Report - qu.ax

Report Overview

Visitedpublic

2024-12-30 21:55:34

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-25	1.1 kB	75 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-25	450 B	27 kB	142.250.74.106
tianji.1337.la	unknown	unknown	No data	No data	1.4 kB	9.2 kB	88.198.51.12
cdn.tailwindcss.com	422202	2017-07-20	2018-07-09	2024-12-25	778 B	815 kB	172.67.41.16
qu.ax	unknown	2019-10-23	2019-12-22	2024-12-25	2.5 kB	72 kB	188.245.212.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-12-30 21:55:09	low	Client IP	188.245.212.27	ET INFO Observed Anonymous File Sharing Service Domain (qu .ax) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	cdn.tailwindcss.com/	ScriptElement	407 kB	2024-12-07	2025-08-01
URL cdn.tailwindcss.com/ IP / ASN 172.67.41.16 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-07 Last Seen 2025-08-01 Times Seen 3883 Size 407 kB (407279 bytes) MD5 2697bf25afb0982dfa17c73536f934c1 SHA1 7d7db122d0639cd1f1a53eb6018d6d713d312679 SHA256 fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea Format Code Loading...

	qu.ax/	ScriptElement	2.2 kB	2024-12-01	2025-03-02
URL qu.ax/ IP / ASN 188.245.212.27 #24940 Hetzner Online GmbH Introduced by ScriptElement Embedded true Resource Info First Seen 2024-12-01 Last Seen 2025-03-02 Times Seen 9 Size 2.2 kB (2223 bytes) MD5 a845256b30889475feffe9cc24368bc7 SHA1 227347b635810a96d34a6f2fb2dea2f4ccc35ede SHA256 16f5146338ea9ed419003afe8b459dfdd53af476c65ca0a3301c389e2aa81cd9 Format Code Loading...

	tianji.1337.la/tracker.js	ScriptElement	2.5 kB	2024-10-25	2025-07-27
URL tianji.1337.la/tracker.js IP / ASN 88.198.51.12 #24940 Hetzner Online GmbH Introduced by ScriptElement Embedded false Resource Info First Seen 2024-10-25 Last Seen 2025-07-27 Times Seen 47 Size 2.5 kB (2519 bytes) MD5 200487c46a5a5e459bedf17b3f92fab6 SHA1 a8fe52bf9380dbba592e118aaee37b76e86c3a2c SHA256 8b9f7ca84af6c55eee1a711cfb597b6d103d26cb846422a7f4f0800986e5900b Format Code Loading...

	qu.ax/static/js/main2.js	ScriptElement	14 kB	2024-12-01	2025-03-02
URL qu.ax/static/js/main2.js IP / ASN 188.245.212.27 #24940 Hetzner Online GmbH Introduced by ScriptElement Embedded false Resource Info First Seen 2024-12-01 Last Seen 2025-03-02 Times Seen 9 Size 14 kB (14481 bytes) MD5 5dc47d6be68f9dd5bb77d359af2ebe2e SHA1 bdcc507132ecdbbebd74e96bd403af20a4e76dbd SHA256 39dcbc8953c6ee8ec9ffd16ff2db2a4d5072b78adb5f2e29ff0cc95541c1a9d6 Format Code Loading...

HTTP Transactions (14)

	URL	IP	Response	Size
	GET qu.ax/grill.php	188.245.212.27	302 Found	138 B
URL qu.ax/grill.php IP / ASN 188.245.212.27 #24940 Hetzner Online GmbH Requested byhttps://qu.ax/ Resource Info File typeHTML document, ASCII text, with CRLF line terminators First Seen2023-04-05 Last Seen2025-07-26 Times Seen38800 Size138 B (138 bytes) MD5aff950cab4c0265e21d401db15f1026d SHA1f03e18461817f7a6546c8bf8fa8d686d7e30aca0 SHA256753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0 Certificate Info IssuerLet's Encrypt Subject.qu.ax FingerprintB1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5 ValidityThu, 07 Nov 2024 16:29:08 GMT - Wed, 05 Feb 2025 16:29:07 GMT HTTP Headers `GET /grill.php HTTP/1.1 Host: qu.ax User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qu.ax/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 302 Found server: nginx date: Mon, 30 Dec 2024 21:55:10 GMT content-type: text/html content-length: 138 location: https://qu.ax/img/grills/6.webp X-Firefox-Spdy: h2`

	GET qu.ax/img/ShareX_Logo_16.png	188.245.212.27	200 OK	874 B
URL qu.ax/img/ShareX_Logo_16.png IP / ASN 188.245.212.27 #24940 Hetzner Online GmbH Requested byhttps://qu.ax/ Resource Info File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced First Seen2024-12-01 Last Seen2025-07-27 Times Seen17 Size874 B (874 bytes) MD58bfc13add651b05b03d4e2ac1b4e2a38 SHA1d78794f1d1c5ef8ae223828894f1684c7cbed2cf SHA256aa091ba0b7eb8fd1a2b8db83f870ab48c34ea5938d01a8d3984145f652657f8f Certificate Info IssuerLet's Encrypt Subject.qu.ax FingerprintB1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5 ValidityThu, 07 Nov 2024 16:29:08 GMT - Wed, 05 Feb 2025 16:29:07 GMT HTTP Headers `GET /img/ShareX_Logo_16.png HTTP/1.1 Host: qu.ax User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qu.ax/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 30 Dec 2024 21:55:10 GMT content-type: image/png content-length: 874 last-modified: Sat, 13 Jul 2024 11:26:03 GMT x-xss-protection: 1; mode=block alt-svc: h3=":443"; ma=604800 accept-ranges: bytes X-Firefox-Spdy: h2`

	GET qu.ax/img/grills/6.webp	188.245.212.27	200 OK	18 kB
URL qu.ax/img/grills/6.webp IP / ASN 188.245.212.27 #24940 Hetzner Online GmbH Requested byhttps://qu.ax/ Resource Info File typeRIFF (little-endian) data, Web/P image First Seen2024-12-01 Last Seen2025-07-21 Times Seen6 Size18 kB (18120 bytes) MD57c14b157d0c0e550bdbab0b07547b821 SHA1280f2b131d63f8f6863fa325333f514fa55126d7 SHA256adb9c209c48953c7833740358f391328595f08cc25df8f89300922ffe03adb50 Certificate Info IssuerLet's Encrypt Subject.qu.ax FingerprintB1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5 ValidityThu, 07 Nov 2024 16:29:08 GMT - Wed, 05 Feb 2025 16:29:07 GMT HTTP Headers `GET /img/grills/6.webp HTTP/1.1 Host: qu.ax User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://qu.ax/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 30 Dec 2024 21:55:10 GMT content-type: image/webp content-length: 18120 last-modified: Wed, 06 Nov 2024 01:25:24 GMT x-xss-protection: 1; mode=block alt-svc: h3=":443"; ma=604800 accept-ranges: bytes X-Firefox-Spdy: h2`

	GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227	200 OK	48 kB
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP / ASN 216.58.207.227 #15169 GOOGLE Requested byhttps://qu.ax/ Resource Info File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 First Seen2023-12-14 Last Seen2025-08-01 Times Seen89267 Size48 kB (48236 bytes) MD5015c126a3520c9a8f6a27979d0266e96 SHA12acf956561d44434a6d84204670cf849d3215d5f SHA2563c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Certificate Info IssuerGoogle Trust Services Subject.gstatic.com Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT HTTP Headers GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://qu.ax DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 48236 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 28 Dec 2024 03:56:30 GMT expires: Sun, 28 Dec 2025 03:56:30 GMT cache-control: public, max-age=31536000 age: 237521 last-modified: Thu, 14 Dec 2023 02:08:40 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap	142.250.74.106	200 OK	27 kB
URL fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap IP / ASN 142.250.74.106 #15169 GOOGLE Requested byhttps://qu.ax/ Resource Info File typegzip compressed data, max compression First Seen2024-12-30 Last Seen2025-02-26 Times Seen2 Size27 kB (26740 bytes) MD5c7c1ced223040b30fc8223fc57203f01 SHA1eab875f96ce3667ee71d3b68b9288187271d1957 SHA256b270d3996d005780f6274be893e551804ee42fb08afc4c7ea3e124e152546632 Certificate Info IssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT HTTP Headers `GET /css2?family=Open+Sans:wght@300;400;600&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qu.ax/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 30 Dec 2024 21:55:10 GMT date: Mon, 30 Dec 2024 21:55:10 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	OPTIONS tianji.1337.la/api/website/send	88.198.51.12	204 No Content	0 B
URL tianji.1337.la/api/website/send IP / ASN 88.198.51.12 #24940 Hetzner Online GmbH Requested byhttps://qu.ax/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5605895 Size0 B (0 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerLet's Encrypt Subjecttianji.1337.la FingerprintC3:29:42:C7:69:91:1E:78:55:8C:6B:42:36:EA:AE:42:3F:A3:AE:78 ValidityThu, 12 Dec 2024 02:41:33 GMT - Wed, 12 Mar 2025 02:41:32 GMT HTTP Headers `OPTIONS /api/website/send HTTP/1.1 Host: tianji.1337.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://qu.ax/ Origin: https://qu.ax DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 204 No Content server: nginx date: Mon, 30 Dec 2024 21:55:11 GMT access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE vary: Access-Control-Request-Headers access-control-allow-headers: content-type alt-svc: h3=":443"; ma=604800 X-Firefox-Spdy: h2`

	OPTIONS tianji.1337.la/api/website/send	88.198.51.12	200 OK	5.7 kB
URL tianji.1337.la/api/website/send IP / ASN 88.198.51.12 #24940 Hetzner Online GmbH Requested byhttps://qu.ax/ Resource Info File typeASCII text, with very long lines (669), with no line terminators First Seen2024-12-30 Last Seen2024-12-30 Times Seen1 Size5.7 kB (5655 bytes) MD5d8d496e4affa3274fa174bc81cb92bb9 SHA1d796cbe3bd1530c76272eb5a2c1e4edba2c87cb0 SHA2564ab5ae97f93286388e4ef95278189d0a57f34567bfb97de10be2e7edb6c0f0fe Certificate Info IssuerLet's Encrypt Subjecttianji.1337.la FingerprintC3:29:42:C7:69:91:1E:78:55:8C:6B:42:36:EA:AE:42:3F:A3:AE:78 ValidityThu, 12 Dec 2024 02:41:33 GMT - Wed, 12 Mar 2025 02:41:32 GMT HTTP Headers `POST /api/website/send HTTP/1.1 Host: tianji.1337.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://qu.ax/ Content-Type: application/json Content-Length: 197 Origin: https://qu.ax DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 30 Dec 2024 21:55:11 GMT content-type: text/html; charset=utf-8 access-control-allow-origin: * etag: W/"29d-15bL470VMMdicutaLB5O26LIfLA" vary: Accept-Encoding, Accept-Encoding alt-svc: h3=":443"; ma=604800 content-encoding: br X-Firefox-Spdy: h2`

	GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2	216.58.207.227	200 OK	25 kB
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 IP / ASN 216.58.207.227 #15169 GOOGLE Requested byhttps://qu.ax/ Resource Info File typeWeb Open Font Format (Version 2), TrueType, length 24984, version 1.0 First Seen2023-12-15 Last Seen2025-08-01 Times Seen6645 Size25 kB (24984 bytes) MD5303a79d404d97ccbb3d803088fc387d8 SHA166e3525b79a1a58a63fe0934f31676dd40c7f033 SHA2567e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f Certificate Info IssuerGoogle Trust Services Subject.gstatic.com Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT HTTP Headers GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://qu.ax DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 24984 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 27 Dec 2024 21:54:04 GMT expires: Sat, 27 Dec 2025 21:54:04 GMT cache-control: public, max-age=31536000 age: 259267 last-modified: Thu, 14 Dec 2023 02:04:54 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET tianji.1337.la/tracker.js	88.198.51.12	200 OK	2.5 kB
URL tianji.1337.la/tracker.js IP / ASN 88.198.51.12 #24940 Hetzner Online GmbH Requested byhttps://qu.ax/ Resource Info File typeJavaScript source, ASCII text, with very long lines (2598), with no line terminators First Seen2024-10-25 Last Seen2025-04-01 Times Seen25 Size2.5 kB (2519 bytes) MD51929a8e0d1dda0a0a8abf874a86786a5 SHA185c0eebc1f3828df95c0e9a22eca06972ed13ee1 SHA2569d6defd3a2304fa35aabd1e04df762a6bd683efeb0d672602c6aebd1473a11a4 Certificate Info IssuerLet's Encrypt Subjecttianji.1337.la FingerprintC3:29:42:C7:69:91:1E:78:55:8C:6B:42:36:EA:AE:42:3F:A3:AE:78 ValidityThu, 12 Dec 2024 02:41:33 GMT - Wed, 12 Mar 2025 02:41:32 GMT HTTP Headers `GET /tracker.js HTTP/1.1 Host: tianji.1337.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qu.ax/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Mon, 30 Dec 2024 21:55:10 GMT content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * accept-ranges: bytes cache-control: public, max-age=604800 last-modified: Fri, 29 Nov 2024 18:44:09 GMT etag: W/"9d7-193793cd0a8" vary: Accept-Encoding, Accept-Encoding content-encoding: gzip alt-svc: h3=":443"; ma=604800 X-Firefox-Spdy: h2`

	GET cdn.tailwindcss.com/3.4.16	172.67.41.16	200 OK	407 kB
URL cdn.tailwindcss.com/3.4.16 IP / ASN 172.67.41.16 #13335 CLOUDFLARENET Requested byhttps://qu.ax/ Resource Info File typeJavaScript source, ASCII text, with very long lines (52853) First Seen2024-12-07 Last Seen2025-08-01 Times Seen3883 Size407 kB (407279 bytes) MD52697bf25afb0982dfa17c73536f934c1 SHA17d7db122d0639cd1f1a53eb6018d6d713d312679 SHA256fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea Certificate Info IssuerGoogle Trust Services Subjecttailwindcss.com Fingerprint26:11:6A:E2:4D:77:ED:0F:2E:DC:58:A5:79:39:84:D7:E6:ED:EC:E3 ValidityWed, 04 Dec 2024 00:31:10 GMT - Tue, 04 Mar 2025 00:31:09 GMT HTTP Headers `GET /3.4.16 HTTP/1.1 Host: cdn.tailwindcss.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://qu.ax/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Mon, 30 Dec 2024 21:55:10 GMT content-type: text/javascript cache-control: max-age=31536000 content-encoding: br strict-transport-security: max-age=63072000 x-vercel-cache: MISS x-vercel-id: cle1::iad1::rv4dn-1733520637303-9c55b126e284 last-modified: Fri, 06 Dec 2024 21:30:37 GMT cf-cache-status: HIT age: 931062 vary: Accept-Encoding server: cloudflare cf-ray: 8fa545c59b4856c6-OSL X-Firefox-Spdy: h2`

	GET qu.ax/favicon.ico	188.245.212.27	200 OK	21 kB
URL qu.ax/favicon.ico IP / ASN 188.245.212.27 #24940 Hetzner Online GmbH Requested byhttps://qu.ax/ Resource Info File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced First Seen2023-06-27 Last Seen2025-08-01 Times Seen345 Size21 kB (20601 bytes) MD5b1427ced1520ea9d49dc3ff783f9fc38 SHA1f63057f04bbc9685daef2a5bb5f8b6c0ae483bf0 SHA2569374e3620b1daa8f7ce59acc9250129e15dae90354280f4ce3b8369209ebdd31 Certificate Info IssuerLet's Encrypt Subject.qu.ax FingerprintB1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5 ValidityThu, 07 Nov 2024 16:29:08 GMT - Wed, 05 Feb 2025 16:29:07 GMT HTTP Headers `GET /favicon.ico HTTP/1.1 Host: qu.ax User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qu.ax/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Mon, 30 Dec 2024 21:55:11 GMT content-type: image/x-icon last-modified: Wed, 06 Nov 2024 01:25:22 GMT x-xss-protection: 1; mode=block content-encoding: br alt-svc: h3=":443"; ma=604800 X-Firefox-Spdy: h2`

	GET cdn.tailwindcss.com/	172.67.41.16	302 Found	407 kB
URL cdn.tailwindcss.com/ IP / ASN 172.67.41.16 #13335 CLOUDFLARENET Requested byhttps://qu.ax/ Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5605895 Size407 kB (407279 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerGoogle Trust Services Subjecttailwindcss.com Fingerprint26:11:6A:E2:4D:77:ED:0F:2E:DC:58:A5:79:39:84:D7:E6:ED:EC:E3 ValidityWed, 04 Dec 2024 00:31:10 GMT - Tue, 04 Mar 2025 00:31:09 GMT HTTP Headers `GET / HTTP/1.1 Host: cdn.tailwindcss.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qu.ax/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Mon, 30 Dec 2024 21:55:10 GMT cache-control: max-age=14400 location: /3.4.16 strict-transport-security: max-age=63072000 x-vercel-cache: MISS x-vercel-id: cle1::iad1::njnvs-1735594927209-7728d3ed0827 cf-cache-status: HIT age: 229 vary: Accept-Encoding server: cloudflare cf-ray: 8fa545c489ff56c6-OSL X-Firefox-Spdy: h2`

	GET qu.ax/	188.245.212.27	200 OK	17 kB
URL qu.ax/ IP / ASN 188.245.212.27 #24940 Hetzner Online GmbH Requested byN/A Resource Info File typeHTML document, ASCII text, with very long lines (536) First Seen2024-12-30 Last Seen2025-01-25 Times Seen5 Size17 kB (16722 bytes) MD58577efea870546d15d9ee730c4fae024 SHA128f4036eec54552a679923ce3a7e7d8d368f5e99 SHA25668c64d5e63a881c48483e1b63e66c65715856afd2b2067487ecda0d778a5a361 Certificate Info IssuerLet's Encrypt Subject.qu.ax FingerprintB1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5 ValidityThu, 07 Nov 2024 16:29:08 GMT - Wed, 05 Feb 2025 16:29:07 GMT HTTP Headers `GET / HTTP/1.1 Host: qu.ax User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Mon, 30 Dec 2024 21:55:09 GMT content-type: text/html last-modified: Thu, 12 Dec 2024 03:42:09 GMT x-xss-protection: 1; mode=block content-encoding: br alt-svc: h3=":443"; ma=604800 X-Firefox-Spdy: h2`

	GET qu.ax/static/js/main2.js	188.245.212.27	200 OK	14 kB
URL qu.ax/static/js/main2.js IP / ASN 188.245.212.27 #24940 Hetzner Online GmbH Requested byhttps://qu.ax/ Resource Info File typeJavaScript source, ASCII text First Seen2024-12-01 Last Seen2025-03-02 Times Seen9 Size14 kB (14481 bytes) MD55dc47d6be68f9dd5bb77d359af2ebe2e SHA1bdcc507132ecdbbebd74e96bd403af20a4e76dbd SHA25639dcbc8953c6ee8ec9ffd16ff2db2a4d5072b78adb5f2e29ff0cc95541c1a9d6 Certificate Info IssuerLet's Encrypt Subject.qu.ax FingerprintB1:EA:1B:CB:CA:02:39:E1:27:51:38:79:0A:F2:42:F7:1B:B5:02:E5 ValidityThu, 07 Nov 2024 16:29:08 GMT - Wed, 05 Feb 2025 16:29:07 GMT HTTP Headers `GET /static/js/main2.js HTTP/1.1 Host: qu.ax User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://qu.ax/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Mon, 30 Dec 2024 21:55:10 GMT content-type: application/javascript last-modified: Wed, 06 Nov 2024 01:25:26 GMT x-xss-protection: 1; mode=block content-encoding: br alt-svc: h3=":443"; ma=604800 X-Firefox-Spdy: h2`

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

HTTP Transactions (14)

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers