hjfurtt.icu Open in urlscan Pro
43.134.24.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/q...
Effective URL:
https://hjfurtt.icu/qa/
Submission: On July 14 via api (July 14th 2024, 10:12:37 pm UTC) from US — Scanned from SG

Summary HTTP 32 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 32 HTTP transactions. The main IP is 43.134.24.226, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is hjfurtt.icu.
TLS certificate: Issued by R10 on July 11th 2024. Valid for: 3 months.

This is the only time hjfurtt.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Posten Norge (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 33	43.134.24.226 43.134.24.226		132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
32	1

33 43.134.24.226 (Singapore, Singapore) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

hjfurtt.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	hjfurtt.icu 1 redirects hjfurtt.icu	429 KB
32	1

	Domain	Requested by
33	hjfurtt.icu	1 redirects hjfurtt.icu
32	1

This site contains links to these domains. Also see Links.

Domain
www.posten.no
id.posten.no
adressesok.posten.no
www.postennorge.no
www.bring.no

Subject Issuer	Validity	Valid
hjfurtt.icu R10	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hjfurtt.icu/qa/
Frame ID: 5C5627C6C3AD0EEE6F44A3CE35763D08
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... HTTP 307
https://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... HTTP 301
https://hjfurtt.icu/qa/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

428 kB
Transfer

1243 kB
Size

0
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.posten.no/

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response hjfurtt.icu/qa/ Redirect Chain http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa//qa//qa/qa//qa//qa//qa//qa//qa//qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/... https://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa//qa//qa/qa//qa//qa//qa//qa//qa//qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa/qa... https://hjfurtt.icu/qa/	2 KB 1 KB	61ms 60ms	Document text/html	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `920a9fe48c93a7f341142cc08d720a55cb333e561f0ded48799881c90b475501` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 14 Jul 2024 22:12:30 GMT ETag W/"666-18fc39895a0" Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 64 Content-Type text/html; charset=utf-8 Date Sun, 14 Jul 2024 22:12:30 GMT Location /qa/ Server nginx/1.24.0 Vary Accept
GET H/1.1	200 OK	index-2b607a54.js Show response hjfurtt.icu/qa/assets/	492 KB 147 KB	43ms 42ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/index-2b607a54.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `ddd3675ab5401d6880021a9fc960413f2aa9ae31aeaa40aa546f7fee2056a2f8` Request headers Referer https://hjfurtt.icu/qa/ Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:30 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:14 GMT Server nginx/1.24.0 ETag W/"7b096-18fc398ad10" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f6170fbb8K8a8.css hjfurtt.icu/qa/assets/	952 B 1 KB	115ms 72ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f6170fbb8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:30 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"3b8-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 952
GET H/1.1	200 OK	86fb1c54Gtm45.js Show response hjfurtt.icu/qa/assets/	5 KB 2 KB	75ms 74ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/86fb1c54Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `9b33771f461a537e0f8675d3fc297c67e592cba811af36bf71f4a0297c4c104f` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1434-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	404e4081Gtm45.js Show response hjfurtt.icu/qa/assets/	52 KB 17 KB	300ms 300ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/404e4081Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `5b0e1e22e63182f7a5b40dd06487af6bf7010f680798f6ef128f36aa0cd6fc7c` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"d060-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	favicon.ico hjfurtt.icu/	2 KB 2 KB	161ms 105ms	Other image/vnd.microsoft.icon	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `d3f292e1e0313f78382e3b5b5300734fa37a8a98cc774b151e34d85b4bf2057b` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Last-Modified Wed, 29 May 2024 09:05:02 GMT Server nginx/1.24.0 ETag W/"6ac-18fc3987e30" Content-Type image/vnd.microsoft.icon Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 1708
GET H/1.1	200 OK	6c0c2ba6Gtm45.js Show response hjfurtt.icu/qa/assets/	35 KB 11 KB	224ms 223ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/6c0c2ba6Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `fbd70a79ec6210b8cda6e368824de44d4fcec0863463e683592a9b6fa82951a0` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"8a70-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	09bf01f8Gtm45.js Show response hjfurtt.icu/qa/assets/	2 KB 1 KB	91ms 90ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/09bf01f8Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e47d150209ff0a7c7b0bc61990cc6b77e865b4b1584d84b2bdba97b137c0ffa1` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"8cc-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	d7d29c13Gtm45.js Show response hjfurtt.icu/qa/assets/	3 KB 1 KB	107ms 107ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/d7d29c13Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `58becf67b9ddbe9ae289c2c2b54cea624439e9530645518dba52b6f5e7cd0f18` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"ac5-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	05a624e3Gtm45.js Show response hjfurtt.icu/qa/assets/	268 KB 68 KB	599ms 372ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/05a624e3Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `ef938fc71f2ec8f401bb73043ebe43242fe31b2e0ccf8849afb18a2d08f2812c` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"430ee-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	c27b6911Gtm45.js Show response hjfurtt.icu/qa/assets/	2 KB 1 KB	377ms 151ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/c27b6911Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e6797326dabcb03f5cdeeab1eb4da6c7bb8938440831f7932096408322c3abda` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"788-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f79ade9a8K8a8.css hjfurtt.icu/qa/assets/	63 KB 13 KB	361ms 269ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f79ade9a8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f79ade9aafe0d8cd39a9958ae3f77a578b38c8373211f15fac848b9e9331ac23` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"fbf9-18fc39895a0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	a5cbd326Gtm45.js Show response hjfurtt.icu/qa/assets/	6 KB 3 KB	603ms 359ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/a5cbd326Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `3d41dd19eb7790b3b3b5b282e47ae75f9aa3b456df9a442b2ab23a84182c692d` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1841-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	4cd1ec688K8a8.css hjfurtt.icu/qa/assets/	323 B 650 B	221ms 89ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/4cd1ec688K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:31 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"143-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 323
POST H/1.1	200 OK	MC42MTU4NDY2NTY1NDY3MTkx Show response hjfurtt.icu/api/	748 B 993 B	235ms 233ms	XHR application/json	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/api/MC42MTU4NDY2NTY1NDY3MTkx Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `58caa098ba6b639674514a1661c5f3a2e6611ce6875678cb3cf9e175741fdc3d` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:12:31 GMT Server nginx/1.24.0 Connection keep-alive ETag W/"2ec-vw1TongW5oLJIZDOmEIXcySrEmY" Content-Length 748 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	f015c267Gtm45.js Show response hjfurtt.icu/qa/assets/	111 KB 33 KB	535ms 534ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2a450a6571e55ac331095260bddaa346cfceed542eea819e961a053f8f9df198` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:32 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1bb07-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	/ Show response hjfurtt.icu/socket.io/	118 B 339 B	88ms 88ms	XHR text/plain	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/socket.io/?EIO=4&transport=polling&t=P2pJWEF Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `cfd7e0118cbd2fbfcebe5a04a6072b2b163e0bdad38ff3e86838c627a3459950` Request headers Accept / Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:12:32 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 118 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	9330262fGtm45.js Show response hjfurtt.icu/qa/assets/	113 KB 36 KB	328ms 327ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/9330262fGtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `588315e332e64ef9e95cfb8710001251a3a03d1b846a2bd764ecdc24d244e061` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:32 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1c58c-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f4397ced8K8a8.css hjfurtt.icu/qa/assets/	400 B 727 B	85ms 85ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f4397ced8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:12:32 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"190-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 400
POST H/1.1	200 OK	/ Show response hjfurtt.icu/socket.io/	2 B 205 B	126ms 125ms	XHR text/html	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/socket.io/?EIO=4&transport=polling&t=P2pJWFi&sid=SSaQAIFqsDaJOo7QAR28 Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:12:32 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html

hjfurtt.icu Open in urlscan Pro 43.134.24.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

428 kBTransfer

1243 kBSize

0 Cookies

36 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hjfurtt.icu Open in urlscan Pro
43.134.24.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

428 kB
Transfer

1243 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!