URL: https://monitoring.axushost.com/
Submission Tags: phishingrod
Submission: On October 05 via api from DE — Scanned from NL

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 10 HTTP transactions. The main IP is 193.29.183.100, located in Netherlands and belongs to DIEDERIK-AS backbone.direct AS50917 T2 transit network, NL. The main domain is monitoring.axushost.com.
TLS certificate: Issued by R11 on October 5th 2024. Valid for: 3 months.
This is the only time monitoring.axushost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 193.29.183.100 50917 (DIEDERIK-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 142.250.186.132 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
2 104.18.11.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
10 6
Apex Domain
Subdomains
Transfer
4 axushost.com
monitoring.axushost.com
axushost.com
7 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113
36 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
65 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
fonts.googleapis.com — Cisco Umbrella Rank: 30
32 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
19 B
10 5
Domain Requested by
3 monitoring.axushost.com monitoring.axushost.com
2 maxcdn.bootstrapcdn.com monitoring.axushost.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com maxcdn.bootstrapcdn.com
1 axushost.com monitoring.axushost.com
1 www.gstatic.com monitoring.axushost.com
1 www.google.com 1 redirects
1 ajax.googleapis.com monitoring.axushost.com
10 8

This site contains links to these domains. Also see Links.

Domain
github.com
Subject Issuer Validity Valid
monitoring.axushost.com
R11
2024-10-05 -
2025-01-03
3 months crt.sh
upload.video.google.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
bootstrapcdn.com
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
axushost.com
R10
2024-10-01 -
2024-12-30
3 months crt.sh
*.gstatic.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://monitoring.axushost.com/
Frame ID: 45B1CF775128A65C6420E7066119A3F5
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Blacklist Monitoring

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

90 %
HTTPS

29 %
IPv6

5
Domains

8
Subdomains

6
IPs

4
Countries

140 kB
Transfer

388 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
monitoring.axushost.com/
2 KB
742 B
Document
General
Full URL
https://monitoring.axushost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.29.183.100 , Netherlands, ASN50917 (DIEDERIK-AS backbone.direct AS50917 T2 transit network, NL),
Reverse DNS
ams-cloud001-nl.axushost.com
Software
nginx / PHP/8.1.30 PleskLin
Resource Hash
f73180fdec734d2562ee8e5fb17999b4987842c9993d404fa01d5923be86a753

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 05 Oct 2024 08:14:20 GMT
server
nginx
x-powered-by
PHP/8.1.30 PleskLin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/
82 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: monitoring.axushost.com
URL: https://monitoring.axushost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://monitoring.axushost.com/

Response headers

content-encoding
gzip
age
350145
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 06:59:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 06:59:01 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29725
x-xss-protection
0
server
sffe
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
61 KB
18 KB
Script
General
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: monitoring.axushost.com
URL: https://monitoring.axushost.com/
Protocol
H3
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://monitoring.axushost.com/

Response headers

content-encoding
gzip
age
463
report-to
{"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 09:07:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 08:07:03 GMT
last-modified
Tue, 04 Apr 2023 17:52:30 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="gviz"
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
accept-ranges
bytes
content-length
18534
x-xss-protection
0
server
sffe

Redirect headers

cache-control
public, max-age=1800
location
https://www.gstatic.com/charts/loader.js
age
1713
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 08:16:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
date
Sat, 05 Oct 2024 07:46:13 GMT
content-type
text/html; charset=UTF-8
server
sffe
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootswatch/3.3.4/yeti/
121 KB
25 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootswatch/3.3.4/yeti/bootstrap.min.css
Requested by
Host: monitoring.axushost.com
URL: https://monitoring.axushost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b74f119b61d92b29ec6f70ca092742107fc9eeaea4b9da7df3ab230e138b623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://monitoring.axushost.com/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"cea5af3845f9edc5ef3397ae94070a25"
age
154609
x-content-type-options
nosniff
date
Sat, 05 Oct 2024 08:14:46 GMT
last-modified
Mon, 25 Jan 2021 22:04:26 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/10/2024 05:28:45
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
afd34a7247eaacbba4da8b467dd2bd35
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8cdbf5c39a4f65fe-AMS
access-control-allow-origin
*
cdn-edgestorageid
845
server
cloudflare
cdn-requestcountrycode
US
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/
35 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: monitoring.axushost.com
URL: https://monitoring.axushost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://monitoring.axushost.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
1356903
x-content-type-options
nosniff
date
Sat, 05 Oct 2024 08:14:46 GMT
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cdn-cachedat
2021-06-01 19:39:17
cdn-requestpullsuccess
True
cache-control
public, max-age=31919000
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
cc9c4f0d341b28a2bf97da1ba3da67e8
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cf-ray
8cdbf5c39a4d65fe-AMS
access-control-allow-origin
*
cdn-edgestorageid
617, 617
server
cloudflare
cdn-requestcountrycode
US
site.css
monitoring.axushost.com/css/
2 KB
759 B
Stylesheet
General
Full URL
https://monitoring.axushost.com/css/site.css
Requested by
Host: monitoring.axushost.com
URL: https://monitoring.axushost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.29.183.100 , Netherlands, ASN50917 (DIEDERIK-AS backbone.direct AS50917 T2 transit network, NL),
Reverse DNS
ams-cloud001-nl.axushost.com
Software
nginx / PleskLin
Resource Hash
6d227ecda844fa2a07702c64f92b1d8ae76af3374cd29d1b1c43b23d54e941d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://monitoring.axushost.com/

Response headers

content-encoding
br
date
Sat, 05 Oct 2024 08:14:20 GMT
etag
W/"5bce0709-7fe"
content-type
text/css
last-modified
Mon, 22 Oct 2018 17:21:13 GMT
server
nginx
x-powered-by
PleskLin
AxusHost.svg
axushost.com/images/
4 KB
4 KB
Image
General
Full URL
https://axushost.com/images/AxusHost.svg
Requested by
Host: monitoring.axushost.com
URL: https://monitoring.axushost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.29.183.100 , Netherlands, ASN50917 (DIEDERIK-AS backbone.direct AS50917 T2 transit network, NL),
Reverse DNS
ams-cloud001-nl.axushost.com
Software
nginx / PleskLin
Resource Hash
3a7fcd9e7dad718a8957ce2bce1ac15fcfcbffefa64086668b73e4143af0d216
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://monitoring.axushost.com/

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
etag
"66aca85f-f7e"
accept-ranges
bytes
content-length
3966
date
Sat, 05 Oct 2024 08:14:20 GMT
content-type
image/svg+xml
last-modified
Fri, 02 Aug 2024 09:35:27 GMT
server
nginx
x-powered-by
PleskLin
css
fonts.googleapis.com/
33 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootswatch/3.3.4/yeti/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a60d4f8cc0e1ec57d2574653a779b41406c419a8e1a0fc49d6d0a45f73491370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 05 Oct 2024 08:14:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 05 Oct 2024 08:14:46 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 05 Oct 2024 06:23:47 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://monitoring.axushost.com
Referer
https://fonts.googleapis.com/

Response headers

age
52158
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 17:45:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 17:45:28 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
favicon.ico
monitoring.axushost.com/
1 KB
2 KB
Other
General
Full URL
https://monitoring.axushost.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.29.183.100 , Netherlands, ASN50917 (DIEDERIK-AS backbone.direct AS50917 T2 transit network, NL),
Reverse DNS
ams-cloud001-nl.axushost.com
Software
nginx / PleskLin
Resource Hash
2004e9f01c8de75aefea4258048575390464c53ce479677627768b79cd43c7fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://monitoring.axushost.com/

Response headers

etag
"5bce0709-57e"
accept-ranges
bytes
content-length
1406
date
Sat, 05 Oct 2024 08:14:20 GMT
content-type
image/vnd.microsoft.icon
last-modified
Mon, 22 Oct 2018 17:21:13 GMT
server
nginx
x-powered-by
PleskLin

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| google

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://monitoring.axushost.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o