hjfurtt.icu Open in urlscan Pro
43.134.24.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/q...
Effective URL:
https://hjfurtt.icu/qa/
Submission: On July 14 via api (July 14th 2024, 10:18:52 pm UTC) from US — Scanned from SG

Summary HTTP 33 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 33 HTTP transactions. The main IP is 43.134.24.226, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is hjfurtt.icu.
TLS certificate: Issued by R10 on July 11th 2024. Valid for: 3 months.

This is the only time hjfurtt.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Posten Norge (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 34	43.134.24.226 43.134.24.226		132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
33	1

34 43.134.24.226 (Singapore, Singapore) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

hjfurtt.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	hjfurtt.icu 1 redirects hjfurtt.icu	429 KB
33	1

	Domain	Requested by
34	hjfurtt.icu	1 redirects hjfurtt.icu
33	1

This site contains links to these domains. Also see Links.

Domain
www.posten.no
id.posten.no
adressesok.posten.no
www.postennorge.no
www.bring.no

Subject Issuer	Validity	Valid
hjfurtt.icu R10	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hjfurtt.icu/qa/
Frame ID: 3EAA2D75E554F48D3F35A7E818D2F78A
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... HTTP 307
https://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... HTTP 301
https://hjfurtt.icu/qa/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

429 kB
Transfer

1243 kB
Size

0
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.posten.no/

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response hjfurtt.icu/qa/ Redirect Chain http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa//qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//q... https://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa//qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... https://hjfurtt.icu/qa/	2 KB 1 KB	52ms 52ms	Document text/html	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `920a9fe48c93a7f341142cc08d720a55cb333e561f0ded48799881c90b475501` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 14 Jul 2024 22:18:45 GMT ETag W/"666-18fc39895a0" Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 64 Content-Type text/html; charset=utf-8 Date Sun, 14 Jul 2024 22:18:45 GMT Location /qa/ Server nginx/1.24.0 Vary Accept
GET H/1.1	200 OK	index-2b607a54.js Show response hjfurtt.icu/qa/assets/	492 KB 147 KB	31ms 30ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/index-2b607a54.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `ddd3675ab5401d6880021a9fc960413f2aa9ae31aeaa40aa546f7fee2056a2f8` Request headers Referer https://hjfurtt.icu/qa/ Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:45 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:14 GMT Server nginx/1.24.0 ETag W/"7b096-18fc398ad10" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f6170fbb8K8a8.css hjfurtt.icu/qa/assets/	952 B 1 KB	52ms 19ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f6170fbb8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:45 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"3b8-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 952
GET H/1.1	200 OK	86fb1c54Gtm45.js Show response hjfurtt.icu/qa/assets/	5 KB 2 KB	109ms 108ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/86fb1c54Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `9b33771f461a537e0f8675d3fc297c67e592cba811af36bf71f4a0297c4c104f` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:46 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1434-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	404e4081Gtm45.js Show response hjfurtt.icu/qa/assets/	52 KB 17 KB	437ms 437ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/404e4081Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `5b0e1e22e63182f7a5b40dd06487af6bf7010f680798f6ef128f36aa0cd6fc7c` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:46 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"d060-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	favicon.ico hjfurtt.icu/	2 KB 2 KB	284ms 198ms	Other image/vnd.microsoft.icon	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `d3f292e1e0313f78382e3b5b5300734fa37a8a98cc774b151e34d85b4bf2057b` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:46 GMT Last-Modified Wed, 29 May 2024 09:05:02 GMT Server nginx/1.24.0 ETag W/"6ac-18fc3987e30" Content-Type image/vnd.microsoft.icon Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 1708
GET H/1.1	200 OK	6c0c2ba6Gtm45.js Show response hjfurtt.icu/qa/assets/	35 KB 11 KB	134ms 134ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/6c0c2ba6Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `fbd70a79ec6210b8cda6e368824de44d4fcec0863463e683592a9b6fa82951a0` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"8a70-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	09bf01f8Gtm45.js Show response hjfurtt.icu/qa/assets/	2 KB 1 KB	20ms 19ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/09bf01f8Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e47d150209ff0a7c7b0bc61990cc6b77e865b4b1584d84b2bdba97b137c0ffa1` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"8cc-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	d7d29c13Gtm45.js Show response hjfurtt.icu/qa/assets/	3 KB 1 KB	367ms 366ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/d7d29c13Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `58becf67b9ddbe9ae289c2c2b54cea624439e9530645518dba52b6f5e7cd0f18` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"ac5-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	05a624e3Gtm45.js Show response hjfurtt.icu/qa/assets/	268 KB 68 KB	684ms 456ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/05a624e3Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `ef938fc71f2ec8f401bb73043ebe43242fe31b2e0ccf8849afb18a2d08f2812c` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"430ee-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	c27b6911Gtm45.js Show response hjfurtt.icu/qa/assets/	2 KB 1 KB	545ms 215ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/c27b6911Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e6797326dabcb03f5cdeeab1eb4da6c7bb8938440831f7932096408322c3abda` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"788-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f79ade9a8K8a8.css hjfurtt.icu/qa/assets/	63 KB 13 KB	224ms 205ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f79ade9a8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f79ade9aafe0d8cd39a9958ae3f77a578b38c8373211f15fac848b9e9331ac23` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"fbf9-18fc39895a0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	a5cbd326Gtm45.js Show response hjfurtt.icu/qa/assets/	6 KB 3 KB	610ms 243ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/a5cbd326Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `3d41dd19eb7790b3b3b5b282e47ae75f9aa3b456df9a442b2ab23a84182c692d` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1841-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	4cd1ec688K8a8.css hjfurtt.icu/qa/assets/	323 B 650 B	326ms 192ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/4cd1ec688K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"143-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 323
POST H/1.1	200 OK	MC41MDk1MDk0Njg2MjQzOTk3 Show response hjfurtt.icu/api/	748 B 993 B	377ms 374ms	XHR application/json	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/api/MC41MDk1MDk0Njg2MjQzOTk3 Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `3392a2a4b6918df99d0b6a0fe2ca05c3e55232c9ecd77a62d5c55d01ad28f7d9` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:18:47 GMT Server nginx/1.24.0 Connection keep-alive ETag W/"2ec-NNQ2J2NtmAX/U0LyfuH6wtHjbwo" Content-Length 748 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	f015c267Gtm45.js Show response hjfurtt.icu/qa/assets/	111 KB 33 KB	602ms 602ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2a450a6571e55ac331095260bddaa346cfceed542eea819e961a053f8f9df198` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:47 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1bb07-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	/ Show response hjfurtt.icu/socket.io/	118 B 339 B	127ms 127ms	XHR text/plain	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/socket.io/?EIO=4&transport=polling&t=P2pKxyb Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `c3eacd34901f01ffb94cefbfe563a2f8237c4845ab8f475e962fa0e082aaea67` Request headers Accept / Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:18:48 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 118 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	9330262fGtm45.js Show response hjfurtt.icu/qa/assets/	113 KB 36 KB	202ms 202ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/9330262fGtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `588315e332e64ef9e95cfb8710001251a3a03d1b846a2bd764ecdc24d244e061` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:48 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1c58c-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f4397ced8K8a8.css hjfurtt.icu/qa/assets/	400 B 727 B	97ms 97ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f4397ced8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:18:48 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"190-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 400
POST H/1.1	200 OK	/ Show response hjfurtt.icu/socket.io/	2 B 205 B	177ms 177ms	XHR text/html	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/socket.io/?EIO=4&transport=polling&t=P2pKx-f&sid=_Ih0cK03WfR19t_tAR6M Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:18:48 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html

hjfurtt.icu Open in urlscan Pro 43.134.24.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

429 kBTransfer

1243 kBSize

0 Cookies

36 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hjfurtt.icu Open in urlscan Pro
43.134.24.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

429 kB
Transfer

1243 kB
Size

0
Cookies

33 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!