni.49fc0fa4.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (20238)
Size
6.0 kB (5982 bytes)
Hash
8c4fc856d9c73ef4b0d4dd690b413371
18a86f6132a7501e3e7f0d52fba7f2821bc9968a
49fc0fa43b70df49eeb8df12e93ad9facaf3efb88704d5f5d784f3f5966ace1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/uni.49fc0fa4.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:52 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-4f0f"
expires: Fri, 26 Apr 2024 01:51:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjyVUC%2FQ3PF85Y07QpG%2BZQwwXqSoIYHYrLPqhZUgxcAjivsIJSDMpW3G91jvOOZKr9GAj3HK0ovjKp716pvbeDAb%2BCJMPT5cYMMs07WqHlhMCS%2FDPcj4u4wWJpLUDww1khGd6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf6a2969569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/

172.67.131.72

200 OK

1.4 kB

URL User Request GET HTTP/2
hstebxcjxdgf.shop/
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
HTML document, ASCII text
Size
1.4 kB (1376 bytes)
Hash
070e1b64abb4260e5ac6e157222249fa
41d9a07cd13123a4ad94d5dbc777c226d50b5811
39542191ad17dd3f5d97f18cbad3913f2260cadaaa98e8ebf3066a5a11584789

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 13:51:51 GMT
content-type: text/html
last-modified: Sat, 13 Apr 2024 19:49:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuNPKHnVlcGG9rloopdOq7LzWZaBu6YkV04u0xm9XGe361ljuSSfUrY4RuwBfkh0iunA%2Bsfy3mSQwFZZC8RKLkGoNPuBbAC3SV6q9XCjcC0AVkMmLDI5pZ5cGm6sEJIY1vnD0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf64cce956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hstebxcjxdgf.shop/assets/tm-cell.ac114cc7.css

172.67.131.72

200 OK

38 B

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-cell.ac114cc7.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text
Size
38 B (38 bytes)
Hash
a93d15ecfc9978e4c529f8c8204af7c4
7940e163e116bd0dd9c76c967346e144fe95906b
e531c6c3421629ad6413b412dedaa2d1877d060c068338cbe80536ccd88e8070

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-cell.ac114cc7.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/css
content-length: 38
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-26"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oExVk0O8VKaYQURhgTuY6VgHKlld%2F%2BYY%2BgoMcUKhW3h6vGqLeA6Re1CEB3j8LFZLft4%2FHvIpPi3by7PoagjtAe1PRrqjFzOPVHhbLuIIiU6e4CLYv9Rcjc9PTUZQjr%2B5epeSew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75f82a569a-OSL
alt-svc: h3=":443"; ma=86400

m.imtokem.vip/matomo.php?action_name=&idsite=2&rec=1&r=127384&h=13&m=51&s=54&url=https%3A%2F%2Fhstebxcjxdgf.shop%2F%23%2Fpages%2Findex%2Finit&_id=96771f46f28d9a89&_idn=1&send_image=0&_refts=0&pv_id=LAvemR&pf_net=52&pf_srv=716&pf_tfr=0&pf_dm1=798&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024

101.44.160.52

204 No Content

0 B

URL POST HTTP/2
m.imtokem.vip/matomo.php?action_name=&idsite=2&rec=1&r=127384&h=13&m=51&s=54&url=https%3A%2F%2Fhstebxcjxdgf.shop%2F%23%2Fpages%2Findex%2Finit&_id=96771f46f28d9a89&_idn=1&send_image=0&_refts=0&pv_id=LAvemR&pf_net=52&pf_srv=716&pf_tfr=0&pf_dm1=798&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024
IP
101.44.160.52:443
ASN
#136907 HUAWEI CLOUDS

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjectm.imtokem.vip
FingerprintDA:44:8B:C6:F6:7D:29:FB:60:A4:00:21:C1:20:E5:F3:05:57:78:DF
ValidityWed, 20 Mar 2024 15:16:11 GMT - Tue, 18 Jun 2024 15:16:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=&idsite=2&rec=1&r=127384&h=13&m=51&s=54&url=https%3A%2F%2Fhstebxcjxdgf.shop%2F%23%2Fpages%2Findex%2Finit&_id=96771f46f28d9a89&_idn=1&send_image=0&_refts=0&pv_id=LAvemR&pf_net=52&pf_srv=716&pf_tfr=0&pf_dm1=798&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 HTTP/1.1
Host: m.imtokem.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://hstebxcjxdgf.shop
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 25 Apr 2024 13:51:54 GMT
access-control-allow-origin: https://hstebxcjxdgf.shop
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

huobicfg.s3.amazonaws.com/currency_icon/eth.png

52.219.136.117

200 OK

616 B

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/eth.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
616 B (616 bytes)
Hash
d8a57c2396575a058eb68a6c0e32caef
6495d31828866f3dbabc4aad7c77e02ff457cfb8
b05bb6169930a076c463a15280a165560bd30972e2599f71ca62f44c023d666c

HTTP Headers

GET /currency_icon/eth.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: nOcRqOnn2MhuqFxUIForNcYOfBTu0WqoI85SspgCEucQz4bu5FoRgg8RqrJkW9sdN0qZwoOLZcU=
x-amz-request-id: D1Q8GZ54Y7CGX6AS
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Wed, 23 Nov 2022 07:24:47 GMT
ETag: "d8a57c2396575a058eb68a6c0e32caef"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 616

hstebxcjxdgf.shop/v1/api/exchange/getSymbolConfig

172.67.131.72

200 OK

3.5 kB

URL GET HTTP/3
hstebxcjxdgf.shop/v1/api/exchange/getSymbolConfig
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JSON text data
Size
3.5 kB (3482 bytes)
Hash
dd526e01132ad9cba82fa7d9c75ee0c8
d6e584acbd6a8da15ec4b617e4eede4aaf183560
5a412a4b0d1ccb3dfafb716b2f7d7dede35a3b874bc73188cf4bc1a70a462c58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /v1/api/exchange/getSymbolConfig HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8;
language: en
authorize: 
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:56 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7AgbpKm3vUkJbD0sQg6U9Kc2zeupHKKoKXVgDtc5pY4%2FQDkpwFqnW0nV6cS7egJvsgKIdrXTp9CKyK2K4QykMG6sSR9IrNcGIrHeq49vsQhz1Q2rH0MoIJuq4vRuaEhRsxkmjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf878d02569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/index.6eaf1a90.js

172.67.131.72

200 OK

205 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.6eaf1a90.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (60832)
Size
205 kB (204749 bytes)
Hash
9b0b45833a97011daabfe576c3cef7c4
b678eda600553480a85c6d315b3a3e6e9e4a39e2
41a1d19d0b4ef171d030fa472947b914bdf55f2ec18d6b945febf99766a9ec85

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.6eaf1a90.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-9567d"
expires: Fri, 26 Apr 2024 01:51:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=191DHZIe9Dqc0uK%2F4l8GuiZUXraQxcF9pFJBjua7ihX%2FKrlm1nJxHgFXe9FpyKfTzOrS1wRIuKSZDmUaD2joP91BIVgknZVIoJWQLE8TYH4%2FH3gELcJAV27M8Zl5ltpYiicJSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf6a296c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-segtab.723e6c29.js

172.67.131.72

200 OK

5.1 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-segtab.723e6c29.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (4688)
Size
5.1 kB (5133 bytes)
Hash
a578d7dbf93a39ea666be4fd40bbb0ba
d51013a16e92e04078684787d6e8ef7201891da8
8b468df5c23863245ce0c799bad99bb3c51ac0bc2293caec459ae0944c7fbc29

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-segtab.723e6c29.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1251"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SZep76KYtDsryQ7jMHJhGencfnlOexZHVYhkLI7bZuyhgLnqaoApBgSIcElXU7nSTpDbsP4NDogyenCchgEm1%2FUe2c%2FA8PLN6gUL%2FIV7kGNb4kafW7Hu9D%2Bc2qiwZq2TgjwMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b2569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-button.ddf396b1.css

172.67.131.72

200 OK

403 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-button.ddf396b1.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text
Size
403 kB (403261 bytes)
Hash
0e9f614f6c6215d066c9fdcfa7645776
2728ef74e26aa186fa6e3f87bf11cedaa46b42de
0c7a24f6669840fcb16ab71c6c1b55d1c1f72dbc269ed86d96e21c5fabd21b55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-button.ddf396b1.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-12d"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5bGWH917yy8T8SfqtsBdUjJcu%2FQs7jG%2FbGPJHyiRjonw%2FYP%2BHt3HdwkQXA%2BcHeEVUcFHMKT%2Bou0tjWboToA5j56yR5Pszc6RnGYNgqmpI%2Fj8jrTFpOawHVvHsPibrlhPvKTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75f82c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/index.0617e005.js

172.67.131.72

200 OK

372 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.0617e005.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (50899)
Size
372 kB (371543 bytes)
Hash
8b1d25592f0db62abef25f41d67c8438
70a702a0472078ddb7feb8eeb68aee798fb8177d
ac890f45cac75bec5f3bd437dacaea084b2708bbde230d8eaaa4a306fa79d69a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.0617e005.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:55 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-16bffb"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vH24EAJbIVrov9WmnTzebyUDNjXcX6vwQXVB1xzknTAKZYgoNdxTs2NVsHFZsMLkkiBVPKxI6vHi6q1ZrQpkazgtFyBia7zo0WYuTDQGJm6TEhPG4dmq%2Fcq7aFBVVso8R1Zjsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668d0569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/v1/api/exchange/getSymbolConfig

172.67.131.72

200 OK

91 kB

URL GET HTTP/3
hstebxcjxdgf.shop/v1/api/exchange/getSymbolConfig
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JSON text data
Size
91 kB (90744 bytes)
Hash
dd526e01132ad9cba82fa7d9c75ee0c8
d6e584acbd6a8da15ec4b617e4eede4aaf183560
5a412a4b0d1ccb3dfafb716b2f7d7dede35a3b874bc73188cf4bc1a70a462c58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /v1/api/exchange/getSymbolConfig HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8;
language: en
authorize: 
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:56 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXwwK7LpiNyc22pJF2o%2BgjbfH3oV2DCfoe5MroDwyNNsyEalhK%2BZ4sn%2B4Ao%2BP4JqExBhtVFiB8mmd0Pn%2BSYhC5Z%2FSFLja%2FC4n1boLHx5r6XTReSSVoGEMvs4Y0GI5orX0%2FAPJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf858a41569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js

172.67.131.72

200 OK

128 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
128 kB (128222 bytes)
Hash
98f12447316c0eeab47409dd7133a13c
c8b5cd2f6f23dc1c63354d53dbdf770469a644da
7856878fc8f20ce8c4013c055b4e52941edfe2157a8c7a646af4ef3aeee6a56e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/pages-index-index.b989133a.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-11843"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUsUepPPiwpNzLe6f2EVHr%2Fqnehm4OcXxvGtcyon0s%2FJChEEMBQhXiDMO4e5T7YQS%2BP7VXW37vB3pVrwhLbGE%2BqYNDAg17Cs6wRywJHd5fimoGJrzbe5f4J68o5BwoZmd3xkLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658af569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/index.1bde2e87.js

172.67.131.72

200 OK

4.3 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.1bde2e87.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
Java source, ASCII text, with very long lines (5401)
Size
4.3 kB (4347 bytes)
Hash
151c88638f2eef7b8d530ab271345ff8
7d8b85696bb326d84e81cf1bd095e3f0fa13a2ba
84adc0494801577cc359ecf5e0e00d7d2e9ca86bffee77d97eb436c5c7cfcf4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.1bde2e87.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-151a"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t52d81bnO2A2Eqy%2BvoDcSbzTAdY6k3W25O8bJ3EX5uX%2BxxsvflT%2Fs1zdK5ud6zM9vjoxdYuncNXq4%2Fho6E9JqjoGKUfvg8Avqg9xNuN7uwRxVb1B%2BjTH5DTXB9ZjP3KrgNKSMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668ca569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huobicfg.s3.amazonaws.com/currency_icon/ksm.png

52.219.136.117

200 OK

4.5 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/ksm.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
4.5 kB (4490 bytes)
Hash
87de3ee0fdebb621dabd4796598f6888
f8dd822f8f7b75fdb2b18ff10266deab9c397dcd
64613bc4f18ed4f69a72222af826cb68733ad5ffd5990a2223ab689da62f1f56

HTTP Headers

GET /currency_icon/ksm.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 8nq9dfSUQKqi+DBJ8iEd+2JMm6u3UzTZ2evagfPXsDKJ7BguIZsNnZf97Ao76mh92rQapgIHmYE=
x-amz-request-id: FKBBVYXC9JFFJWP5
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 08:56:32 GMT
ETag: "87de3ee0fdebb621dabd4796598f6888"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 4490

hstebxcjxdgf.shop/assets/tm-input.e931f66a.js

172.67.131.72

200 OK

4.3 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-input.e931f66a.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (13226)
Size
4.3 kB (4335 bytes)
Hash
e88c6caffde22d0c7e0846047c4a19e5
e405aa1625574f59d127decc56b91d964be5e1f5
6aabff30da255935496a9bbf51c4b1dbea6524b30a51bad991e342ede673adf4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-input.e931f66a.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-3443"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uq2BMjTZPTBMRxzmeCMc%2FoK%2FJvySfUD6PvaDBK6qedRWvOhetPlMTnDnU%2F4bdirMbQVSehJtt4%2FQWSbpH%2FWmQdyE%2FDjrc68de4bUtoiNRsMqb8pyKOHYsYQ71vDkgYS1IysI7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668d5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huobicfg.s3.amazonaws.com/currency_icon/atm.png

52.219.136.117

200 OK

58 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/atm.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
58 kB (58467 bytes)
Hash
c9c10f0a4144cec867d6fe8449b5940a
e387ed823c6200125cc2f22768328bc776903ca7
491d20b16ae55123bf81158ced4ff566b923349e91c0d84e20cb0c7af7819f31

HTTP Headers

GET /currency_icon/atm.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Muo7SYaeZ/ru9L4yTTnFZJhQgupSUOboURycSl3dflNojBltUscHWJbK5oub6hfYoQkSJYB1zLg=
x-amz-request-id: FKBC2FB4HCH04HJF
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Mon, 18 Jul 2022 08:08:17 GMT
ETag: "c9c10f0a4144cec867d6fe8449b5940a"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 58467

hstebxcjxdgf.shop/assets/pages-index-init.c1805d61.js

172.67.131.72

200 OK

2.6 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/pages-index-init.c1805d61.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
Java source, ASCII text, with very long lines (1021)
Size
2.6 kB (2569 bytes)
Hash
aea2b211df27313890aed8ef0748f2ef
cb441acc0ef9ab3388b203b573cacc96a769db1d
1105edc39c3b1613457ff1d533ca09e1c828595653ba741c56c12b1f554e0ee8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/pages-index-init.c1805d61.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/index.6eaf1a90.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-3fe"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8NcI0EZSmMjx4ncJT36KQlDbcmdGWFAO0SPmOwGtChDBtuMYmCcI042skOc0KUDt9rRJ1rgL6kNhYSzx09GYEPBE9WvgY7guHn9c09%2BV7Y4P4lsSP4KSVKtKfeJZ1LiDnPDhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf7678e0569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huobicfg.s3.amazonaws.com/currency_icon/uni.png

52.219.136.117

200 OK

7.9 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/uni.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
7.9 kB (7922 bytes)
Hash
ca0493ee4bcd7c0c7801ec1f0f915f3c
f210cabb3d69c47b8702fe98edd167077536ed4d
36e52e07f68877eceeee2b2ac16ac4100269e3664309d0d660df7d83f817ab6c

HTTP Headers

GET /currency_icon/uni.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: io4pSdRS7KY+Z/Hrtug52+f6nnmFi51g0H1f7rR2lvQWaMA7wfv7aD2EyPePo6tWnHfBpPtl514=
x-amz-request-id: FKBASZQ8HM298SPG
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 14 Dec 2021 01:19:26 GMT
ETag: "ca0493ee4bcd7c0c7801ec1f0f915f3c"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 7922

hstebxcjxdgf.shop/assets/tm-message.297347c7.js

172.67.131.72

200 OK

3.1 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-message.297347c7.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (3238), with no line terminators
Size
3.1 kB (3097 bytes)
Hash
3ac35a77624b0283d3b1b2e2d8ff33bd
291a82c9d53054b4eb1793c9f4e7b402287de90a
e8af9b776af221e5883ef50bcf0f4744dd4bfbd3385e185fbc3e4171d1ccb5cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-message.297347c7.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-c19"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xI38I%2F8nOpLZrZxvJ9jb8LUkKLQjSQvESUl3%2B%2F9S4XV8xbkNHSzk0wHm3x%2B%2FbM3zN7nCdC1vZmqb4O%2B1USmJprwSpXoX209rhUXrjjHq5zh8laeSdg0pLhWW%2BqxKgpJj71RBbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7caf91569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/v1/api/config/getLanguage

172.67.131.72

200 OK

18 kB

URL GET HTTP/3
hstebxcjxdgf.shop/v1/api/config/getLanguage
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JSON text data
Size
18 kB (18332 bytes)
Hash
d02f95169de2de3f3ca614802f5f14ad
7cfc8baeae96553ee09bce2db83de8daff5db9d3
31cbb350a3f8259d1178c47033b747014de807d209239190b868c7f91a9b475a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /v1/api/config/getLanguage HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8;
language: en
authorize: 
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:55 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2F4PhskMBMUQJr1zQTHdx7YS6NJ7mD09W8SrzeIp4GtBuW8Hc2BS8rwNpOfhsq0bbCHo540CHW23k1UtIOKq3HLNbJb9ivGaL73amLZJn%2Bd8crqr3r51%2FgxqC%2BqVECoykoYMkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7fab1c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huobicfg.s3.amazonaws.com/currency_icon/eos.png

52.219.136.117

200 OK

2.1 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/eos.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.1 kB (2061 bytes)
Hash
2e378a55ee8872eeed60504a669d1823
0cbc284300b807bbb49e3c499c75cdfed645aa83
7bb3f430e79957c96f95fb034ede8c9bcee700e2083fc983c074c13eaa23c61e

HTTP Headers

GET /currency_icon/eos.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: qasxFSAvLoYhpYN5/S3EilZ17/Yfb2fDhnIq63NY5iFBD4abRT6RxD9MkxDfM0hGGefYECCA10s=
x-amz-request-id: FKBCFZJ0K70DSVF8
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 09:11:38 GMT
ETag: "96364067a53dec3a858b9a41163133eb"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2061

huobicfg.s3.amazonaws.com/currency_icon/doge.png

52.219.136.117

200 OK

96 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/doge.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
96 kB (95791 bytes)
Hash
c87c69f42f20e0d5814d16e4d32e5fb6
38797c1694b02773066ba7a5a26001f7cb1880fa
3b34d6c60a61b7075859f0388dbf6c0f098e252ac1afdc5e1cf3644416bb9e54

HTTP Headers

GET /currency_icon/doge.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: YOIst/3MnIVjXEhdRMTemPqotFhd51jzEzLwh7E0o/hfXbemwHdCaa4lkkk3ovITHx/ufiFIOfk=
x-amz-request-id: D1QET9K21KPM5G7P
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Wed, 15 Dec 2021 10:28:20 GMT
ETag: "c87c69f42f20e0d5814d16e4d32e5fb6"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 95791

huobicfg.s3.amazonaws.com/currency_icon/ht.png

52.219.136.117

200 OK

2.0 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/ht.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.0 kB (1991 bytes)
Hash
dc7ad42847b27c64b50a58a73d3385d4
877dcb9df77b469a2463c7e66d46807d79e24845
fb3d6611dc224b597d829c6c0fac16d72dccd400213790e86adc6de91a566f69

HTTP Headers

GET /currency_icon/ht.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: BDsJqYvFH9KQlYM/8LumbFXrjGnVBDRh3tMym3JLD+n1PXFu5zjNYd2L0YEB/+e0csO5Ga5pGFk=
x-amz-request-id: FKBCXZD4MG1F0EGH
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Mon, 25 Oct 2021 03:09:57 GMT
ETag: "80e500afa84f18399d56e65b94005aac"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1991

hstebxcjxdgf.shop/assets/index.68569b05.css

172.67.131.72

200 OK

2.5 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.68569b05.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (2467), with no line terminators
Size
2.5 kB (2466 bytes)
Hash
22ae0222e13ecaeb29d6fb62f09e1654
196a55ffb533dcd309429b89598b52a7aec35086
fa2b188c118e93c17090446f319e041606752e8d3b0d60c15082eee91effb8db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.68569b05.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-9a2"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjJzQ2OMSpoVNc9qLinxUAgdfzgVZgPjNpGx87Hn5dqT1gUUTfgTAw4T3LeHXkExmCKf42PgXO2HJwTeSne2VFzWfl%2F02qhLP124qwCLdjGGyb3vWGKTZ63KMFju7TZPN6jrEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf760830569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js

172.67.131.72

200 OK

4.0 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (4165), with no line terminators
Size
4.0 kB (4004 bytes)
Hash
d9f3cfe47eae3a13bd869be3fd1a52c4
276ec8c26768ca5419d6372a132b8c01b5c0ebe8
4b8507b6e949299e22af33559d936c8973f01d138cda2a11cf1f16f32ee86db2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-tag.9c6285aa.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-fa4"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APbn48RwYG6VM8UvNxO2YwlPSKvpDKet8g5BdiQiPWpl963hoDapVqDt5g2hEnojPJRzJOx5uWTTl7TGwMWJ6BYmG7cW%2F1bjVItQLsZi%2Bu58ePZDRWYbefYjh9y1uWb%2BpBXQ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668c1569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/index.0fbdd17c.js

172.67.131.72

200 OK

18 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.0fbdd17c.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (9755)
Size
18 kB (17982 bytes)
Hash
b1e2e78a90c2b102fa89aede1b13b620
e8fd4173f205fd60e0cbbea40ff02a74af4de355
ca1b81f8a8416c52d48e6d8ae0381dddcb9552c88d7df920cdde8d91fa52685c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.0fbdd17c.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-463e"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwSMNTvOjJXYdpjqiEPxpayGAQAyHQ4T0AR7kymDUIju2LGPHNFInxptp1uctPWyBtofZ%2Bmt9YBs5NQ7G1PApCsuLhC3qLCfjGV%2BkIxagBSGcpD%2FA6ipOJdSpWW5Nx1OuhQVYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c7f56569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-drawer.83de1656.css

172.67.131.72

200 OK

497 B

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-drawer.83de1656.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (498), with no line terminators
Size
497 B (497 bytes)
Hash
635fde49c826db15abc5110ef4799f12
eb335c243879294176ed0d58bf9e70856bbd6aa8
36b7f88b3999d3fdce2791bc26e56befc25113502414a0ea6a620676a9f4c759

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-drawer.83de1656.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-1f1"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnLp30eddWYjLkgmY9oGCw2Y72PPX1bDKRDqZmeU3C7xgYxwXRZITmurOWN9up4HlJW3o%2BK8W2HP90S5D%2B1QsGgZCLQj%2BS99U%2FcFcC4vzUbKdZP8SoWoDOPn%2BEmxFYWUOWtDHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75f828569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js

172.67.131.72

200 OK

5.7 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (5919), with no line terminators
Size
5.7 kB (5668 bytes)
Hash
a17192c96f6aa3b43b515f3656257457
7be599b183452406b5c3cae56f7fe35798e7049c
b3d40ee803df0465d8aff401885882e33d3601d1237bea37f2717d6c40b07b0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-drawer.1082ad41.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1624"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pUuETQw2Fi8AeYYd0XLviEFhkMy6wDOcbHZfUeAD%2BdlwaLW2JLo0Bb7FWg1pVJjeLF6AXlpeO16todno4rUeOkz7jvLVPgyXl9oNkLtL1ozKMOHC1ClDde3B1lvn8vXZj80iTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/static/images/tabBar/asset.png

172.67.131.72

200 OK

694 B

URL GET HTTP/3
hstebxcjxdgf.shop/static/images/tabBar/asset.png
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
694 B (694 bytes)
Hash
c060f809b640e3037ff4b3acb5a80907
f568594ca7b19224a846bd594f1c5e9e1002ba44
9da1253a1c8a7153cb6568e7d3082dbb432e5a7662de8ee47507b0d7be9e32c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/tabBar/asset.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 694
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-2b6"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cixLt2e2kwP7zn4kFEMXCpRVohQsZ06Kv8nu518reqUpJzPZP1w02TvCL5u3jyuEpfYrh8X%2B0S1woKZ6GSMaK4n%2FH%2BLHQr0RSmlRVsEWfwtZJXZVDKQiI%2BK5MSNL1INr9L6UIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75cfdc569a-OSL
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/index.8dcd61b3.css

172.67.131.72

200 OK

28 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.8dcd61b3.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (28439)
Size
28 kB (28440 bytes)
Hash
f852196c4ea2b547f1237d8a289495ef
c1459f41772e20bab78303a382e7ae5b7ca94b82
2736abe8648966e8e1b60d1a0b920b0eb84a3901d73d4b527eaf6599cc9c2718

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.8dcd61b3.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-6f18"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gKCTTnPpYQHN9FytfUfH67sckDVIjoUwhPSCqz%2BXFpDuIi9nJ%2BVqW7X0kz7wF9GsqhRLscqg1aT1ca%2BdCbgzrSbv1etkOIKNEerQWtQqgvgiVq0QXiS7zHO6C%2FuNY7ZQ%2Bo0MkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf75e813569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

m.imtokem.vip/matomo.js

101.44.160.52

200 OK

67 kB

URL GET HTTP/2
m.imtokem.vip/matomo.js
IP
101.44.160.52:443
ASN
#136907 HUAWEI CLOUDS

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjectm.imtokem.vip
FingerprintDA:44:8B:C6:F6:7D:29:FB:60:A4:00:21:C1:20:E5:F3:05:57:78:DF
ValidityWed, 20 Mar 2024 15:16:11 GMT - Tue, 18 Jun 2024 15:16:10 GMT

File type
JavaScript source, ASCII text, with very long lines (1601)
Size
67 kB (66607 bytes)
Hash
14cdc4216e8570c05349164d12516056
51bd805b6a84d245aaa345bcc7d221c43780bd3b
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

HTTP Headers

GET /matomo.js HTTP/1.1
Host: m.imtokem.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: application/javascript
last-modified: Thu, 07 Mar 2024 23:35:49 GMT
vary: Accept-Encoding
etag: W/"65ea4f55-1042f"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js

172.67.131.72

200 OK

7.9 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (8237), with no line terminators
Size
7.9 kB (7861 bytes)
Hash
f2590f35be26959a55030ef28597eb3c
cb8c65bfe9cc7d94f825a60e19240dd63a917005
d3bc45d92d61f47e0505d4c9ec28039521a407cd7197116b017a486ca5ab272d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-cell.2b45fdad.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1eb5"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URqPROVJep333O61zIU1NQnnp%2FFLLV1UX8GEqRpbKzEnE7bmdH%2FJkJpHfXbvX9Boq8rG5auDFjaBf1v%2F5%2F3wxAtSwgmJWihdX8xLSwjXCMwzk6an1qi%2Bw7XJnkrjRS4W8tbiWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c9f71569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/index.2a3b3b74.css

172.67.131.72

200 OK

2.5 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.2a3b3b74.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (2451), with no line terminators
Size
2.5 kB (2450 bytes)
Hash
4b4fcf79198f58b2ab35d82722ddcf71
33e587c6bb99e40a650a2e759c485e7f0057f795
3d900583fb36fcb401cf83ffd80b83a1d4ab2930b3e4da3ee60cc6e8c27d05a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.2a3b3b74.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-992"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LynKW8JJuveMq6lvvS3oBnMyjoSp8lgxdDAhYJcR8BdcERGapbgPEklNntHeLT9wNklGX8tP47mOamwQyGyRggQAtorQBB2YS8Vk%2Fiiu%2FYHwhX%2FQaR4aJx%2FfQrpP7cEXexebgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf760834569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js

172.67.131.72

200 OK

7.9 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (8237), with no line terminators
Size
7.9 kB (7861 bytes)
Hash
f2590f35be26959a55030ef28597eb3c
cb8c65bfe9cc7d94f825a60e19240dd63a917005
d3bc45d92d61f47e0505d4c9ec28039521a407cd7197116b017a486ca5ab272d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-cell.2b45fdad.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1eb5"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAdLWgQ8utB1Xoe%2B7Q%2BOe0Mv%2BV%2BSFhKfmEt9Q4PyF7u1Ivjs0m%2Bnve1NFGcMgkX1wWkIHSCzYuQblaKF0O6RM6oLyEkpHmwV3Sf6z81CMTS5pavSn7aTSQzboJt%2FlG7La81v8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b8569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/activity.b0ea2403.js

172.67.131.72

200 OK

319 B

URL GET HTTP/3
hstebxcjxdgf.shop/assets/activity.b0ea2403.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (324), with no line terminators
Size
319 B (319 bytes)
Hash
a6e4d936be30a6b841d24d7fad46c06a
39f265e7742726af17d3bddfeede7952a22bb029
e65852438a3f3a3ea83cafd454346eef9577449fdcb675984b9b698c94c681d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/activity.b0ea2403.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-13f"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bU3Vts3%2FTqIGgBsw3ln4jE8IAKZX7lJqJOQi7klJuFu4Uej8jqy9tR1nfo5%2Br4kVvZenm2EWAgF%2FJEmaAl7XFvlvdE%2F%2BAnV5c7oeKATTuc8DHF6FshAvaHvYxo6v8Zm5ZQ0fUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf7caf87569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/favicon.ico

172.67.131.72

404 Not Found

146 B

URL GET HTTP/3
hstebxcjxdgf.shop/favicon.ico
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MkDR50NNUpg26cHTOHYjV8TUiMgUvesLaSDine4bUCny1vzda403v6D1FPpPEWkXhEZJnP6wiSYiGuYl5kiWeD7p5VITI9R5wC3YIUU6yjCpJ6KQbc%2F67PBj1w13At8p7uLMVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf7ec9df569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huobicfg.s3.amazonaws.com/currency_icon/btc.png

52.219.136.117

200 OK

1.9 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/btc.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1947 bytes)
Hash
3b542145b22a2944b97eb21d3a4a9fce
eb1a7f0a1487005404c45ab144b0215c980e46ab
68efaf364f541121fa80b7a50eb6ef8525819703a98ada0fa970746a03481ca0

HTTP Headers

GET /currency_icon/btc.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: /PcYMb2TDFqNjdWjJLYWEbzO3lW0tJsImrM5wgbtA0/h4NtL4hh0JwfFMNKD0TrVH/kUSuhBfFo=
x-amz-request-id: D1QDBAJGH0154PX9
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Tue, 27 Jul 2021 08:37:53 GMT
ETag: "03c74454bc971a3437d588396a5e610e"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1947

huobicfg.s3.amazonaws.com/currency_icon/juv.png

52.219.136.117

200 OK

32 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/juv.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
32 kB (32085 bytes)
Hash
a744b92a3e601192ca6a6fc23775c59a
1867c28e3a5e17088bdf91bf581eb4350a7b5dd4
60b90438c73d933bc56700b9e7947120d3d7ae32500a5df4a18015a3f52d3f55

HTTP Headers

GET /currency_icon/juv.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: cuHl0cIibDKlK2U83TSN7aexHXb5YbMQMx+GQAVzzVKocoyViPuhzGlXMkFiegr2ZAxAGQSVukg=
x-amz-request-id: D1Q3D73ETEP0PSSV
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Mon, 18 Jul 2022 08:09:02 GMT
ETag: "a744b92a3e601192ca6a6fc23775c59a"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 32085

hstebxcjxdgf.shop/assets/index.0fbdd17c.js

172.67.131.72

200 OK

18 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.0fbdd17c.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (9755)
Size
18 kB (17982 bytes)
Hash
b1e2e78a90c2b102fa89aede1b13b620
e8fd4173f205fd60e0cbbea40ff02a74af4de355
ca1b81f8a8416c52d48e6d8ae0381dddcb9552c88d7df920cdde8d91fa52685c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.0fbdd17c.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-463e"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQZ0FALSZmDtBVgkTQrexmbycly%2BF6UeUJBdiSvOchc9nK6VLYDSiRSIFxInuV2j854RiMxpisFdN78UU7wEBUrbEGCZh4x1VynlanCw8fgVqjg8NADuu1%2F8eACVKuspBgSrMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b1569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js

172.67.131.72

200 OK

2.0 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (2138), with no line terminators
Size
2.0 kB (2025 bytes)
Hash
dc36225797d16e1ef26e0838d3f7103c
a71e12c9158aa33adafac153dae68e4c34522b4f
9b68de78fbae2cd99b32d421e83c2d5c1fbdc8ff36daea77af218bd5bb10d2a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-divider.0f9b50bd.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-7e9"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syL20d6F6v%2Ft0pisfNkgOOs%2B1Y%2F0ovD4nX9mtDKzC14kkGk8n9kwn0BUY4GTAhwSBsactFsjDi4z5QHVUCDscwaFw4r9UOpMewOkM4OdK%2B1suVClgs31SZW9l5zayd2cBbD5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668bd569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-button.9829dd99.js

172.67.131.72

200 OK

4.8 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-button.9829dd99.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (4997), with no line terminators
Size
4.8 kB (4762 bytes)
Hash
d429e305346b6d4c81bd2a3aac1f9263
4d53420879bb31f5b459cda04654aba68b70452f
a85b75020d66aa375f49b815fc185ab9e0b70578c1174d745080d7c5083efbb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-button.9829dd99.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-129a"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9QwgofvwfHUsHGGSdJtQ%2FTIl79Jbc0cDBJlekfWB40pTwSTNnEXoldKTgzB1mYtm8JApWro6R8jY4MeRpiuiUMQXNcOP0r6yixoWOnL%2BbiU%2FTT6j3cXgRoduH1GdsaV%2BiYKDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c9f7d569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huobicfg.s3.amazonaws.com/currency_icon/ltc.png

52.219.136.117

200 OK

479 B

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/ltc.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
479 B (479 bytes)
Hash
e9d18b314eab6be092b5729abc03dc89
d55276dd8152b445258ab0d9977004bc558e7125
fb186832ab17df02aef668fb539a854d33710b6b567ba07d6aaec2c42d9a9b79

HTTP Headers

GET /currency_icon/ltc.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: SB/RHFOwcW9WxgwNzCjKd/mDrYAvojTX+TM06ia2KjSPiqB40Y3t+wJKCe3bgeEuYkYqEHtzKvQ=
x-amz-request-id: FKB94PVC3NYRVB61
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 09:04:10 GMT
ETag: "b772bf1738628de70f1b9304c3d669ff"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 479

hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js

172.67.131.72

200 OK

2.0 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (2138), with no line terminators
Size
2.0 kB (2025 bytes)
Hash
dc36225797d16e1ef26e0838d3f7103c
a71e12c9158aa33adafac153dae68e4c34522b4f
9b68de78fbae2cd99b32d421e83c2d5c1fbdc8ff36daea77af218bd5bb10d2a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-divider.0f9b50bd.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-7e9"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yr947tey8x6UiEPC1NkgPKXvgbIIt9jEVb%2BlWJivANOWGAQj1k1ofD5nC48pQCJZ5uLvVdJzov01SgMlAbVKaiiYcBnOfXZln74WFQZzZOH0MDZM3bGbzR2G6DC84GUxrjQJWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7caf9c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huobicfg.s3.amazonaws.com/currency_icon/bch.png

52.219.136.117

200 OK

2.0 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/bch.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.0 kB (1953 bytes)
Hash
a8abf3036b3921fb05796c51ca0b8f47
60e428728bfea4f2c99b3227c091a970676bae1d
8d7a9efbb2b73c1348674ebf307ee85388aa723c438e262ad63708f4e7e59a0d

HTTP Headers

GET /currency_icon/bch.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: TdXdkxxQ+GnfmAcMiaZssG1HduEBVomMdmoCzZ9AwjKx8Q9/Dj7m1RKHL1ypA7B42pQz6i5r3HQ=
x-amz-request-id: FKB99RJQJZX4G78K
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 08:30:25 GMT
ETag: "a62c25ec1acb1fc3718098578b388808"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1953

hstebxcjxdgf.shop/assets/tm-app.066f35d0.js

172.67.131.72

200 OK

2.6 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-app.066f35d0.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (2762), with no line terminators
Size
2.6 kB (2643 bytes)
Hash
6109c2eb0ddc742ab563aed7542437ab
25a1442af86d480be75f5c55cd0ac7c9870a11bc
3478b611c5f575ea9de1f34251522e8b70f039b62f4120dd5f7b46bb01f75da6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-app.066f35d0.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-a53"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbHNmU37mGjHKGX42if6Vvd0JhiQC8ZZ6tc2qmjpwgweqIcYoM9anzSOgvkaWEJe5uI%2BD5%2BX9LsntYbQcOlWCmmUAXIAw66tD%2B5cXOgg0fNiLm23AGfkGqY02Z%2BixnLPI%2FWm8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b6569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/v1/api/config/platformConfig?domain=hstebxcjxdgf.shop

172.67.131.72

200 OK

4.5 kB

URL GET HTTP/3
hstebxcjxdgf.shop/v1/api/config/platformConfig?domain=hstebxcjxdgf.shop
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (4754), with no line terminators
Size
4.5 kB (4476 bytes)
Hash
553bd498db6d4ee4ffa2a8dd98752c4b
4e5140acd50dd7cfaacf0d9327d1958d9d07fa92
d87b2efdc1fb5958de8d016016b9833dd350f9c91530901fc44e39dc84b44e9d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /v1/api/config/platformConfig?domain=hstebxcjxdgf.shop HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8;
language: en-US
authorize: 
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aO0lE%2BeJ4eRQnra97vSwy62RsmSb4MnRUYnHdWgh70Cf8IdpGbEfblFvQUV0dIxRsBPnzoTUGMfot%2B65MIdQFkl1tb5gtgzotJEjk0GtVeHkhHUUkX4LmOAynm02bQ1yyftThA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7b3e12569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js

172.67.131.72

200 OK

5.7 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (5919), with no line terminators
Size
5.7 kB (5668 bytes)
Hash
a17192c96f6aa3b43b515f3656257457
7be599b183452406b5c3cae56f7fe35798e7049c
b3d40ee803df0465d8aff401885882e33d3601d1237bea37f2717d6c40b07b0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-drawer.1082ad41.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1624"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVcFCE6f4S5KMIDKIWitSWJR%2FeIVg93bdqLHm5eGaCS9%2BrbWP9a7C08esSX7EbUWgNJe1DEI3ToM2JlFfcvMZ8CrS0bG%2BBDnYmLHVqDtn%2FkbKA13pfXtjfHW4VUW8U%2BLxzWBkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c8f67569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js

172.67.131.72

200 OK

2.8 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (2872), with no line terminators
Size
2.8 kB (2751 bytes)
Hash
e28f3968b0b34db75468706d495fff8e
fe671d0c1f67d064ab486783472cd2fa131522e2
68d6bd7123477d37a74b0e99b28e6e579df35c49fe0a7bcc08700672e7df91f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-col.e4a8d827.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-abf"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=co0DBe%2BdFaVP6%2Bb2VaDflpgl%2FvWMifd2EuHWrMnQo%2BfMqBmaGCt7ZQBs6eymP1f29yu9kTHaWICCHMa3b2NAYtSBdTfadfNRP%2F6v4XzT0gHKraIZ96cWNHnY67UWoNKMYA4zbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7caf9d569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huobicfg.s3.amazonaws.com/currency_icon/chz.png

52.219.136.117

200 OK

3.6 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/chz.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
3.6 kB (3619 bytes)
Hash
27a594e6bcf3a143a5e7dae9a9194b92
edcbbb142c429991578183acb2df7321d5a78566
5d36c1a2746bd57fbb5f508084840a51c0da9cebcf0e1f7f6450ae41772768ba

HTTP Headers

GET /currency_icon/chz.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Iqn+I4C3UQl/5JpUS4SDq+rIG72BKDB72s31qW0zre/bgo6WDl38bHzYPr5UzPJWvFnTuP71FXo=
x-amz-request-id: D1QDBSZ03YARFYG1
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Tue, 27 Jul 2021 08:43:18 GMT
ETag: "c07cc55bfc92d6bc8a1004e4dcf9185f"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 3619

huobicfg.s3.amazonaws.com/currency_icon/psg.png

52.219.136.117

200 OK

89 kB

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/psg.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
89 kB (89209 bytes)
Hash
05dfdeebb6ff6fa2d8d550bbd44333dd
cded36e365326034e1fc8676ba5775495924226f
10558f282b4ea7828504cab96efd84885968e8613de211f9eae83885c2e09641

HTTP Headers

GET /currency_icon/psg.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: kM6Eb/s4hsZlCisIFXHHqUNssyX3n+c5Gwm57IAgPmtTM1lDw6Bnhp06K5k4OeIfwRz25JxE+XE=
x-amz-request-id: D1QCAW40PG1G0EHH
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Mon, 18 Jul 2022 08:07:44 GMT
ETag: "05dfdeebb6ff6fa2d8d550bbd44333dd"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 89209

huobicfg.s3.amazonaws.com/currency_icon/link.png

52.219.136.117

200 OK

681 B

URL GET HTTP/1.1
huobicfg.s3.amazonaws.com/currency_icon/link.png
IP
52.219.136.117:443
ASN
#16509 AMAZON-02

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
681 B (681 bytes)
Hash
b51bbeff2f00460dbe333edc0a81ccb9
34811c127cf82637479d7dbb1696dc403d4fd394
909efbf8d841f7b92ced19d90bbcf84f8e0524c25309dbc3d363e29abbf942f8

HTTP Headers

GET /currency_icon/link.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: PtfbaXpHlpStJRCdTJK2qr1y5Q0sTBbmznouCJPaGjwxBxHhttWjWUHim2mP6sDr0/qyHuRijU0=
x-amz-request-id: FKBFJ91EJHY6P1GX
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 09:01:11 GMT
ETag: "3cfdbc8f3e987bcf7862cba68cb369cc"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 681

hstebxcjxdgf.shop/static/images/tabBar/my.png

172.67.131.72

200 OK

664 B

URL GET HTTP/3
hstebxcjxdgf.shop/static/images/tabBar/my.png
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
664 B (664 bytes)
Hash
5fa0e8c8be776e0ad69b41eb29387ab1
6a7dee6c2139d15e5fbe2f7a6ebabee07354710d
eebdc7fce5c2de4f58a49db1cd4bce63341b14bcae199d396eb1ab5a2bea3807

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/images/tabBar/my.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 664
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-298"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAeP7tBVYUy1cv90TRxAwcoqGI9imbuz2MxPJDc68wJFmi2m783%2F%2BmdflaIoje%2FnQEMXQWF3TsRRSFg%2BzsplMdv6b%2BRE5JhMLOyZrCkfbn5g2vDsJ%2BY%2B6ATTNT4xeNwv1PrK%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75dfe8569a-OSL
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js

172.67.131.72

200 OK

2.8 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (2872), with no line terminators
Size
2.8 kB (2751 bytes)
Hash
e28f3968b0b34db75468706d495fff8e
fe671d0c1f67d064ab486783472cd2fa131522e2
68d6bd7123477d37a74b0e99b28e6e579df35c49fe0a7bcc08700672e7df91f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-col.e4a8d827.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-abf"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cxl%2B5%2BfLJ8YAfdSn7WQkeO%2B6PdXg%2BCTmh64LC6G8HL6vyufYobUB3laOQ4mn5DeEVxKte1W14Yo7Us5jIlnSlOYXOrm4eiR6ZMj0ZCt5Jcn2UZj6QwpkJeH%2BXiGUqms2N1vK%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668d3569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js

172.67.131.72

200 OK

4.0 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (4165), with no line terminators
Size
4.0 kB (4004 bytes)
Hash
d9f3cfe47eae3a13bd869be3fd1a52c4
276ec8c26768ca5419d6372a132b8c01b5c0ebe8
4b8507b6e949299e22af33559d936c8973f01d138cda2a11cf1f16f32ee86db2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-tag.9c6285aa.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-fa4"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4Mzn5M%2FJorUXj2ji559NTN7HYVxh3o0knY9c8xjwR7qqfAA4IgCXyC9LSm4TRFyADiHhs7PYB5R%2B9SkCvPw%2FAywVjOUiffXD4v9B28nAiDGH52%2BgN9x6YhHn20o64tLqNdkHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c9f72569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-message.297347c7.js

172.67.131.72

200 OK

3.1 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-message.297347c7.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (3238), with no line terminators
Size
3.1 kB (3097 bytes)
Hash
3ac35a77624b0283d3b1b2e2d8ff33bd
291a82c9d53054b4eb1793c9f4e7b402287de90a
e8af9b776af221e5883ef50bcf0f4744dd4bfbd3385e185fbc3e4171d1ccb5cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-message.297347c7.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-c19"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OX3Ek%2BuQYF8Qsj5KTKloBuVe1nRasI1ei%2BoPeImzkPu7ftIZfjK5H8GXq2BHkATo9AkTPM%2Fy4YaX5kCViD2UP%2BISl4obQ55O%2B2VumIEMhzk2MVRMS7fIII5DjqCW2KuPUvkcjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668cb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/index.fb43b925.css

172.67.131.72

200 OK

176 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/index.fb43b925.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
176 kB (176155 bytes)
Hash
a19b69cf15f64ef06f14e90533125009
e8eb48abceebf9d19c334fc4263c06370e5bcf26
e1eb701f85879e7ab9b987a92f24789ff0ba8fcb33e8254104d149ef8c8548d0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/index.fb43b925.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:52 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-2b01b"
expires: Fri, 26 Apr 2024 01:51:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HaFf6k2eEK8j71BhiXkMUAGKPsD9ZDX4UvMCOaa0WaCoXBMbfUVronBu5mRd4oCMbtVxQSGvY%2BxK%2FsOFF1GZ5FWutVz%2FEP8YbmOazQyB9IvnfjyCytPKmnJbyrGEcAn%2BWSLMgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf6a296e569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-button.9829dd99.js

172.67.131.72

200 OK

4.8 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-button.9829dd99.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
JavaScript source, ASCII text, with very long lines (4997), with no line terminators
Size
4.8 kB (4762 bytes)
Hash
d429e305346b6d4c81bd2a3aac1f9263
4d53420879bb31f5b459cda04654aba68b70452f
a85b75020d66aa375f49b815fc185ab9e0b70578c1174d745080d7c5083efbb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-button.9829dd99.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-129a"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTNn8zx6omfwFm3vQ93eh%2BosD3oZ5cNLphvc7pFRWrHuB5HQfvdHbKOaWQ%2B5LFVFGafyovjl9tRRTLPXm7eWCUHxiqYRwYM7W03fqylZ6pbJi45MC9e0R8A2U9ksjEuZRiseUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668c5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/activity.b0ea2403.js

172.67.131.72

200 OK

319 B

URL GET HTTP/3
hstebxcjxdgf.shop/assets/activity.b0ea2403.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (324), with no line terminators
Size
319 B (319 bytes)
Hash
a6e4d936be30a6b841d24d7fad46c06a
39f265e7742726af17d3bddfeede7952a22bb029
e65852438a3f3a3ea83cafd454346eef9577449fdcb675984b9b698c94c681d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/activity.b0ea2403.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-13f"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRrzvbeCIUC%2B0mshYOHKgLjt34jtcvFHXuzTaIJQ6Oz2p1SNAPlr0tBEP4GR%2BHWTXy70DlQ3KmAlXqQ5xbIjITEp8JsWsmsLJkbhiNMQvv2s7PJXkOt3i0QA7YiNm0z2mvQihQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf7668c9569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-segtab.9cf3936f.css

172.67.131.72

200 OK

146 B

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-segtab.9cf3936f.css
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
cc21bc6c78410c5f952d806ad2bb9743
b3726e7437676928dfc6ee8bbeded1697d8e69f0
21abc3e42fa1c3bfc300878bdb1c07c67ed595a0ba3a76349294f5a35638b717

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-segtab.9cf3936f.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-92"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zndduMhKrmR6YlMaegv6SsP4ODXhPKJCB6xpvamCFX9mpBhXFBtFrAj3PW3qqPqOEvOldo%2FFb%2BwxGGEmZ%2Bxnb7wgy7zG3rKp3N1WM%2FJU76%2FdZuDSeHxijxZFhJ%2BzYCGqo36e2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75f823569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

hstebxcjxdgf.shop/assets/tm-app.066f35d0.js

172.67.131.72

200 OK

2.6 kB

URL GET HTTP/3
hstebxcjxdgf.shop/assets/tm-app.066f35d0.js
IP
172.67.131.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hstebxcjxdgf.shop/
Certificate
IssuerLet's Encrypt
Subjecthstebxcjxdgf.shop
Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB
ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT

File type
ASCII text, with very long lines (2762), with no line terminators
Size
2.6 kB (2643 bytes)
Hash
6109c2eb0ddc742ab563aed7542437ab
25a1442af86d480be75f5c55cd0ac7c9870a11bc
3478b611c5f575ea9de1f34251522e8b70f039b62f4120dd5f7b46bb01f75da6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/tm-app.066f35d0.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-a53"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=btTKJT5fISYHNe%2Bbaz0HXwBfJQYA3hPnYJgm%2BOkvW3U6JPHK2bRVTwY19f0%2BoU3iGCFKVPua15k73nC8lWz4MPk976V7sEii9XcRdZXxyOY%2Fm8KI5ddZJsxBe2spejqYZSt8fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c9f6e569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (34)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash