Report - api.stockhubo.com/

Report Overview

Submitted URL
api.stockhubo.com/
IP
104.21.5.128
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 06:18:41
Access
public
Website Title
Telegram Web
Final URL
api.stockhubo.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api.stockhubo.com	unknown	unknown	No data	No data	11 kB	1.3 MB	104.21.5.128
venus.web.telegram.org	47739	2003-12-15	2017-01-29	2024-04-23	842 B	956 B	149.154.167.99
kws2.web.telegram.org	49675	2003-12-15	2021-06-23	2024-04-23	1.7 kB	654 B	149.154.167.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram
2024-04-23	medium	api.stockhubo.com/	Telegram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	api.stockhubo.com/langSign-lcKrqmwM.js	1.6 kB	2024-01-17	2024-05-05
Pretty URL api.stockhubo.com/langSign-lcKrqmwM.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-17 06:06:06 Last Seen2024-05-05 20:18:25 Times Seen131 Hash 044169c42b6e355439c8fcc5fa4ecc57 5933a11ae125770fe2e3e2deb907af978ceff0e8 900f22723c45f67600638812021437a089daa7c2f0a559ebb85a0726183cee79 Loading...

	api.stockhubo.com/lang-6_YFwd9o.js	120 kB	2024-03-30	2024-05-02
Pretty URL api.stockhubo.com/lang-6_YFwd9o.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-30 06:42:58 Last Seen2024-05-02 06:36:54 Times Seen26 Hash ea4ae35b4e5fe0283ee0b975411d3bbc 708335577d0e938f3ae14425ceed901f4c3c9baf 75fe821bc451433c2a795b7a2ba7fee10d0e902693ea36f2371e1051e7d710c0 Loading...

	api.stockhubo.com/textToSvgURL-Z4O-nL1S.js	357 B	2024-01-17	2024-05-05
Pretty URL api.stockhubo.com/textToSvgURL-Z4O-nL1S.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-01-17 06:06:07 Last Seen2024-05-05 20:18:25 Times Seen345 Hash cca1508d96dbfce74dcbaed756d04955 c539ff84caf27c4b22e498662644c07e6893c19a 36cb02e59322028c02c5365bd56cbd129b3eb2fb4aaec625160ca2dc9786a4bd Loading...

	api.stockhubo.com/pageSignQR-B629MX3-.js	5.7 kB	2024-04-05	2024-05-02
Pretty URL api.stockhubo.com/pageSignQR-B629MX3-.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-05 11:57:25 Last Seen2024-05-02 06:36:55 Times Seen17 Hash 562a5e80efcd58c98d1df0af5c26fed7 38ea1457f31556356d727f93282aad0c38b244d3 1ae85f388547fa7d8ffb730ccae4062ec96a37e1053a6c075840bcef16c1a734 Loading...

	api.stockhubo.com/_commonjsHelpers-5-cIlDoe.js	290 B	2024-01-17	2024-05-05
Pretty URL api.stockhubo.com/_commonjsHelpers-5-cIlDoe.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-01-17 06:06:06 Last Seen2024-05-05 20:18:25 Times Seen260 Hash fbb884c7112ff8c4ddb8edc410daae6f 299a8b374572849f5028264e3a7f2e71273f1d06 a8df41d98a0fa3d1cb8c8661377ac1a572beb9cd0b68e968f92d69f7c8331483 Loading...

	api.stockhubo.com/qr-code-styling-ogpV7fl-.js	66 kB	2024-01-17	2024-05-05
Pretty URL api.stockhubo.com/qr-code-styling-ogpV7fl-.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-17 06:06:07 Last Seen2024-05-05 20:18:25 Times Seen200 Hash 692f467d3bba699553f0dbf68094d72f 67582d4bc87b34a61c43ae8f7f3862562d65efa8 6c4900d40f3335423817340edddd7655d96e707156923fcf3cbf5a6520008d6e Loading...

	api.stockhubo.com/index-ftQsXaXA.js	134 kB	2024-04-24	2024-04-30
Pretty URL api.stockhubo.com/index-ftQsXaXA.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 08:18:48 Last Seen2024-04-30 06:27:03 Times Seen3 Hash b2dcea70a806bb04a3c87a23fa812e0a 07c0a626060db04ea59383e935bba41ed53d5d3d 1c947b8311f5e3af7231cf71476e110ecdb0a1d991f33ad24ed5bb5d1aa5004d Loading...

	api.stockhubo.com/countries-lRU-UavE.js	24 kB	2024-01-17	2024-05-05
Pretty URL api.stockhubo.com/countries-lRU-UavE.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-17 06:06:06 Last Seen2024-05-05 20:18:25 Times Seen231 Hash 8629decc51355f74113da86fd8068fe8 d15ccf55d00895dc5d608570afc32348f92904d4 8528a55ba5d25bb2b6463f369b7a2046c08ced5f20256978a06119c0d50d08a2 Loading...

	api.stockhubo.com/page-DPZhpXwX.js	10 kB	2024-04-24	2024-04-30
Pretty URL api.stockhubo.com/page-DPZhpXwX.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 08:18:48 Last Seen2024-04-30 06:27:03 Times Seen6 Hash fc1807d2b1c565a02690759374d15287 001fbea689f442a3f164bffab6ca993b6908134e 40a226aca9b05d89a206984fdcb1eff55afa410331f5a59abca9b087b2139cc6 Loading...

	api.stockhubo.com/button-oIAZa7tA.js	8.8 kB	2024-04-05	2024-05-02
Pretty URL api.stockhubo.com/button-oIAZa7tA.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-05 11:57:24 Last Seen2024-05-02 06:36:55 Times Seen16 Hash 4838a0ff957eff76570cfdbe9984309c 224896b4a0bd0b996c1c978d16656b17e35dd651 dba007df4cb2703cb9b22ad87d8cd497692375086102c0e9bccbf2a4a93cfbe5 Loading...

	api.stockhubo.com/putPreloader-aGABDdh-.js	699 B	2024-04-05	2024-05-02
Pretty URL api.stockhubo.com/putPreloader-aGABDdh-.js IP 104.21.5.128 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-05 11:57:25 Last Seen2024-05-02 06:36:55 Times Seen18 Hash b668f245727d8ed8e64610e2790d7955 0c6b27530e5ae78e8330b0734ed03c9f959a125d 445b31e0452afc9cfaee605cfa7b29d0dc37ba4b941d99614529f68b85a4f7f5 Loading...

HTTP Transactions (30)

URL IP Response Size

api.stockhubo.com/assets/img/favicon-16x16.png?v=jw3mK7G9Ry

104.21.5.128

200 OK

1.0 kB

URL GET HTTP/3
api.stockhubo.com/assets/img/favicon-16x16.png?v=jw3mK7G9Ry
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.0 kB (1012 bytes)
Hash
e3ce05eb00b3215df220efaf0fd06e21
d1533966f79dc2984c34317035f31cf3c91298c9
0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:18 GMT
content-type: image/png
content-length: 1012
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: "3f4-614378822c200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7urI3ZqHDZ6dpzw2%2BOIoviW9r8024b3mI9Oz7u15tw3Ytt2DfA7VBQfr514FBt%2Faihn0TfbJECUuOf1cP%2FC4dArel2HnT8fquya7JbEfKCT83LzxZfjEyaXXiU88aZRb807ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f9a5bbdb7127-OSL
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry

104.21.5.128

200 OK

9.0 kB

URL GET HTTP/3
api.stockhubo.com/assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
9.0 kB (9024 bytes)
Hash
87fecdadac0beb95f9b7c87b3b3236f0
822f92446c0033a32462aa21208efaef1f0d8c3c
25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:18 GMT
content-type: image/png
content-length: 9024
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: "2340-614378822c200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMChbBNuujIpwKqUn%2BRjqa43lt7v5T5TuhC%2FllyA%2FoZrd3OdW%2FSEijAEYL8pwk%2BSG0iqh1ALZI97EhAiH6vTJSYiOEk%2FGe2V5FugKLLnzT5Cpj8JNFhoNECurx7YDogLLWg%2F4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f9a5bbd67127-OSL
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/langSign-lcKrqmwM.js

104.21.5.128

200 OK

976 B

URL GET HTTP/3
api.stockhubo.com/langSign-lcKrqmwM.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (895)
Size
976 B (976 bytes)
Hash
044169c42b6e355439c8fcc5fa4ecc57
5933a11ae125770fe2e3e2deb907af978ceff0e8
900f22723c45f67600638812021437a089daa7c2f0a559ebb85a0726183cee79

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /langSign-lcKrqmwM.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/index-ftQsXaXA.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:17 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"66e-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYUUUadPbpm5k6EsQw7yfkttrk28CQ9OC9SwIP6SkCLjQJyJB%2BFtwFIm6E522etLtPC0mHxMmltNHEOqUgOsOEXGuLGb2tozdf8rA1n4ZloU7cRHc1bAw1MGYzXy6vRnIYqgOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a288e27127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

venus.web.telegram.org/apiw1

149.154.167.99

169 B

URL
venus.web.telegram.org/apiw1
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
c2a982d42f89274763eef2a44fe01030
86e6d53f6478cdd0c05611093d9c55a953454af7
d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a

HTTP Headers

POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
Content-Length: 0
Origin: https://api.stockhubo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2

api.stockhubo.com/mtproto.worker-ekN6-Xzz.js

104.21.5.128

238 kB

URL
api.stockhubo.com/mtproto.worker-ekN6-Xzz.js
IP
104.21.5.128:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
data
Size
238 kB (238487 bytes)
Hash
98070ab43b579aa302c1dcf964b27d6b
8ed33722f83902d2f279948be1c31738d81c08e3
19004b03fbb595acf3308fe8525ca42994aa39b734373574c55def205883d2a5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /mtproto.worker-ekN6-Xzz.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api.stockhubo.com/
Sec-Fetch-Dest: sharedworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/javascript
last-modified: Fri, 29 Mar 2024 10:27:42 GMT
etag: W/"eb921-614ca16fea380-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErIk52aGscRIBJgaSlePhRamP3Pqe2%2BPYCyERXofTRuc9Gsc1YVWUR0QlE6XRv6kji8X1IMtZCbkNbtKynGnCu%2BWVdKv16JaJwUazIfYdGMOqlQOg6qmeb8Uq%2FjAj5sG5j9FaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a278cd7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

kws2.web.telegram.org/apiws

149.154.167.99

0 B

URL
kws2.web.telegram.org/apiws
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.stockhubo.com
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CdSwGeJnJtlbfbKBGi4Rtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 24 Apr 2024 06:18:19 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C8AOwMJ3paP38XjxcAnJ0Ptqh2Y=
Sec-WebSocket-Protocol: binary

kws2.web.telegram.org/apiws

149.154.167.99

0 B

URL
kws2.web.telegram.org/apiws
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.stockhubo.com
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x0PP80kkFwtXaEqFg8wxRQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 24 Apr 2024 06:18:19 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UcR8Bc5nWddWSDws/F3Bb2+gRtM=
Sec-WebSocket-Protocol: binary

venus.web.telegram.org/apiw1

149.154.167.99

169 B

URL
venus.web.telegram.org/apiw1
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
c2a982d42f89274763eef2a44fe01030
86e6d53f6478cdd0c05611093d9c55a953454af7
d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a

HTTP Headers

POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
Content-Length: 0
Origin: https://api.stockhubo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
server: nginx/1.18.0
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2

kws2.web.telegram.org/apiws

149.154.167.99

0 B

URL
kws2.web.telegram.org/apiws
IP
149.154.167.99:0
ASN
#62041 Telegram Messenger Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://api.stockhubo.com
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5bq52d2JjGrYJ+PFI0pStg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Wed, 24 Apr 2024 06:18:19 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8CYKNG7g/A+wEqdZAV97by2GEuA=
Sec-WebSocket-Protocol: binary

api.stockhubo.com/crypto.worker-T8uEdtAd.js

104.21.5.128

200 OK

33 kB

URL GET HTTP/3
api.stockhubo.com/crypto.worker-T8uEdtAd.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (32733 bytes)
Hash
06026fa41e11ac29cae837d4171e000f
08d9171d8cf75e349d06fb3ca03bf80be68268de
19fb2e2b1a73081d0be43d40c28e85d6875138f1f0b89c8a1837c3e806d578b3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /crypto.worker-T8uEdtAd.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:18 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"10d02-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2F6h0R8hvv2HSUimFWb9S1OAEiQo9iXVGGFIVh08X29fG4ZJCPbiWt58V59%2FQF99dJA7k0dqSN4tOyzDX72bpsJppw5SG2LESxxz9Ls%2B4sMJL0VqW0y3BLeK8UmEvBGleUO6JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a258a57127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/button-oIAZa7tA.js

104.21.5.128

200 OK

11 kB

URL GET HTTP/3
api.stockhubo.com/button-oIAZa7tA.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (8748)
Size
11 kB (11122 bytes)
Hash
4838a0ff957eff76570cfdbe9984309c
224896b4a0bd0b996c1c978d16656b17e35dd651
dba007df4cb2703cb9b22ad87d8cd497692375086102c0e9bccbf2a4a93cfbe5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /button-oIAZa7tA.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"2259-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2Q1XRlWvgmzpyP12axdYLqTREZe4j4ZgjkTmjIQMD1H5ne8mCIUFfq2KriR7v834v400RsJ8v2h8s2OxZoySa1FeSCkpHSfQkZ5Ctb5nnFTJoN86ya7KEgi0OD%2B2O2CWlw1hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a8dea87127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/putPreloader-aGABDdh-.js

104.21.5.128

200 OK

8.5 kB

URL GET HTTP/3
api.stockhubo.com/putPreloader-aGABDdh-.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (394)
Size
8.5 kB (8539 bytes)
Hash
b668f245727d8ed8e64610e2790d7955
0c6b27530e5ae78e8330b0734ed03c9f959a125d
445b31e0452afc9cfaee605cfa7b29d0dc37ba4b941d99614529f68b85a4f7f5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /putPreloader-aGABDdh-.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/pageSignQR-B629MX3-.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"2bb-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z72wPYT9h22kahwMHwQysBfzzssGQflN%2FGlCb7bWvhqRziP7rrtHJgaXNAJziPZ5FWB2yRZFEPfmuU4pUlpvDjEU3%2FlHEJs70ekQ99ziYTEf4P%2Ft7tQwWM940fl6%2FdOOqlEptg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9af7cae7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/index-2Xc4-EF7.css

104.21.5.128

200 OK

458 kB

URL GET HTTP/3
api.stockhubo.com/index-2Xc4-EF7.css
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type

Size
458 kB (458459 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /index-2Xc4-EF7.css HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:17 GMT
content-type: text/css
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"6fedb-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdDYqrf9E2QxALuUUUYI6m1XOjaxoOY57NMjqEY26jFXvBRWDZzVCrXmjqwHgxaRbFyvIbxmPGLlFP7T1lpA3a3y4MR29V8ZACAaM8Q8iHVInXbQEe9kRiuxAaBJe%2FTEwoIQRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9996f957127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

104.21.5.128

200 OK

11 kB

URL GET HTTP/3
api.stockhubo.com/assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11016, version 1.0
Size
11 kB (11016 bytes)
Hash
15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/index-2Xc4-EF7.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:17 GMT
content-type: font/woff2
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"2b08-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fiHYW%2FSwxeCpLLscRaIuh%2BBMSFvno2bQ2fkqE94GZNmWreBt9NmV08bvN8BVRkYevNchpvutf0kP50LCSSEZaGKrw1bPg%2BdINhWb0aUSjPKN1QPkTcaWUB1IFXne6QICxAjQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a248947127-OSL
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/lang-6_YFwd9o.js

104.21.5.128

200 OK

120 kB

URL GET HTTP/3
api.stockhubo.com/lang-6_YFwd9o.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type

Size
120 kB (120212 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /lang-6_YFwd9o.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/index-ftQsXaXA.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:18 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"1d594-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nf0V3x0PmHPMckG5h68DxJYpGAU3oI5CkEQ9quaSPvexQHxebQJoUamh8pYp6Da%2BHzj4ftX2SBmkL%2BbntxI4FF%2Fn32VgezWAfjUHAOWC0e2YvkQSeBnqlWucPD1yxM2JstfNZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a288e17127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/

104.21.5.128

200 OK

14 kB

URL User Request GET HTTP/2
api.stockhubo.com/
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
HTML document, ASCII text, with very long lines (1757)
Size
14 kB (13603 bytes)
Hash
db94d553f131cd094c5ce56ff1d9ad21
4fbd77cd0b99d921250383848dac0ad85db55e55
b8ccf6e4fe1a22b94f2c5f1c9c75537ec299ecdd0327c8e2a552bfe9b5b257ed

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET / HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:18:15 GMT
content-type: text/html
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yq4Oex5AvWYLE7iuDR9zYhhkHgz5okOvIuHhTOWKt0AlPegRJGMbSHV7NcPvvyyN%2F8%2FRlKL17H7VvX8JeJKRr3fzjjBQOX1HkaGvnZ9unGzVaMsNXZgvWwEIN0CVaLF7vBj54w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9946c1c56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.stockhubo.com/pageSignQR-B629MX3-.js

104.21.5.128

200 OK

5.7 kB

URL GET HTTP/3
api.stockhubo.com/pageSignQR-B629MX3-.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (5843), with no line terminators
Size
5.7 kB (5679 bytes)
Hash
4287afb5d141329356228d420d22e518
01f01d096a75a6224afe80e81bf6772faacc30f2
1c1fd44dcb3acacc88e940c0a7af9510c8211362b8f25b4755d4f9d1e82b3e43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /pageSignQR-B629MX3-.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:18 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"162f-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F0dQCtcytD6MsmjCXJ5Xv1jSX4xz2q%2FHnvZUzWOfl%2FEvnfhi6Q9y87CvFU9faZbYM%2BK1H7iARIOIaqvTYF5bASf9aXRa065vfWc6ENq9KSdMObv%2Fbt8WciP6OAQjZ3aAksSO%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a8ce9e7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/textToSvgURL-Z4O-nL1S.js

104.21.5.128

200 OK

357 B

URL GET HTTP/3
api.stockhubo.com/textToSvgURL-Z4O-nL1S.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (361), with no line terminators
Size
357 B (357 bytes)
Hash
ff952a1906b1e9ef3501e8c65ff243a3
36b668a369b468289ac28cfc0b54fb5d98616307
d22301195742b33be097070eaa8daf0be744b17f23b9e5e1d467f5ef94af765f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/pageSignQR-B629MX3-.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"165-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkE0tN4oCXkkPzEIV0ryALqiyC7b8YF7TWLogrnRStsRiCexeqo7%2FFw3Wr1aRS3lIzWuuyJ3WbBD7dsQix24P8IZvwclleD5Mp4qWAUxKe054TKKIpaKvn6QR7pdGxjD1%2FdGWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9af7cb27127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/page-DPZhpXwX.js

104.21.5.128

200 OK

10 kB

URL GET HTTP/3
api.stockhubo.com/page-DPZhpXwX.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (10306)
Size
10 kB (10349 bytes)
Hash
fc1807d2b1c565a02690759374d15287
001fbea689f442a3f164bffab6ca993b6908134e
40a226aca9b05d89a206984fdcb1eff55afa410331f5a59abca9b087b2139cc6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /page-DPZhpXwX.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/pageSignQR-B629MX3-.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"286d-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieDOFH3yYohpwSeQVRE%2FLycQtrm6VktTPJgIDLd0RjAyDRbv37zVPeILsnP72YORUZgsEPwHZaL4oNI%2F7W80yss2eN7rk1QwzTbn9Vjmj2NdszqeeqDGCKVFAC5GizNuswCeUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9af7cab7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/index-ftQsXaXA.js

104.21.5.128

200 OK

134 kB

URL GET HTTP/3
api.stockhubo.com/index-ftQsXaXA.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type

Size
134 kB (134358 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /index-ftQsXaXA.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:17 GMT
content-type: text/javascript
last-modified: Fri, 29 Mar 2024 10:26:34 GMT
etag: W/"20cd6-614ca12f10a80-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yn8K%2F95%2FBXkW%2Bw4MK7UuNr24W5SFS8rKt%2B3%2FoVHly4JhDqC3J5n8svY99t%2BiGsMt42%2B9AlIvo%2BqL5iJ9miEtoEoSGOOYPwRovfWP%2BU%2FASGk04vNoiWXM%2BFoovn2rZvoAE0TmPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9996f927127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/_commonjsHelpers-5-cIlDoe.js

104.21.5.128

200 OK

290 B

URL GET HTTP/3
api.stockhubo.com/_commonjsHelpers-5-cIlDoe.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (302), with no line terminators
Size
290 B (290 bytes)
Hash
2c4d6d27d76dee6e31a5e78877faba51
6a2773032cf08261b695305eb75b6aa25fb91d77
0d9af4fa5be8e6567f6e919c636e66546d0e1394b45f8140456512ae5dc690b0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/qr-code-styling-ogpV7fl-.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:20 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"122-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWtSgkAwZ%2FLqUeCzqpGG7KQ5ZfiJ%2Bn%2FJMh50rc3lRhaSFB6Cihmne33sR19GXFEayMAs%2BW0Pz%2BCMplliLflS9WfiEBQHvkqjR98xvYPsrPEOwFsSSxvV6gQP4W%2FdqazDKJQ6pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9b65a187127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/assets/img/logo_padded.svg

104.21.5.128

200 OK

1.1 kB

URL GET HTTP/3
api.stockhubo.com/assets/img/logo_padded.svg
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1069 bytes)
Hash
4c0b48654a4881c325148a5e00964160
d7d21756c9dd4c1bf4d97087811745aad60506a0
7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/img/logo_padded.svg HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:21 GMT
content-type: image/svg+xml
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"42d-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8AppCnlxYBL6QnUq4xxZnMOtC47ZVskROL5kY%2B%2F3U7FpVh41pjEl8hvJ0BqNlvnhjqqPf9NOlT0%2FrHa5BCr6Omk08ZBJYiNz6EuuqWif08SvJN8qcxZHPZrSSrkv52XSbPTiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9b94e557127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/countries-lRU-UavE.js

104.21.5.128

200 OK

24 kB

URL GET HTTP/3
api.stockhubo.com/countries-lRU-UavE.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type

Size
24 kB (24097 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /countries-lRU-UavE.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/index-ftQsXaXA.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:18 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"5e21-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9tsuhzZPYG8LIHykveJ4NcygXvmV5ZY4kX9PvAE8A9JXF3b%2BnMmTlqT4qZK8XiB2H%2BtYtnU9xDpM%2BwTQlJxg%2BfD6T93x4o7UrNohnd0F04Sb499h4MnjGxJj19Yq0%2BqonLK0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a298e57127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/qr-code-styling-ogpV7fl-.js

104.21.5.128

200 OK

66 kB

URL GET HTTP/3
api.stockhubo.com/qr-code-styling-ogpV7fl-.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type

Size
66 kB (66132 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/pageSignQR-B629MX3-.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:20 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"10254-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1NE8fTskqKtKz9sHj7Gl71sNXFQtqkYRRz6jRhd9XuF8K%2B7eBreSa5nZTRAU35QLF32pHoxT3i%2F5Q1Dp%2BQJrU9D5FxufA1nYOiwuWCtSthiMnIeYis0YbaFHLtw9I7ebYNYPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9afacdd7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

104.21.5.128

200 OK

11 kB

URL GET HTTP/3
api.stockhubo.com/assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11056, version 1.0
Size
11 kB (11056 bytes)
Hash
07db243db21ed0a6b4ff05ff429686b7
5d62925fdd7ed8e80f206d095ed093994f13d276
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /assets/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/index-2Xc4-EF7.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:21 GMT
content-type: font/woff2
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"2b30-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HnxGv6yoQT6TOTibZI%2BTf9X3pL7CN39PdDxhg90HhQlGoUzUtUc9x14wKDQ5hRMa0dqXV8VQbyF9jAoQR0%2FS6tvcD3uGw9noYWPqnsIXXqYtelTACSRDkUCKGveBACXAURNy6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9b66a497127-OSL
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/qr-code-styling-ogpV7fl-.js

104.21.5.128

200 OK

66 kB

URL GET HTTP/3
api.stockhubo.com/qr-code-styling-ogpV7fl-.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type

Size
66 kB (66132 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /qr-code-styling-ogpV7fl-.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:20 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"10254-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vMPnup9BIW4051wCcJKGEttmEq1d6TxPTa4QVj0p71fDJZtqv1DqaEI%2B6fPFymSQC0of6zDojK6PH15wGD%2B77o%2Bp8OQSy%2BPoaf3%2B6JIsUsxdQMM3zAg0291NvdfgMjr1dXm9OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9afacdb7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/page-DPZhpXwX.js

104.21.5.128

200 OK

10 kB

URL GET HTTP/3
api.stockhubo.com/page-DPZhpXwX.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (10306)
Size
10 kB (10349 bytes)
Hash
fc1807d2b1c565a02690759374d15287
001fbea689f442a3f164bffab6ca993b6908134e
40a226aca9b05d89a206984fdcb1eff55afa410331f5a59abca9b087b2139cc6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /page-DPZhpXwX.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:18 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"286d-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2Bs%2BEJFpywqke0eq6eE7R2P%2FjKI%2BQg%2Futy2IoLdE0H4Ji8caosSi3QzyaDXLpa43DB1VJXk9EIv%2Fmx6zWFizsPQDk9U5xeUt8m4IGxMobrfys%2FKg1GvHgQqL7sJ6FqrcDJ92vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a8cea07127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/textToSvgURL-Z4O-nL1S.js

104.21.5.128

200 OK

357 B

URL GET HTTP/3
api.stockhubo.com/textToSvgURL-Z4O-nL1S.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (361), with no line terminators
Size
357 B (357 bytes)
Hash
ff952a1906b1e9ef3501e8c65ff243a3
36b668a369b468289ac28cfc0b54fb5d98616307
d22301195742b33be097070eaa8daf0be744b17f23b9e5e1d467f5ef94af765f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /textToSvgURL-Z4O-nL1S.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"165-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98JRLXyV%2FppinTu4ZR%2FjbICwx%2FWgwlGSQbam%2B7rRPjBZzVWtB9gNzn8QykwIE1Qi7lJvGVls5TySZlU1TmKAgzQjeKKiGKu7flsUrmKRnXDXiA4xAGkhPSxU6t1MQVJhwYmQmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a8deac7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/pageSignQR-B629MX3-.js

104.21.5.128

200 OK

5.7 kB

URL GET HTTP/3
api.stockhubo.com/pageSignQR-B629MX3-.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (5843), with no line terminators
Size
5.7 kB (5679 bytes)
Hash
4287afb5d141329356228d420d22e518
01f01d096a75a6224afe80e81bf6772faacc30f2
1c1fd44dcb3acacc88e940c0a7af9510c8211362b8f25b4755d4f9d1e82b3e43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /pageSignQR-B629MX3-.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.stockhubo.com/index-ftQsXaXA.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:19 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"162f-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iNEWvwpuM1%2F3F0TjYE%2BweZ2J%2FWZ8BFcYJwvwKT3C2mgO%2F9kbhZ7pUdNUlSPfiM8PaUW0hBiy5PM6%2FUtLpixmgXV1Cnb3c2nPBG7XhjXRWO%2BNK%2F%2B2YQW5mEkG8FZdyy5eagoPfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9a8dead7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.stockhubo.com/_commonjsHelpers-5-cIlDoe.js

104.21.5.128

200 OK

290 B

URL GET HTTP/3
api.stockhubo.com/_commonjsHelpers-5-cIlDoe.js
IP
104.21.5.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://api.stockhubo.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectstockhubo.com
Fingerprint31:D1:0E:9C:2F:4E:A0:B9:20:2D:5F:ED:B9:96:5D:27:74:E1:F5:AA
ValidityWed, 10 Apr 2024 03:52:44 GMT - Tue, 09 Jul 2024 03:52:43 GMT

File type
ASCII text, with very long lines (302), with no line terminators
Size
290 B (290 bytes)
Hash
2c4d6d27d76dee6e31a5e78877faba51
6a2773032cf08261b695305eb75b6aa25fb91d77
0d9af4fa5be8e6567f6e919c636e66546d0e1394b45f8140456512ae5dc690b0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Telegram

HTTP Headers

GET /_commonjsHelpers-5-cIlDoe.js HTTP/1.1
Host: api.stockhubo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://api.stockhubo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:18:20 GMT
content-type: text/javascript
last-modified: Fri, 22 Mar 2024 03:36:40 GMT
etag: W/"122-614378822c200-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5j2lV8dXrzOSEzQzwdVdN0pbFoJZYyKiGhGGbvL%2BGCXASt3UTJP%2F%2FpIRrSzFdbUMCe06TqpJEFChapaDdjO97tdBpxu1yLkCy%2FlYqznEx%2Bm8zgMEcel5BryOm0E7nZ2KpCdFjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f9afacdc7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML