| hstebxcjxdgf.shop/static/images/tabBar/home-on.png | 172.67.131.72 | 200 OK | 605 B |
URL GET HTTP/3hstebxcjxdgf.shop/static/images/tabBar/home-on.png IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hashdef19a0db24fe00a493b990c113b892e d61ec86b8f6d09170f76746cd9412b432d40fed5 d279492339d20af5561086bafb7acf11427bf1b4a3a755a599bbb71192085056
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/images/tabBar/home-on.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 605
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-25d"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBxxNqU%2BDQyWzDN%2F2OLw97ny4FHX458%2FYvg6JuNJ1nwN83B2SKUUZu1ujpb6RHpHy0%2F0VzYQ59LXaNHMmxZH6%2F%2B6EBridtPHsz81cCJD2pLTGfWLxNWntSasky1v6zJ5vC7lOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75bfc6569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/static/images/tabBar/order.png | 172.67.131.72 | 200 OK | 623 B |
URL GET HTTP/3hstebxcjxdgf.shop/static/images/tabBar/order.png IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hash0897c7b0cb2bfbf9634a00807a6de57d 29ba0909b568033163559a19b9d7f7325730622f 3e8fee8f371d7d34ea9eb22d7597d2610ae85e333bd6231a625c2e72e7c9c349
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/images/tabBar/order.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 623
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-26f"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOxWGXslGbtMIcQhuMLtO7iTg6IvDNmlenC78bl4mO%2Bt3Fry3fs7XqznFoY%2F5Keds1SFRRX95SeKJrASykEQIvUFqicE4aF5lwOuIBnLcB7e6q5b66loKRc11VIFG0EtHfPp3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75cfd7569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/static/images/tabBar/jy.png | 172.67.131.72 | 200 OK | 1.1 kB |
URL GET HTTP/3hstebxcjxdgf.shop/static/images/tabBar/jy.png IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hash0eccebc7bf864ab6f6432b3940225365 e5a941399606443f76e8ed05f26dca79c8888d52 0dfc4fb9eaa75a6985df6fae71271d38bd8b267c5eff4db97238b5323dcd94bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/images/tabBar/jy.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 1057
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-421"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBkzD7yAd2UfqENn2Fkb%2FAY6lXiO0imzvzPfOyEeLWoZNUL%2Ff%2Bs4QOom2jWwHUrwosj8Hevb%2BSQ6gBG1ztFA4LVoWJ8u%2BO9RgdnkDCVRdmpO7dKxWWO7eN1cHoB05KmJft8xpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75cfd9569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/uni.49fc0fa4.css | 172.67.131.72 | 200 OK | 6.0 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/uni.49fc0fa4.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (20238) Hash8c4fc856d9c73ef4b0d4dd690b413371 18a86f6132a7501e3e7f0d52fba7f2821bc9968a 49fc0fa43b70df49eeb8df12e93ad9facaf3efb88704d5f5d784f3f5966ace1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/uni.49fc0fa4.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:52 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-4f0f"
expires: Fri, 26 Apr 2024 01:51:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjyVUC%2FQ3PF85Y07QpG%2BZQwwXqSoIYHYrLPqhZUgxcAjivsIJSDMpW3G91jvOOZKr9GAj3HK0ovjKp716pvbeDAb%2BCJMPT5cYMMs07WqHlhMCS%2FDPcj4u4wWJpLUDww1khGd6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf6a2969569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.131.72 | 200 OK | 1.4 kB |
URL User Request GET HTTP/2IP172.67.131.72:443
CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeHTML document, ASCII text Hash070e1b64abb4260e5ac6e157222249fa 41d9a07cd13123a4ad94d5dbc777c226d50b5811 39542191ad17dd3f5d97f18cbad3913f2260cadaaa98e8ebf3066a5a11584789
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 13:51:51 GMT
content-type: text/html
last-modified: Sat, 13 Apr 2024 19:49:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuNPKHnVlcGG9rloopdOq7LzWZaBu6YkV04u0xm9XGe361ljuSSfUrY4RuwBfkh0iunA%2Bsfy3mSQwFZZC8RKLkGoNPuBbAC3SV6q9XCjcC0AVkMmLDI5pZ5cGm6sEJIY1vnD0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf64cce956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hstebxcjxdgf.shop/assets/tm-cell.ac114cc7.css | 172.67.131.72 | 200 OK | 38 B |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-cell.ac114cc7.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
Hasha93d15ecfc9978e4c529f8c8204af7c4 7940e163e116bd0dd9c76c967346e144fe95906b e531c6c3421629ad6413b412dedaa2d1877d060c068338cbe80536ccd88e8070
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-cell.ac114cc7.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/css
content-length: 38
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-26"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oExVk0O8VKaYQURhgTuY6VgHKlld%2F%2BYY%2BgoMcUKhW3h6vGqLeA6Re1CEB3j8LFZLft4%2FHvIpPi3by7PoagjtAe1PRrqjFzOPVHhbLuIIiU6e4CLYv9Rcjc9PTUZQjr%2B5epeSew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75f82a569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| m.imtokem.vip/matomo.php?action_name=&idsite=2&rec=1&r=127384&h=13&m=51&s=54&url=https%3A%2F%2Fhstebxcjxdgf.shop%2F%23%2Fpages%2Findex%2Finit&_id=96771f46f28d9a89&_idn=1&send_image=0&_refts=0&pv_id=LAvemR&pf_net=52&pf_srv=716&pf_tfr=0&pf_dm1=798&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 | 101.44.160.52 | 204 No Content | 0 B |
URL POST HTTP/2m.imtokem.vip/matomo.php?action_name=&idsite=2&rec=1&r=127384&h=13&m=51&s=54&url=https%3A%2F%2Fhstebxcjxdgf.shop%2F%23%2Fpages%2Findex%2Finit&_id=96771f46f28d9a89&_idn=1&send_image=0&_refts=0&pv_id=LAvemR&pf_net=52&pf_srv=716&pf_tfr=0&pf_dm1=798&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 IP101.44.160.52:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjectm.imtokem.vip FingerprintDA:44:8B:C6:F6:7D:29:FB:60:A4:00:21:C1:20:E5:F3:05:57:78:DF ValidityWed, 20 Mar 2024 15:16:11 GMT - Tue, 18 Jun 2024 15:16:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=&idsite=2&rec=1&r=127384&h=13&m=51&s=54&url=https%3A%2F%2Fhstebxcjxdgf.shop%2F%23%2Fpages%2Findex%2Finit&_id=96771f46f28d9a89&_idn=1&send_image=0&_refts=0&pv_id=LAvemR&pf_net=52&pf_srv=716&pf_tfr=0&pf_dm1=798&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 HTTP/1.1
Host: m.imtokem.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://hstebxcjxdgf.shop
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 25 Apr 2024 13:51:54 GMT
access-control-allow-origin: https://hstebxcjxdgf.shop
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| huobicfg.s3.amazonaws.com/currency_icon/eth.png | 52.219.136.117 | 200 OK | 616 B |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/eth.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd8a57c2396575a058eb68a6c0e32caef 6495d31828866f3dbabc4aad7c77e02ff457cfb8 b05bb6169930a076c463a15280a165560bd30972e2599f71ca62f44c023d666c
GET /currency_icon/eth.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: nOcRqOnn2MhuqFxUIForNcYOfBTu0WqoI85SspgCEucQz4bu5FoRgg8RqrJkW9sdN0qZwoOLZcU=
x-amz-request-id: D1Q8GZ54Y7CGX6AS
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Wed, 23 Nov 2022 07:24:47 GMT
ETag: "d8a57c2396575a058eb68a6c0e32caef"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 616
|
|
| hstebxcjxdgf.shop/v1/api/exchange/getSymbolConfig | 172.67.131.72 | 200 OK | 3.5 kB |
URL GET HTTP/3hstebxcjxdgf.shop/v1/api/exchange/getSymbolConfig IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
Hashdd526e01132ad9cba82fa7d9c75ee0c8 d6e584acbd6a8da15ec4b617e4eede4aaf183560 5a412a4b0d1ccb3dfafb716b2f7d7dede35a3b874bc73188cf4bc1a70a462c58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v1/api/exchange/getSymbolConfig HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8;
language: en
authorize:
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:56 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7AgbpKm3vUkJbD0sQg6U9Kc2zeupHKKoKXVgDtc5pY4%2FQDkpwFqnW0nV6cS7egJvsgKIdrXTp9CKyK2K4QykMG6sSR9IrNcGIrHeq49vsQhz1Q2rH0MoIJuq4vRuaEhRsxkmjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf878d02569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/index.6eaf1a90.js | 172.67.131.72 | 200 OK | 205 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.6eaf1a90.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (60832) Size205 kB (204749 bytes) Hash9b0b45833a97011daabfe576c3cef7c4 b678eda600553480a85c6d315b3a3e6e9e4a39e2 41a1d19d0b4ef171d030fa472947b914bdf55f2ec18d6b945febf99766a9ec85
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.6eaf1a90.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-9567d"
expires: Fri, 26 Apr 2024 01:51:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=191DHZIe9Dqc0uK%2F4l8GuiZUXraQxcF9pFJBjua7ihX%2FKrlm1nJxHgFXe9FpyKfTzOrS1wRIuKSZDmUaD2joP91BIVgknZVIoJWQLE8TYH4%2FH3gELcJAV27M8Zl5ltpYiicJSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf6a296c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-segtab.723e6c29.js | 172.67.131.72 | 200 OK | 5.1 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-segtab.723e6c29.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (4688) Hasha578d7dbf93a39ea666be4fd40bbb0ba d51013a16e92e04078684787d6e8ef7201891da8 8b468df5c23863245ce0c799bad99bb3c51ac0bc2293caec459ae0944c7fbc29
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-segtab.723e6c29.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1251"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SZep76KYtDsryQ7jMHJhGencfnlOexZHVYhkLI7bZuyhgLnqaoApBgSIcElXU7nSTpDbsP4NDogyenCchgEm1%2FUe2c%2FA8PLN6gUL%2FIV7kGNb4kafW7Hu9D%2Bc2qiwZq2TgjwMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b2569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-button.ddf396b1.css | 172.67.131.72 | 200 OK | 403 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-button.ddf396b1.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
Size403 kB (403261 bytes) Hash0e9f614f6c6215d066c9fdcfa7645776 2728ef74e26aa186fa6e3f87bf11cedaa46b42de 0c7a24f6669840fcb16ab71c6c1b55d1c1f72dbc269ed86d96e21c5fabd21b55
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-button.ddf396b1.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-12d"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5bGWH917yy8T8SfqtsBdUjJcu%2FQs7jG%2FbGPJHyiRjonw%2FYP%2BHt3HdwkQXA%2BcHeEVUcFHMKT%2Bou0tjWboToA5j56yR5Pszc6RnGYNgqmpI%2Fj8jrTFpOawHVvHsPibrlhPvKTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75f82c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/index.0617e005.js | 172.67.131.72 | 200 OK | 372 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.0617e005.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (50899) Size372 kB (371543 bytes) Hash8b1d25592f0db62abef25f41d67c8438 70a702a0472078ddb7feb8eeb68aee798fb8177d ac890f45cac75bec5f3bd437dacaea084b2708bbde230d8eaaa4a306fa79d69a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.0617e005.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:55 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-16bffb"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vH24EAJbIVrov9WmnTzebyUDNjXcX6vwQXVB1xzknTAKZYgoNdxTs2NVsHFZsMLkkiBVPKxI6vHi6q1ZrQpkazgtFyBia7zo0WYuTDQGJm6TEhPG4dmq%2Fcq7aFBVVso8R1Zjsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668d0569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/v1/api/exchange/getSymbolConfig | 172.67.131.72 | 200 OK | 91 kB |
URL GET HTTP/3hstebxcjxdgf.shop/v1/api/exchange/getSymbolConfig IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
Hashdd526e01132ad9cba82fa7d9c75ee0c8 d6e584acbd6a8da15ec4b617e4eede4aaf183560 5a412a4b0d1ccb3dfafb716b2f7d7dede35a3b874bc73188cf4bc1a70a462c58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v1/api/exchange/getSymbolConfig HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8;
language: en
authorize:
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:56 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iXwwK7LpiNyc22pJF2o%2BgjbfH3oV2DCfoe5MroDwyNNsyEalhK%2BZ4sn%2B4Ao%2BP4JqExBhtVFiB8mmd0Pn%2BSYhC5Z%2FSFLja%2FC4n1boLHx5r6XTReSSVoGEMvs4Y0GI5orX0%2FAPJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf858a41569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js | 172.67.131.72 | 200 OK | 128 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size128 kB (128222 bytes) Hash98f12447316c0eeab47409dd7133a13c c8b5cd2f6f23dc1c63354d53dbdf770469a644da 7856878fc8f20ce8c4013c055b4e52941edfe2157a8c7a646af4ef3aeee6a56e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/pages-index-index.b989133a.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-11843"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUsUepPPiwpNzLe6f2EVHr%2Fqnehm4OcXxvGtcyon0s%2FJChEEMBQhXiDMO4e5T7YQS%2BP7VXW37vB3pVrwhLbGE%2BqYNDAg17Cs6wRywJHd5fimoGJrzbe5f4J68o5BwoZmd3xkLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658af569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/index.1bde2e87.js | 172.67.131.72 | 200 OK | 4.3 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.1bde2e87.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJava source, ASCII text, with very long lines (5401) Hash151c88638f2eef7b8d530ab271345ff8 7d8b85696bb326d84e81cf1bd095e3f0fa13a2ba 84adc0494801577cc359ecf5e0e00d7d2e9ca86bffee77d97eb436c5c7cfcf4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.1bde2e87.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-151a"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t52d81bnO2A2Eqy%2BvoDcSbzTAdY6k3W25O8bJ3EX5uX%2BxxsvflT%2Fs1zdK5ud6zM9vjoxdYuncNXq4%2Fho6E9JqjoGKUfvg8Avqg9xNuN7uwRxVb1B%2BjTH5DTXB9ZjP3KrgNKSMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668ca569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| huobicfg.s3.amazonaws.com/currency_icon/ksm.png | 52.219.136.117 | 200 OK | 4.5 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/ksm.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash87de3ee0fdebb621dabd4796598f6888 f8dd822f8f7b75fdb2b18ff10266deab9c397dcd 64613bc4f18ed4f69a72222af826cb68733ad5ffd5990a2223ab689da62f1f56
GET /currency_icon/ksm.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 8nq9dfSUQKqi+DBJ8iEd+2JMm6u3UzTZ2evagfPXsDKJ7BguIZsNnZf97Ao76mh92rQapgIHmYE=
x-amz-request-id: FKBBVYXC9JFFJWP5
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 08:56:32 GMT
ETag: "87de3ee0fdebb621dabd4796598f6888"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 4490
|
|
| hstebxcjxdgf.shop/assets/tm-input.e931f66a.js | 172.67.131.72 | 200 OK | 4.3 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-input.e931f66a.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (13226) Hashe88c6caffde22d0c7e0846047c4a19e5 e405aa1625574f59d127decc56b91d964be5e1f5 6aabff30da255935496a9bbf51c4b1dbea6524b30a51bad991e342ede673adf4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-input.e931f66a.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-3443"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uq2BMjTZPTBMRxzmeCMc%2FoK%2FJvySfUD6PvaDBK6qedRWvOhetPlMTnDnU%2F4bdirMbQVSehJtt4%2FQWSbpH%2FWmQdyE%2FDjrc68de4bUtoiNRsMqb8pyKOHYsYQ71vDkgYS1IysI7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668d5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| huobicfg.s3.amazonaws.com/currency_icon/atm.png | 52.219.136.117 | 200 OK | 58 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/atm.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashc9c10f0a4144cec867d6fe8449b5940a e387ed823c6200125cc2f22768328bc776903ca7 491d20b16ae55123bf81158ced4ff566b923349e91c0d84e20cb0c7af7819f31
GET /currency_icon/atm.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Muo7SYaeZ/ru9L4yTTnFZJhQgupSUOboURycSl3dflNojBltUscHWJbK5oub6hfYoQkSJYB1zLg=
x-amz-request-id: FKBC2FB4HCH04HJF
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Mon, 18 Jul 2022 08:08:17 GMT
ETag: "c9c10f0a4144cec867d6fe8449b5940a"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 58467
|
|
| hstebxcjxdgf.shop/assets/pages-index-init.c1805d61.js | 172.67.131.72 | 200 OK | 2.6 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/pages-index-init.c1805d61.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJava source, ASCII text, with very long lines (1021) Hashaea2b211df27313890aed8ef0748f2ef cb441acc0ef9ab3388b203b573cacc96a769db1d 1105edc39c3b1613457ff1d533ca09e1c828595653ba741c56c12b1f554e0ee8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/pages-index-init.c1805d61.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/index.6eaf1a90.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-3fe"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8NcI0EZSmMjx4ncJT36KQlDbcmdGWFAO0SPmOwGtChDBtuMYmCcI042skOc0KUDt9rRJ1rgL6kNhYSzx09GYEPBE9WvgY7guHn9c09%2BV7Y4P4lsSP4KSVKtKfeJZ1LiDnPDhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf7678e0569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| huobicfg.s3.amazonaws.com/currency_icon/uni.png | 52.219.136.117 | 200 OK | 7.9 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/uni.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashca0493ee4bcd7c0c7801ec1f0f915f3c f210cabb3d69c47b8702fe98edd167077536ed4d 36e52e07f68877eceeee2b2ac16ac4100269e3664309d0d660df7d83f817ab6c
GET /currency_icon/uni.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: io4pSdRS7KY+Z/Hrtug52+f6nnmFi51g0H1f7rR2lvQWaMA7wfv7aD2EyPePo6tWnHfBpPtl514=
x-amz-request-id: FKBASZQ8HM298SPG
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 14 Dec 2021 01:19:26 GMT
ETag: "ca0493ee4bcd7c0c7801ec1f0f915f3c"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 7922
|
|
| hstebxcjxdgf.shop/assets/tm-message.297347c7.js | 172.67.131.72 | 200 OK | 3.1 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-message.297347c7.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (3238), with no line terminators Hash3ac35a77624b0283d3b1b2e2d8ff33bd 291a82c9d53054b4eb1793c9f4e7b402287de90a e8af9b776af221e5883ef50bcf0f4744dd4bfbd3385e185fbc3e4171d1ccb5cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-message.297347c7.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-c19"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xI38I%2F8nOpLZrZxvJ9jb8LUkKLQjSQvESUl3%2B%2F9S4XV8xbkNHSzk0wHm3x%2B%2FbM3zN7nCdC1vZmqb4O%2B1USmJprwSpXoX209rhUXrjjHq5zh8laeSdg0pLhWW%2BqxKgpJj71RBbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7caf91569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/v1/api/config/getLanguage | 172.67.131.72 | 200 OK | 18 kB |
URL GET HTTP/3hstebxcjxdgf.shop/v1/api/config/getLanguage IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
Hashd02f95169de2de3f3ca614802f5f14ad 7cfc8baeae96553ee09bce2db83de8daff5db9d3 31cbb350a3f8259d1178c47033b747014de807d209239190b868c7f91a9b475a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v1/api/config/getLanguage HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8;
language: en
authorize:
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:55 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2F4PhskMBMUQJr1zQTHdx7YS6NJ7mD09W8SrzeIp4GtBuW8Hc2BS8rwNpOfhsq0bbCHo540CHW23k1UtIOKq3HLNbJb9ivGaL73amLZJn%2Bd8crqr3r51%2FgxqC%2BqVECoykoYMkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7fab1c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| huobicfg.s3.amazonaws.com/currency_icon/eos.png | 52.219.136.117 | 200 OK | 2.1 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/eos.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2e378a55ee8872eeed60504a669d1823 0cbc284300b807bbb49e3c499c75cdfed645aa83 7bb3f430e79957c96f95fb034ede8c9bcee700e2083fc983c074c13eaa23c61e
GET /currency_icon/eos.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: qasxFSAvLoYhpYN5/S3EilZ17/Yfb2fDhnIq63NY5iFBD4abRT6RxD9MkxDfM0hGGefYECCA10s=
x-amz-request-id: FKBCFZJ0K70DSVF8
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 09:11:38 GMT
ETag: "96364067a53dec3a858b9a41163133eb"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2061
|
|
| huobicfg.s3.amazonaws.com/currency_icon/doge.png | 52.219.136.117 | 200 OK | 96 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/doge.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashc87c69f42f20e0d5814d16e4d32e5fb6 38797c1694b02773066ba7a5a26001f7cb1880fa 3b34d6c60a61b7075859f0388dbf6c0f098e252ac1afdc5e1cf3644416bb9e54
GET /currency_icon/doge.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: YOIst/3MnIVjXEhdRMTemPqotFhd51jzEzLwh7E0o/hfXbemwHdCaa4lkkk3ovITHx/ufiFIOfk=
x-amz-request-id: D1QET9K21KPM5G7P
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Wed, 15 Dec 2021 10:28:20 GMT
ETag: "c87c69f42f20e0d5814d16e4d32e5fb6"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 95791
|
|
| huobicfg.s3.amazonaws.com/currency_icon/ht.png | 52.219.136.117 | 200 OK | 2.0 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/ht.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashdc7ad42847b27c64b50a58a73d3385d4 877dcb9df77b469a2463c7e66d46807d79e24845 fb3d6611dc224b597d829c6c0fac16d72dccd400213790e86adc6de91a566f69
GET /currency_icon/ht.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: BDsJqYvFH9KQlYM/8LumbFXrjGnVBDRh3tMym3JLD+n1PXFu5zjNYd2L0YEB/+e0csO5Ga5pGFk=
x-amz-request-id: FKBCXZD4MG1F0EGH
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Mon, 25 Oct 2021 03:09:57 GMT
ETag: "80e500afa84f18399d56e65b94005aac"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1991
|
|
| hstebxcjxdgf.shop/assets/index.68569b05.css | 172.67.131.72 | 200 OK | 2.5 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.68569b05.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (2467), with no line terminators Hash22ae0222e13ecaeb29d6fb62f09e1654 196a55ffb533dcd309429b89598b52a7aec35086 fa2b188c118e93c17090446f319e041606752e8d3b0d60c15082eee91effb8db
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.68569b05.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-9a2"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjJzQ2OMSpoVNc9qLinxUAgdfzgVZgPjNpGx87Hn5dqT1gUUTfgTAw4T3LeHXkExmCKf42PgXO2HJwTeSne2VFzWfl%2F02qhLP124qwCLdjGGyb3vWGKTZ63KMFju7TZPN6jrEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf760830569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js | 172.67.131.72 | 200 OK | 4.0 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (4165), with no line terminators Hashd9f3cfe47eae3a13bd869be3fd1a52c4 276ec8c26768ca5419d6372a132b8c01b5c0ebe8 4b8507b6e949299e22af33559d936c8973f01d138cda2a11cf1f16f32ee86db2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-tag.9c6285aa.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-fa4"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APbn48RwYG6VM8UvNxO2YwlPSKvpDKet8g5BdiQiPWpl963hoDapVqDt5g2hEnojPJRzJOx5uWTTl7TGwMWJ6BYmG7cW%2F1bjVItQLsZi%2Bu58ePZDRWYbefYjh9y1uWb%2BpBXQ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668c1569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/index.0fbdd17c.js | 172.67.131.72 | 200 OK | 18 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.0fbdd17c.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (9755) Hashb1e2e78a90c2b102fa89aede1b13b620 e8fd4173f205fd60e0cbbea40ff02a74af4de355 ca1b81f8a8416c52d48e6d8ae0381dddcb9552c88d7df920cdde8d91fa52685c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.0fbdd17c.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-463e"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwSMNTvOjJXYdpjqiEPxpayGAQAyHQ4T0AR7kymDUIju2LGPHNFInxptp1uctPWyBtofZ%2Bmt9YBs5NQ7G1PApCsuLhC3qLCfjGV%2BkIxagBSGcpD%2FA6ipOJdSpWW5Nx1OuhQVYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c7f56569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-drawer.83de1656.css | 172.67.131.72 | 200 OK | 497 B |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-drawer.83de1656.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (498), with no line terminators Hash635fde49c826db15abc5110ef4799f12 eb335c243879294176ed0d58bf9e70856bbd6aa8 36b7f88b3999d3fdce2791bc26e56befc25113502414a0ea6a620676a9f4c759
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-drawer.83de1656.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-1f1"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnLp30eddWYjLkgmY9oGCw2Y72PPX1bDKRDqZmeU3C7xgYxwXRZITmurOWN9up4HlJW3o%2BK8W2HP90S5D%2B1QsGgZCLQj%2BS99U%2FcFcC4vzUbKdZP8SoWoDOPn%2BEmxFYWUOWtDHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75f828569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js | 172.67.131.72 | 200 OK | 5.7 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (5919), with no line terminators Hasha17192c96f6aa3b43b515f3656257457 7be599b183452406b5c3cae56f7fe35798e7049c b3d40ee803df0465d8aff401885882e33d3601d1237bea37f2717d6c40b07b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-drawer.1082ad41.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1624"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pUuETQw2Fi8AeYYd0XLviEFhkMy6wDOcbHZfUeAD%2BdlwaLW2JLo0Bb7FWg1pVJjeLF6AXlpeO16todno4rUeOkz7jvLVPgyXl9oNkLtL1ozKMOHC1ClDde3B1lvn8vXZj80iTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/static/images/tabBar/asset.png | 172.67.131.72 | 200 OK | 694 B |
URL GET HTTP/3hstebxcjxdgf.shop/static/images/tabBar/asset.png IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hashc060f809b640e3037ff4b3acb5a80907 f568594ca7b19224a846bd594f1c5e9e1002ba44 9da1253a1c8a7153cb6568e7d3082dbb432e5a7662de8ee47507b0d7be9e32c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/images/tabBar/asset.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 694
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-2b6"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cixLt2e2kwP7zn4kFEMXCpRVohQsZ06Kv8nu518reqUpJzPZP1w02TvCL5u3jyuEpfYrh8X%2B0S1woKZ6GSMaK4n%2FH%2BLHQr0RSmlRVsEWfwtZJXZVDKQiI%2BK5MSNL1INr9L6UIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75cfdc569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/index.8dcd61b3.css | 172.67.131.72 | 200 OK | 28 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.8dcd61b3.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (28439) Hashf852196c4ea2b547f1237d8a289495ef c1459f41772e20bab78303a382e7ae5b7ca94b82 2736abe8648966e8e1b60d1a0b920b0eb84a3901d73d4b527eaf6599cc9c2718
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.8dcd61b3.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-6f18"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gKCTTnPpYQHN9FytfUfH67sckDVIjoUwhPSCqz%2BXFpDuIi9nJ%2BVqW7X0kz7wF9GsqhRLscqg1aT1ca%2BdCbgzrSbv1etkOIKNEerQWtQqgvgiVq0QXiS7zHO6C%2FuNY7ZQ%2Bo0MkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf75e813569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| m.imtokem.vip/matomo.js | 101.44.160.52 | 200 OK | 67 kB |
IP101.44.160.52:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjectm.imtokem.vip FingerprintDA:44:8B:C6:F6:7D:29:FB:60:A4:00:21:C1:20:E5:F3:05:57:78:DF ValidityWed, 20 Mar 2024 15:16:11 GMT - Tue, 18 Jun 2024 15:16:10 GMT
File typeJavaScript source, ASCII text, with very long lines (1601) Hash14cdc4216e8570c05349164d12516056 51bd805b6a84d245aaa345bcc7d221c43780bd3b b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
GET /matomo.js HTTP/1.1
Host: m.imtokem.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: application/javascript
last-modified: Thu, 07 Mar 2024 23:35:49 GMT
vary: Accept-Encoding
etag: W/"65ea4f55-1042f"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js | 172.67.131.72 | 200 OK | 7.9 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (8237), with no line terminators Hashf2590f35be26959a55030ef28597eb3c cb8c65bfe9cc7d94f825a60e19240dd63a917005 d3bc45d92d61f47e0505d4c9ec28039521a407cd7197116b017a486ca5ab272d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-cell.2b45fdad.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1eb5"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URqPROVJep333O61zIU1NQnnp%2FFLLV1UX8GEqRpbKzEnE7bmdH%2FJkJpHfXbvX9Boq8rG5auDFjaBf1v%2F5%2F3wxAtSwgmJWihdX8xLSwjXCMwzk6an1qi%2Bw7XJnkrjRS4W8tbiWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c9f71569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/index.2a3b3b74.css | 172.67.131.72 | 200 OK | 2.5 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.2a3b3b74.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (2451), with no line terminators Hash4b4fcf79198f58b2ab35d82722ddcf71 33e587c6bb99e40a650a2e759c485e7f0057f795 3d900583fb36fcb401cf83ffd80b83a1d4ab2930b3e4da3ee60cc6e8c27d05a7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.2a3b3b74.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-992"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LynKW8JJuveMq6lvvS3oBnMyjoSp8lgxdDAhYJcR8BdcERGapbgPEklNntHeLT9wNklGX8tP47mOamwQyGyRggQAtorQBB2YS8Vk%2Fiiu%2FYHwhX%2FQaR4aJx%2FfQrpP7cEXexebgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf760834569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js | 172.67.131.72 | 200 OK | 7.9 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-cell.2b45fdad.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (8237), with no line terminators Hashf2590f35be26959a55030ef28597eb3c cb8c65bfe9cc7d94f825a60e19240dd63a917005 d3bc45d92d61f47e0505d4c9ec28039521a407cd7197116b017a486ca5ab272d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-cell.2b45fdad.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1eb5"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAdLWgQ8utB1Xoe%2B7Q%2BOe0Mv%2BV%2BSFhKfmEt9Q4PyF7u1Ivjs0m%2Bnve1NFGcMgkX1wWkIHSCzYuQblaKF0O6RM6oLyEkpHmwV3Sf6z81CMTS5pavSn7aTSQzboJt%2FlG7La81v8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b8569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/activity.b0ea2403.js | 172.67.131.72 | 200 OK | 319 B |
URL GET HTTP/3hstebxcjxdgf.shop/assets/activity.b0ea2403.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (324), with no line terminators Hasha6e4d936be30a6b841d24d7fad46c06a 39f265e7742726af17d3bddfeede7952a22bb029 e65852438a3f3a3ea83cafd454346eef9577449fdcb675984b9b698c94c681d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/activity.b0ea2403.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-13f"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bU3Vts3%2FTqIGgBsw3ln4jE8IAKZX7lJqJOQi7klJuFu4Uej8jqy9tR1nfo5%2Br4kVvZenm2EWAgF%2FJEmaAl7XFvlvdE%2F%2BAnV5c7oeKATTuc8DHF6FshAvaHvYxo6v8Zm5ZQ0fUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf7caf87569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/favicon.ico | 172.67.131.72 | 404 Not Found | 146 B |
URL GET HTTP/3hstebxcjxdgf.shop/favicon.ico IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeHTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MkDR50NNUpg26cHTOHYjV8TUiMgUvesLaSDine4bUCny1vzda403v6D1FPpPEWkXhEZJnP6wiSYiGuYl5kiWeD7p5VITI9R5wC3YIUU6yjCpJ6KQbc%2F67PBj1w13At8p7uLMVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf7ec9df569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| huobicfg.s3.amazonaws.com/currency_icon/btc.png | 52.219.136.117 | 200 OK | 1.9 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/btc.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash3b542145b22a2944b97eb21d3a4a9fce eb1a7f0a1487005404c45ab144b0215c980e46ab 68efaf364f541121fa80b7a50eb6ef8525819703a98ada0fa970746a03481ca0
GET /currency_icon/btc.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: /PcYMb2TDFqNjdWjJLYWEbzO3lW0tJsImrM5wgbtA0/h4NtL4hh0JwfFMNKD0TrVH/kUSuhBfFo=
x-amz-request-id: D1QDBAJGH0154PX9
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Tue, 27 Jul 2021 08:37:53 GMT
ETag: "03c74454bc971a3437d588396a5e610e"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1947
|
|
| huobicfg.s3.amazonaws.com/currency_icon/juv.png | 52.219.136.117 | 200 OK | 32 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/juv.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha744b92a3e601192ca6a6fc23775c59a 1867c28e3a5e17088bdf91bf581eb4350a7b5dd4 60b90438c73d933bc56700b9e7947120d3d7ae32500a5df4a18015a3f52d3f55
GET /currency_icon/juv.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: cuHl0cIibDKlK2U83TSN7aexHXb5YbMQMx+GQAVzzVKocoyViPuhzGlXMkFiegr2ZAxAGQSVukg=
x-amz-request-id: D1Q3D73ETEP0PSSV
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Mon, 18 Jul 2022 08:09:02 GMT
ETag: "a744b92a3e601192ca6a6fc23775c59a"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 32085
|
|
| hstebxcjxdgf.shop/assets/index.0fbdd17c.js | 172.67.131.72 | 200 OK | 18 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.0fbdd17c.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (9755) Hashb1e2e78a90c2b102fa89aede1b13b620 e8fd4173f205fd60e0cbbea40ff02a74af4de355 ca1b81f8a8416c52d48e6d8ae0381dddcb9552c88d7df920cdde8d91fa52685c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.0fbdd17c.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-463e"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQZ0FALSZmDtBVgkTQrexmbycly%2BF6UeUJBdiSvOchc9nK6VLYDSiRSIFxInuV2j854RiMxpisFdN78UU7wEBUrbEGCZh4x1VynlanCw8fgVqjg8NADuu1%2F8eACVKuspBgSrMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b1569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js | 172.67.131.72 | 200 OK | 2.0 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (2138), with no line terminators Hashdc36225797d16e1ef26e0838d3f7103c a71e12c9158aa33adafac153dae68e4c34522b4f 9b68de78fbae2cd99b32d421e83c2d5c1fbdc8ff36daea77af218bd5bb10d2a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-divider.0f9b50bd.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-7e9"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syL20d6F6v%2Ft0pisfNkgOOs%2B1Y%2F0ovD4nX9mtDKzC14kkGk8n9kwn0BUY4GTAhwSBsactFsjDi4z5QHVUCDscwaFw4r9UOpMewOkM4OdK%2B1suVClgs31SZW9l5zayd2cBbD5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668bd569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-button.9829dd99.js | 172.67.131.72 | 200 OK | 4.8 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-button.9829dd99.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (4997), with no line terminators Hashd429e305346b6d4c81bd2a3aac1f9263 4d53420879bb31f5b459cda04654aba68b70452f a85b75020d66aa375f49b815fc185ab9e0b70578c1174d745080d7c5083efbb5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-button.9829dd99.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-129a"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9QwgofvwfHUsHGGSdJtQ%2FTIl79Jbc0cDBJlekfWB40pTwSTNnEXoldKTgzB1mYtm8JApWro6R8jY4MeRpiuiUMQXNcOP0r6yixoWOnL%2BbiU%2FTT6j3cXgRoduH1GdsaV%2BiYKDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c9f7d569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| huobicfg.s3.amazonaws.com/currency_icon/ltc.png | 52.219.136.117 | 200 OK | 479 B |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/ltc.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashe9d18b314eab6be092b5729abc03dc89 d55276dd8152b445258ab0d9977004bc558e7125 fb186832ab17df02aef668fb539a854d33710b6b567ba07d6aaec2c42d9a9b79
GET /currency_icon/ltc.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: SB/RHFOwcW9WxgwNzCjKd/mDrYAvojTX+TM06ia2KjSPiqB40Y3t+wJKCe3bgeEuYkYqEHtzKvQ=
x-amz-request-id: FKB94PVC3NYRVB61
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 09:04:10 GMT
ETag: "b772bf1738628de70f1b9304c3d669ff"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 479
|
|
| hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js | 172.67.131.72 | 200 OK | 2.0 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-divider.0f9b50bd.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (2138), with no line terminators Hashdc36225797d16e1ef26e0838d3f7103c a71e12c9158aa33adafac153dae68e4c34522b4f 9b68de78fbae2cd99b32d421e83c2d5c1fbdc8ff36daea77af218bd5bb10d2a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-divider.0f9b50bd.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-7e9"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yr947tey8x6UiEPC1NkgPKXvgbIIt9jEVb%2BlWJivANOWGAQj1k1ofD5nC48pQCJZ5uLvVdJzov01SgMlAbVKaiiYcBnOfXZln74WFQZzZOH0MDZM3bGbzR2G6DC84GUxrjQJWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7caf9c569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| huobicfg.s3.amazonaws.com/currency_icon/bch.png | 52.219.136.117 | 200 OK | 2.0 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/bch.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha8abf3036b3921fb05796c51ca0b8f47 60e428728bfea4f2c99b3227c091a970676bae1d 8d7a9efbb2b73c1348674ebf307ee85388aa723c438e262ad63708f4e7e59a0d
GET /currency_icon/bch.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: TdXdkxxQ+GnfmAcMiaZssG1HduEBVomMdmoCzZ9AwjKx8Q9/Dj7m1RKHL1ypA7B42pQz6i5r3HQ=
x-amz-request-id: FKB99RJQJZX4G78K
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 08:30:25 GMT
ETag: "a62c25ec1acb1fc3718098578b388808"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1953
|
|
| hstebxcjxdgf.shop/assets/tm-app.066f35d0.js | 172.67.131.72 | 200 OK | 2.6 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-app.066f35d0.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (2762), with no line terminators Hash6109c2eb0ddc742ab563aed7542437ab 25a1442af86d480be75f5c55cd0ac7c9870a11bc 3478b611c5f575ea9de1f34251522e8b70f039b62f4120dd5f7b46bb01f75da6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-app.066f35d0.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-a53"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbHNmU37mGjHKGX42if6Vvd0JhiQC8ZZ6tc2qmjpwgweqIcYoM9anzSOgvkaWEJe5uI%2BD5%2BX9LsntYbQcOlWCmmUAXIAw66tD%2B5cXOgg0fNiLm23AGfkGqY02Z%2BixnLPI%2FWm8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7658b6569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/v1/api/config/platformConfig?domain=hstebxcjxdgf.shop | 172.67.131.72 | 200 OK | 4.5 kB |
URL GET HTTP/3hstebxcjxdgf.shop/v1/api/config/platformConfig?domain=hstebxcjxdgf.shop IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4754), with no line terminators Hash553bd498db6d4ee4ffa2a8dd98752c4b 4e5140acd50dd7cfaacf0d9327d1958d9d07fa92 d87b2efdc1fb5958de8d016016b9833dd350f9c91530901fc44e39dc84b44e9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /v1/api/config/platformConfig?domain=hstebxcjxdgf.shop HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8;
language: en-US
authorize:
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate, no-cache
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aO0lE%2BeJ4eRQnra97vSwy62RsmSb4MnRUYnHdWgh70Cf8IdpGbEfblFvQUV0dIxRsBPnzoTUGMfot%2B65MIdQFkl1tb5gtgzotJEjk0GtVeHkhHUUkX4LmOAynm02bQ1yyftThA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7b3e12569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js | 172.67.131.72 | 200 OK | 5.7 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-drawer.1082ad41.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (5919), with no line terminators Hasha17192c96f6aa3b43b515f3656257457 7be599b183452406b5c3cae56f7fe35798e7049c b3d40ee803df0465d8aff401885882e33d3601d1237bea37f2717d6c40b07b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-drawer.1082ad41.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-1624"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVcFCE6f4S5KMIDKIWitSWJR%2FeIVg93bdqLHm5eGaCS9%2BrbWP9a7C08esSX7EbUWgNJe1DEI3ToM2JlFfcvMZ8CrS0bG%2BBDnYmLHVqDtn%2FkbKA13pfXtjfHW4VUW8U%2BLxzWBkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c8f67569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js | 172.67.131.72 | 200 OK | 2.8 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (2872), with no line terminators Hashe28f3968b0b34db75468706d495fff8e fe671d0c1f67d064ab486783472cd2fa131522e2 68d6bd7123477d37a74b0e99b28e6e579df35c49fe0a7bcc08700672e7df91f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-col.e4a8d827.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-abf"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=co0DBe%2BdFaVP6%2Bb2VaDflpgl%2FvWMifd2EuHWrMnQo%2BfMqBmaGCt7ZQBs6eymP1f29yu9kTHaWICCHMa3b2NAYtSBdTfadfNRP%2F6v4XzT0gHKraIZ96cWNHnY67UWoNKMYA4zbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7caf9d569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| huobicfg.s3.amazonaws.com/currency_icon/chz.png | 52.219.136.117 | 200 OK | 3.6 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/chz.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash27a594e6bcf3a143a5e7dae9a9194b92 edcbbb142c429991578183acb2df7321d5a78566 5d36c1a2746bd57fbb5f508084840a51c0da9cebcf0e1f7f6450ae41772768ba
GET /currency_icon/chz.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Iqn+I4C3UQl/5JpUS4SDq+rIG72BKDB72s31qW0zre/bgo6WDl38bHzYPr5UzPJWvFnTuP71FXo=
x-amz-request-id: D1QDBSZ03YARFYG1
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Tue, 27 Jul 2021 08:43:18 GMT
ETag: "c07cc55bfc92d6bc8a1004e4dcf9185f"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 3619
|
|
| huobicfg.s3.amazonaws.com/currency_icon/psg.png | 52.219.136.117 | 200 OK | 89 kB |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/psg.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash05dfdeebb6ff6fa2d8d550bbd44333dd cded36e365326034e1fc8676ba5775495924226f 10558f282b4ea7828504cab96efd84885968e8613de211f9eae83885c2e09641
GET /currency_icon/psg.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: kM6Eb/s4hsZlCisIFXHHqUNssyX3n+c5Gwm57IAgPmtTM1lDw6Bnhp06K5k4OeIfwRz25JxE+XE=
x-amz-request-id: D1QCAW40PG1G0EHH
Date: Thu, 25 Apr 2024 13:51:58 GMT
Last-Modified: Mon, 18 Jul 2022 08:07:44 GMT
ETag: "05dfdeebb6ff6fa2d8d550bbd44333dd"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 89209
|
|
| huobicfg.s3.amazonaws.com/currency_icon/link.png | 52.219.136.117 | 200 OK | 681 B |
URL GET HTTP/1.1huobicfg.s3.amazonaws.com/currency_icon/link.png IP52.219.136.117:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerAmazon Subject*.s3.amazonaws.com FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1 ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashb51bbeff2f00460dbe333edc0a81ccb9 34811c127cf82637479d7dbb1696dc403d4fd394 909efbf8d841f7b92ced19d90bbcf84f8e0524c25309dbc3d363e29abbf942f8
GET /currency_icon/link.png HTTP/1.1
Host: huobicfg.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: PtfbaXpHlpStJRCdTJK2qr1y5Q0sTBbmznouCJPaGjwxBxHhttWjWUHim2mP6sDr0/qyHuRijU0=
x-amz-request-id: FKBFJ91EJHY6P1GX
Date: Thu, 25 Apr 2024 13:51:59 GMT
Last-Modified: Tue, 27 Jul 2021 09:01:11 GMT
ETag: "3cfdbc8f3e987bcf7862cba68cb369cc"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 681
|
|
| hstebxcjxdgf.shop/static/images/tabBar/my.png | 172.67.131.72 | 200 OK | 664 B |
URL GET HTTP/3hstebxcjxdgf.shop/static/images/tabBar/my.png IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hash5fa0e8c8be776e0ad69b41eb29387ab1 6a7dee6c2139d15e5fbe2f7a6ebabee07354710d eebdc7fce5c2de4f58a49db1cd4bce63341b14bcae199d396eb1ab5a2bea3807
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/images/tabBar/my.png HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: image/png
content-length: 664
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: "64f0e6f2-298"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAeP7tBVYUy1cv90TRxAwcoqGI9imbuz2MxPJDc68wJFmi2m783%2F%2BmdflaIoje%2FnQEMXQWF3TsRRSFg%2BzsplMdv6b%2BRE5JhMLOyZrCkfbn5g2vDsJ%2BY%2B6ATTNT4xeNwv1PrK%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75dfe8569a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js | 172.67.131.72 | 200 OK | 2.8 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-col.e4a8d827.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (2872), with no line terminators Hashe28f3968b0b34db75468706d495fff8e fe671d0c1f67d064ab486783472cd2fa131522e2 68d6bd7123477d37a74b0e99b28e6e579df35c49fe0a7bcc08700672e7df91f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-col.e4a8d827.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-abf"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cxl%2B5%2BfLJ8YAfdSn7WQkeO%2B6PdXg%2BCTmh64LC6G8HL6vyufYobUB3laOQ4mn5DeEVxKte1W14Yo7Us5jIlnSlOYXOrm4eiR6ZMj0ZCt5Jcn2UZj6QwpkJeH%2BXiGUqms2N1vK%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668d3569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js | 172.67.131.72 | 200 OK | 4.0 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-tag.9c6285aa.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (4165), with no line terminators Hashd9f3cfe47eae3a13bd869be3fd1a52c4 276ec8c26768ca5419d6372a132b8c01b5c0ebe8 4b8507b6e949299e22af33559d936c8973f01d138cda2a11cf1f16f32ee86db2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-tag.9c6285aa.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-fa4"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4Mzn5M%2FJorUXj2ji559NTN7HYVxh3o0knY9c8xjwR7qqfAA4IgCXyC9LSm4TRFyADiHhs7PYB5R%2B9SkCvPw%2FAywVjOUiffXD4v9B28nAiDGH52%2BgN9x6YhHn20o64tLqNdkHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c9f72569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-message.297347c7.js | 172.67.131.72 | 200 OK | 3.1 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-message.297347c7.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (3238), with no line terminators Hash3ac35a77624b0283d3b1b2e2d8ff33bd 291a82c9d53054b4eb1793c9f4e7b402287de90a e8af9b776af221e5883ef50bcf0f4744dd4bfbd3385e185fbc3e4171d1ccb5cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-message.297347c7.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-c19"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OX3Ek%2BuQYF8Qsj5KTKloBuVe1nRasI1ei%2BoPeImzkPu7ftIZfjK5H8GXq2BHkATo9AkTPM%2Fy4YaX5kCViD2UP%2BISl4obQ55O%2B2VumIEMhzk2MVRMS7fIII5DjqCW2KuPUvkcjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668cb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/index.fb43b925.css | 172.67.131.72 | 200 OK | 176 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/index.fb43b925.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size176 kB (176155 bytes) Hasha19b69cf15f64ef06f14e90533125009 e8eb48abceebf9d19c334fc4263c06370e5bcf26 e1eb701f85879e7ab9b987a92f24789ff0ba8fcb33e8254104d149ef8c8548d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/index.fb43b925.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:52 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-2b01b"
expires: Fri, 26 Apr 2024 01:51:51 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HaFf6k2eEK8j71BhiXkMUAGKPsD9ZDX4UvMCOaa0WaCoXBMbfUVronBu5mRd4oCMbtVxQSGvY%2BxK%2FsOFF1GZ5FWutVz%2FEP8YbmOazQyB9IvnfjyCytPKmnJbyrGEcAn%2BWSLMgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf6a296e569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-button.9829dd99.js | 172.67.131.72 | 200 OK | 4.8 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-button.9829dd99.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeJavaScript source, ASCII text, with very long lines (4997), with no line terminators Hashd429e305346b6d4c81bd2a3aac1f9263 4d53420879bb31f5b459cda04654aba68b70452f a85b75020d66aa375f49b815fc185ab9e0b70578c1174d745080d7c5083efbb5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-button.9829dd99.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-129a"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTNn8zx6omfwFm3vQ93eh%2BosD3oZ5cNLphvc7pFRWrHuB5HQfvdHbKOaWQ%2B5LFVFGafyovjl9tRRTLPXm7eWCUHxiqYRwYM7W03fqylZ6pbJi45MC9e0R8A2U9ksjEuZRiseUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7668c5569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/activity.b0ea2403.js | 172.67.131.72 | 200 OK | 319 B |
URL GET HTTP/3hstebxcjxdgf.shop/assets/activity.b0ea2403.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (324), with no line terminators Hasha6e4d936be30a6b841d24d7fad46c06a 39f265e7742726af17d3bddfeede7952a22bb029 e65852438a3f3a3ea83cafd454346eef9577449fdcb675984b9b698c94c681d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/activity.b0ea2403.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hstebxcjxdgf.shop/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-13f"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRrzvbeCIUC%2B0mshYOHKgLjt34jtcvFHXuzTaIJQ6Oz2p1SNAPlr0tBEP4GR%2BHWTXy70DlQ3KmAlXqQ5xbIjITEp8JsWsmsLJkbhiNMQvv2s7PJXkOt3i0QA7YiNm0z2mvQihQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf7668c9569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-segtab.9cf3936f.css | 172.67.131.72 | 200 OK | 146 B |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-segtab.9cf3936f.css IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with no line terminators Hashcc21bc6c78410c5f952d806ad2bb9743 b3726e7437676928dfc6ee8bbeded1697d8e69f0 21abc3e42fa1c3bfc300878bdb1c07c67ed595a0ba3a76349294f5a35638b717
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-segtab.9cf3936f.css HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:53 GMT
content-type: text/css
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
etag: W/"64f0e6f2-92"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zndduMhKrmR6YlMaegv6SsP4ODXhPKJCB6xpvamCFX9mpBhXFBtFrAj3PW3qqPqOEvOldo%2FFb%2BwxGGEmZ%2Bxnb7wgy7zG3rKp3N1WM%2FJU76%2FdZuDSeHxijxZFhJ%2BzYCGqo36e2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879ecf75f823569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hstebxcjxdgf.shop/assets/tm-app.066f35d0.js | 172.67.131.72 | 200 OK | 2.6 kB |
URL GET HTTP/3hstebxcjxdgf.shop/assets/tm-app.066f35d0.js IP172.67.131.72:443
Requested byhttps://hstebxcjxdgf.shop/ CertificateIssuerLet's Encrypt Subjecthstebxcjxdgf.shop Fingerprint8B:96:07:BA:C3:F4:F8:24:1D:03:28:EF:03:F4:D2:99:62:5A:26:DB ValidityThu, 11 Apr 2024 19:16:15 GMT - Wed, 10 Jul 2024 19:16:14 GMT
File typeASCII text, with very long lines (2762), with no line terminators Hash6109c2eb0ddc742ab563aed7542437ab 25a1442af86d480be75f5c55cd0ac7c9870a11bc 3478b611c5f575ea9de1f34251522e8b70f039b62f4120dd5f7b46bb01f75da6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/tm-app.066f35d0.js HTTP/1.1
Host: hstebxcjxdgf.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hstebxcjxdgf.shop/assets/pages-index-index.b989133a.js
Cookie: _pk_id.2.d764=96771f46f28d9a89.1714053114.; _pk_ses.2.d764=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 13:51:54 GMT
content-type: application/javascript
last-modified: Thu, 31 Aug 2023 19:16:02 GMT
vary: Accept-Encoding
etag: W/"64f0e6f2-a53"
expires: Fri, 26 Apr 2024 01:51:53 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=btTKJT5fISYHNe%2Bbaz0HXwBfJQYA3hPnYJgm%2BOkvW3U6JPHK2bRVTwY19f0%2BoU3iGCFKVPua15k73nC8lWz4MPk976V7sEii9XcRdZXxyOY%2Fm8KI5ddZJsxBe2spejqYZSt8fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879ecf7c9f6e569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|