hjfurtt.icu Open in urlscan Pro
43.134.24.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//...
Effective URL:
https://hjfurtt.icu/qa/
Submission: On July 14 via api (July 14th 2024, 10:09:20 pm UTC) from US — Scanned from SG

Summary HTTP 27 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 27 HTTP transactions. The main IP is 43.134.24.226, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is hjfurtt.icu.
TLS certificate: Issued by R10 on July 11th 2024. Valid for: 3 months.

This is the only time hjfurtt.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Posten Norge (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 28	43.134.24.226 43.134.24.226		132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
27	1

28 43.134.24.226 (Singapore, Singapore) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

hjfurtt.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	hjfurtt.icu 1 redirects hjfurtt.icu	427 KB
27	1

	Domain	Requested by
28	hjfurtt.icu	1 redirects hjfurtt.icu
27	1

This site contains links to these domains. Also see Links.

Domain
www.posten.no
id.posten.no
adressesok.posten.no
www.postennorge.no
www.bring.no

Subject Issuer	Validity	Valid
hjfurtt.icu R10	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hjfurtt.icu/qa/
Frame ID: 2DF8B9B8C754A37F0AF6ECF2A0B58D17
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... HTTP 307
https://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... HTTP 301
https://hjfurtt.icu/qa/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

427 kB
Transfer

1243 kB
Size

0
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.posten.no/

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response hjfurtt.icu/qa/ Redirect Chain http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa//qa//qa/qa/qa//qa//qa//... https://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa//qa//qa/qa/qa//qa//qa/... https://hjfurtt.icu/qa/	2 KB 1 KB	15ms 14ms	Document text/html	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `920a9fe48c93a7f341142cc08d720a55cb333e561f0ded48799881c90b475501` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 14 Jul 2024 22:09:15 GMT ETag W/"666-18fc39895a0" Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 64 Content-Type text/html; charset=utf-8 Date Sun, 14 Jul 2024 22:09:15 GMT Location /qa/ Server nginx/1.24.0 Vary Accept
GET H/1.1	200 OK	index-2b607a54.js Show response hjfurtt.icu/qa/assets/	492 KB 147 KB	30ms 29ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/index-2b607a54.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `ddd3675ab5401d6880021a9fc960413f2aa9ae31aeaa40aa546f7fee2056a2f8` Request headers Referer https://hjfurtt.icu/qa/ Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:14 GMT Server nginx/1.24.0 ETag W/"7b096-18fc398ad10" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f6170fbb8K8a8.css hjfurtt.icu/qa/assets/	952 B 1 KB	54ms 22ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f6170fbb8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"3b8-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 952
GET H/1.1	200 OK	86fb1c54Gtm45.js Show response hjfurtt.icu/qa/assets/	5 KB 2 KB	122ms 121ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/86fb1c54Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `9b33771f461a537e0f8675d3fc297c67e592cba811af36bf71f4a0297c4c104f` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1434-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	404e4081Gtm45.js Show response hjfurtt.icu/qa/assets/	52 KB 17 KB	27ms 27ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/404e4081Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `5b0e1e22e63182f7a5b40dd06487af6bf7010f680798f6ef128f36aa0cd6fc7c` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"d060-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	favicon.ico hjfurtt.icu/	2 KB 2 KB	16ms 14ms	Other image/vnd.microsoft.icon	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `d3f292e1e0313f78382e3b5b5300734fa37a8a98cc774b151e34d85b4bf2057b` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Last-Modified Wed, 29 May 2024 09:05:02 GMT Server nginx/1.24.0 ETag W/"6ac-18fc3987e30" Content-Type image/vnd.microsoft.icon Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 1708
GET H/1.1	200 OK	6c0c2ba6Gtm45.js Show response hjfurtt.icu/qa/assets/	35 KB 11 KB	20ms 18ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/6c0c2ba6Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `fbd70a79ec6210b8cda6e368824de44d4fcec0863463e683592a9b6fa82951a0` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"8a70-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	09bf01f8Gtm45.js Show response hjfurtt.icu/qa/assets/	2 KB 1 KB	23ms 20ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/09bf01f8Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e47d150209ff0a7c7b0bc61990cc6b77e865b4b1584d84b2bdba97b137c0ffa1` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"8cc-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	d7d29c13Gtm45.js Show response hjfurtt.icu/qa/assets/	3 KB 1 KB	23ms 20ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/d7d29c13Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `58becf67b9ddbe9ae289c2c2b54cea624439e9530645518dba52b6f5e7cd0f18` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"ac5-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	05a624e3Gtm45.js Show response hjfurtt.icu/qa/assets/	268 KB 68 KB	71ms 46ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/05a624e3Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `ef938fc71f2ec8f401bb73043ebe43242fe31b2e0ccf8849afb18a2d08f2812c` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"430ee-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	c27b6911Gtm45.js Show response hjfurtt.icu/qa/assets/	2 KB 1 KB	55ms 22ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/c27b6911Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e6797326dabcb03f5cdeeab1eb4da6c7bb8938440831f7932096408322c3abda` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"788-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f79ade9a8K8a8.css hjfurtt.icu/qa/assets/	63 KB 13 KB	44ms 20ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f79ade9a8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f79ade9aafe0d8cd39a9958ae3f77a578b38c8373211f15fac848b9e9331ac23` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"fbf9-18fc39895a0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	a5cbd326Gtm45.js Show response hjfurtt.icu/qa/assets/	6 KB 3 KB	114ms 82ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/a5cbd326Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `3d41dd19eb7790b3b3b5b282e47ae75f9aa3b456df9a442b2ab23a84182c692d` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1841-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	4cd1ec688K8a8.css hjfurtt.icu/qa/assets/	323 B 650 B	43ms 20ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/4cd1ec688K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"143-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 323
POST H/1.1	200 OK	MC4xNDY2MjIxODAyNjU1MDYx Show response hjfurtt.icu/api/	744 B 989 B	94ms 93ms	XHR application/json	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/api/MC4xNDY2MjIxODAyNjU1MDYx Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `d9fd48f2a5e8ffbce057dcce21fc915a9a68bac89b4e45eec533f5a3344f6683` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:09:15 GMT Server nginx/1.24.0 Connection keep-alive ETag W/"2e8-EUmnOupis9/eyHveDSKWuDF2IVA" Content-Length 744 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	f015c267Gtm45.js Show response hjfurtt.icu/qa/assets/	111 KB 33 KB	38ms 37ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2a450a6571e55ac331095260bddaa346cfceed542eea819e961a053f8f9df198` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:15 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1bb07-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	/ Show response hjfurtt.icu/socket.io/	118 B 339 B	48ms 47ms	XHR text/plain	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/socket.io/?EIO=4&transport=polling&t=P2pImBY Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `5ba271a21d38c71184799dba67f73bd7d57b7fd241780c360985b4c76bf8d1bf` Request headers Accept / Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:09:16 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 118 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	9330262fGtm45.js Show response hjfurtt.icu/qa/assets/	113 KB 36 KB	35ms 34ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/9330262fGtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `588315e332e64ef9e95cfb8710001251a3a03d1b846a2bd764ecdc24d244e061` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:16 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1c58c-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f4397ced8K8a8.css hjfurtt.icu/qa/assets/	400 B 727 B	31ms 31ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f4397ced8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:09:16 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"190-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 400
POST H/1.1	200 OK	/ Show response hjfurtt.icu/socket.io/	2 B 205 B	81ms 80ms	XHR text/html	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/socket.io/?EIO=4&transport=polling&t=P2pImCP&sid=bSxBehUSzI9nywgeAR0x Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:09:16 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html

hjfurtt.icu Open in urlscan Pro 43.134.24.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

427 kBTransfer

1243 kBSize

0 Cookies

36 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

hjfurtt.icu Open in urlscan Pro
43.134.24.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

427 kB
Transfer

1243 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!