hjfurtt.icu Open in urlscan Pro
43.134.24.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//...
Effective URL:
https://hjfurtt.icu/qa/
Submission: On July 14 via api (July 14th 2024, 10:06:05 pm UTC) from US — Scanned from SG

Summary HTTP 29 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 29 HTTP transactions. The main IP is 43.134.24.226, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is hjfurtt.icu.
TLS certificate: Issued by R10 on July 11th 2024. Valid for: 3 months.

This is the only time hjfurtt.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Posten Norge (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 30	43.134.24.226 43.134.24.226		132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
29	1

30 43.134.24.226 (Singapore, Singapore) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

hjfurtt.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	hjfurtt.icu 1 redirects hjfurtt.icu	428 KB
29	1

	Domain	Requested by
30	hjfurtt.icu	1 redirects hjfurtt.icu
29	1

This site contains links to these domains. Also see Links.

Domain
www.posten.no
id.posten.no
adressesok.posten.no
www.postennorge.no
www.bring.no

Subject Issuer	Validity	Valid
hjfurtt.icu R10	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hjfurtt.icu/qa/
Frame ID: BC1854092F8D5369095CB314A6D9122B
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... HTTP 307
https://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//... HTTP 301
https://hjfurtt.icu/qa/ Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

428 kB
Transfer

1243 kB
Size

0
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.posten.no/

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response hjfurtt.icu/qa/ Redirect Chain http://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa//qa/qa//qa//qa//qa/ https://hjfurtt.icu/qa?qfi=vaxorbbluu/qa/qa//qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa/qa/qa//qa//qa//qa//qa//qa//qa//qa//qa//qa/qa//qa/qa//qa//qa//qa/ https://hjfurtt.icu/qa/	2 KB 1 KB	51ms 51ms	Document text/html	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `920a9fe48c93a7f341142cc08d720a55cb333e561f0ded48799881c90b475501` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 14 Jul 2024 22:05:59 GMT ETag W/"666-18fc39895a0" Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 64 Content-Type text/html; charset=utf-8 Date Sun, 14 Jul 2024 22:05:59 GMT Location /qa/ Server nginx/1.24.0 Vary Accept
GET H/1.1	200 OK	index-2b607a54.js Show response hjfurtt.icu/qa/assets/	492 KB 147 KB	103ms 102ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/index-2b607a54.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `ddd3675ab5401d6880021a9fc960413f2aa9ae31aeaa40aa546f7fee2056a2f8` Request headers Referer https://hjfurtt.icu/qa/ Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:05:59 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:14 GMT Server nginx/1.24.0 ETag W/"7b096-18fc398ad10" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f6170fbb8K8a8.css hjfurtt.icu/qa/assets/	952 B 1 KB	170ms 66ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f6170fbb8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:05:59 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"3b8-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 952
GET H/1.1	200 OK	86fb1c54Gtm45.js Show response hjfurtt.icu/qa/assets/	5 KB 2 KB	58ms 57ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/86fb1c54Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `9b33771f461a537e0f8675d3fc297c67e592cba811af36bf71f4a0297c4c104f` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:05:59 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1434-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	404e4081Gtm45.js Show response hjfurtt.icu/qa/assets/	52 KB 17 KB	227ms 226ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/404e4081Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `5b0e1e22e63182f7a5b40dd06487af6bf7010f680798f6ef128f36aa0cd6fc7c` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:05:59 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"d060-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	favicon.ico hjfurtt.icu/	2 KB 2 KB	96ms 49ms	Other image/vnd.microsoft.icon	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `d3f292e1e0313f78382e3b5b5300734fa37a8a98cc774b151e34d85b4bf2057b` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Last-Modified Wed, 29 May 2024 09:05:02 GMT Server nginx/1.24.0 ETag W/"6ac-18fc3987e30" Content-Type image/vnd.microsoft.icon Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 1708
GET H/1.1	200 OK	6c0c2ba6Gtm45.js Show response hjfurtt.icu/qa/assets/	35 KB 11 KB	170ms 169ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/6c0c2ba6Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `fbd70a79ec6210b8cda6e368824de44d4fcec0863463e683592a9b6fa82951a0` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"8a70-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	09bf01f8Gtm45.js Show response hjfurtt.icu/qa/assets/	2 KB 1 KB	42ms 41ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/09bf01f8Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e47d150209ff0a7c7b0bc61990cc6b77e865b4b1584d84b2bdba97b137c0ffa1` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"8cc-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	d7d29c13Gtm45.js Show response hjfurtt.icu/qa/assets/	3 KB 1 KB	42ms 42ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/d7d29c13Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `58becf67b9ddbe9ae289c2c2b54cea624439e9530645518dba52b6f5e7cd0f18` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"ac5-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	05a624e3Gtm45.js Show response hjfurtt.icu/qa/assets/	268 KB 68 KB	181ms 74ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/05a624e3Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `ef938fc71f2ec8f401bb73043ebe43242fe31b2e0ccf8849afb18a2d08f2812c` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:10 GMT Server nginx/1.24.0 ETag W/"430ee-18fc3989d70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	c27b6911Gtm45.js Show response hjfurtt.icu/qa/assets/	2 KB 1 KB	183ms 71ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/c27b6911Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `e6797326dabcb03f5cdeeab1eb4da6c7bb8938440831f7932096408322c3abda` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"788-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f79ade9a8K8a8.css hjfurtt.icu/qa/assets/	63 KB 13 KB	105ms 63ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f79ade9a8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f79ade9aafe0d8cd39a9958ae3f77a578b38c8373211f15fac848b9e9331ac23` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"fbf9-18fc39895a0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	a5cbd326Gtm45.js Show response hjfurtt.icu/qa/assets/	6 KB 3 KB	183ms 72ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/a5cbd326Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `3d41dd19eb7790b3b3b5b282e47ae75f9aa3b456df9a442b2ab23a84182c692d` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1841-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	4cd1ec688K8a8.css hjfurtt.icu/qa/assets/	323 B 650 B	110ms 68ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/4cd1ec688K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `4cd1ec684ce1c4f864a8e95f9f7695c7f708160192531ff8e55fc5023abf5b64` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:00 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"143-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 323
POST H/1.1	200 OK	MC4yNTM3NDU5Mzc0Mzc2Mzcy Show response hjfurtt.icu/api/	744 B 989 B	145ms 144ms	XHR application/json	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/api/MC4yNTM3NDU5Mzc0Mzc2Mzcy Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `6678a6fe0ed1147116c59742b8e0a0b72dc182aa25b96f8572515cfc5ee5b82a` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/encrypt Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:06:00 GMT Server nginx/1.24.0 Connection keep-alive ETag W/"2e8-64EW9WhAML1pKftWWuEmcPgpqic" Content-Length 744 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	f015c267Gtm45.js Show response hjfurtt.icu/qa/assets/	111 KB 33 KB	60ms 59ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2a450a6571e55ac331095260bddaa346cfceed542eea819e961a053f8f9df198` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:01 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1bb07-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	/ Show response hjfurtt.icu/socket.io/	118 B 339 B	88ms 88ms	XHR text/plain	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/socket.io/?EIO=4&transport=polling&t=P2pI0dh Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `9584da9cc8d23982659cf022ad179595c21f96dbd67eb4f079e190b1dac229a5` Request headers Accept / Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:06:01 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 118 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	9330262fGtm45.js Show response hjfurtt.icu/qa/assets/	113 KB 36 KB	154ms 154ms	Script application/javascript	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/9330262fGtm45.js Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `588315e332e64ef9e95cfb8710001251a3a03d1b846a2bd764ecdc24d244e061` Request headers Referer Origin https://hjfurtt.icu User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:01 GMT Content-Encoding gzip Last-Modified Wed, 29 May 2024 09:05:12 GMT Server nginx/1.24.0 ETag W/"1c58c-18fc398a540" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive
GET H/1.1	200 OK	f4397ced8K8a8.css hjfurtt.icu/qa/assets/	400 B 727 B	84ms 83ms	Stylesheet text/css	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/qa/assets/f4397ced8K8a8.css Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/index-2b607a54.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917` Request headers Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sun, 14 Jul 2024 22:06:01 GMT Last-Modified Wed, 29 May 2024 09:05:08 GMT Server nginx/1.24.0 ETag W/"190-18fc39895a0" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 400
POST H/1.1	200 OK	/ Show response hjfurtt.icu/socket.io/	2 B 205 B	114ms 112ms	XHR text/html	43.134.24.226 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://hjfurtt.icu/socket.io/?EIO=4&transport=polling&t=P2pI0f7&sid=CoGTpFd1hisehWrXAR0E Requested by Host: hjfurtt.icu URL: https://hjfurtt.icu/qa/assets/f015c267Gtm45.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 43.134.24.226 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx/1.24.0 / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer https://hjfurtt.icu/qa/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Sun, 14 Jul 2024 22:06:01 GMT cache-control no-store Server nginx/1.24.0 Connection keep-alive Content-Length 2 Content-Type text/html

hjfurtt.icu Open in urlscan Pro 43.134.24.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

428 kBTransfer

1243 kBSize

0 Cookies

36 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hjfurtt.icu Open in urlscan Pro
43.134.24.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

428 kB
Transfer

1243 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!