file.sayafx.us.kg - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 2606:4700:3031::ac43:b253, located in United States and belongs to CLOUDFLARENET, US. The main domain is file.sayafx.us.kg.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.

This is the only time file.sayafx.us.kg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3031::ac43:b253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2404:2280:1b4... 2404:2280:1b4:0:3::7f8	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	211.152.149.12 211.152.149.12	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	172.67.178.83 172.67.178.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3

2 2606:4700:3031::ac43:b253 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

file.sayafx.us.kg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:2280:1b4:0:3::7f8 (Singapore) 1 redirects

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

unpkg.zhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.152.149.12 (Atlanta, United States)

ASN139341 (ACE-AS-AP ACE, SG)

unpkg.zhihu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.178.83 (United States)

ASN13335 (CLOUDFLARENET, US)

file.sayafx.us.kg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	us.kg 1 redirects file.sayafx.us.kg	6 KB
1	zhihu.com unpkg.zhihu.com
1	zhimg.com 1 redirects unpkg.zhimg.com — Cisco Umbrella Rank: 137342	571 B
3	3

	Domain	Requested by
3	file.sayafx.us.kg	1 redirects
1	unpkg.zhihu.com	file.sayafx.us.kg
1	unpkg.zhimg.com	1 redirects
3	3

This site contains no links.

Subject Issuer	Validity	Valid
sayafx.us.kg WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://file.sayafx.us.kg/
Frame ID: 90ADF448F9383FAD29E46DBE2C3DD20B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

首页 - Moonpsalms Storage

Page Statistics

3
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

6 kB
Transfer

15 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://unpkg.zhimg.com/ionicons@4.4.4/dist/ionicons.js HTTP 302
https://unpkg.zhihu.com/ionicons@4.4.4/dist/ionicons.js

Request Chain 1

https://file.sayafx.us.kg/favicon.ico HTTP 302
https://file.sayafx.us.kg/S1/favicon.ico

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response file.sayafx.us.kg/	15 KB 5 KB	3360ms 1974ms	Document text/html	2606:4700:3031::ac43:b253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://file.sayafx.us.kg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:b253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ea9575f9e8b956cca48fb33fa86f3d8dd560aa875e7699bccf0cf0f7f1f1e2e6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-ray 8dee8948f81f6daa-MIA content-encoding zstd content-type text/html date Thu, 07 Nov 2024 16:00:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybemyObiHyzCd%2FqEmCGm%2F%2F6C46P5uDV5npKId5tSJ66UFccYzVB%2F3ytDfP7w25PyIC9EnSyJpB4ZwoQMYaM1T%2FPXN2dFqR1QbdHtK%2FqGOkZeZLubHixeStqM2PqtMXY8J99jmaxocqx0iF%2FEyqEHsg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=30177&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3985&recv_bytes=2321&delivery_rate=130517&cwnd=253&unsent_bytes=0&cid=ca8eb219ef6b3c52&ts=2163&x=0" vary Accept-Encoding
GET H2	404	ionicons.js unpkg.zhihu.com/ionicons@4.4.4/dist/ Redirect Chain https://unpkg.zhimg.com/ionicons@4.4.4/dist/ionicons.js https://unpkg.zhihu.com/ionicons@4.4.4/dist/ionicons.js	0 0	1527ms 455ms	Script text/plain	211.152.149.12 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://unpkg.zhihu.com/ionicons@4.4.4/dist/ionicons.js Requested by Host: file.sayafx.us.kg URL: https://file.sayafx.us.kg/ Protocol H2 Server 211.152.149.12 Atlanta, United States, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software BLB/23.08.4.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://file.sayafx.us.kg/ Response headers x-cdn-provider tencent x-nws-log-uuid 11936930633997651998 x-dayu-backend-response 0.002 etag W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg" referrer-policy no-referrer-when-downgrade access-control-allow-origin * x-secng-response 0.002000093460083 content-length 9 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" date Thu, 07 Nov 2024 16:00:31 GMT x-cache-lookup Cache Miss, Cache Miss, Cache Miss, Cache Miss content-type text/plain; charset=utf-8 vary Accept-Encoding server BLB/23.08.4.1 x-edge-timing 0.408 Redirect headers age 11530566 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-cdn-provider tencent x-cache HIT TCP_HIT dirn:2:214934960 date Thu, 27 Jun 2024 05:04:24 GMT x-swift-cachetime 31026343 x-nws-log-uuid 6509355571599842790 location https://unpkg.zhihu.com/ionicons@4.4.4/dist/ionicons.js timing-allow-origin * via cache18.l2us2[0,0,302-0,H], cache20.l2us2[1,0], ens-cache5.us22[0,6,302-0,H], ens-cache12.us22[9,0] ali-swift-global-savetime 1719464664 x-swift-savetime Fri, 28 Jun 2024 02:38:41 GMT eagleid 2ff617a017309952304183046e content-length 0 x-cache-lookup Return Directly server Tengine x-edge-timing 0.001
GET H3	404	favicon.ico file.sayafx.us.kg/S1/ Redirect Chain https://file.sayafx.us.kg/favicon.ico https://file.sayafx.us.kg/S1/favicon.ico	432 B 951 B	3254ms 3253ms	Other text/html	172.67.178.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://file.sayafx.us.kg/S1/favicon.ico Protocol H3 Server 172.67.178.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0aded3d990aee36c3766940bb5a4fba3f76e355610cd4958d62444ff3763c3b1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://file.sayafx.us.kg/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oKL9lvJ1xpgFeBKgafWe1jpCakNjueR%2F0r8QT5pVnMA%2FX6vYVe1fCJs5TndR5KkVPyjeuoNfXdWBNpZgiWT6yx3IUWiBsKWy1jJOXZnUoVEiO%2BkW7GV6YlgM%2FPDavI%2ByqKXHUA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8dee8968abe90302-MIA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31191&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4266&recv_bytes=4452&delivery_rate=372&cwnd=12000&unsent_bytes=0&cid=596c2e355c432c71&ts=3277&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 07 Nov 2024 16:00:35 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=1,i Redirect headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} location /S1/favicon.ico report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IX313xn21b8a%2BLg4eW5Pz%2BUpMomnBalxUgeeOXcaWSMxvDLqkjoXRkHPfUaOMwBT%2Fh5gLDq%2FALpTd6I6KKK56pk8x%2Fdhag2LXI%2FzV0l24AyvMszFbJG0xEEldG%2BE%2BMGl2fEClMVBnj%2FI3%2F%2BNbjsVEQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8dee89685bca6daa-MIA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=30498&sent=14&recv=20&lost=0&retrans=0&sent_bytes=9033&recv_bytes=2480&delivery_rate=294371&cwnd=257&unsent_bytes=0&cid=ca8eb219ef6b3c52&ts=5262&x=0" content-length 59 date Thu, 07 Nov 2024 16:00:32 GMT content-type text/plain;charset=UTF-8 vary Accept-Encoding server cloudflare

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://unpkg.zhihu.com/ionicons@4.4.4/dist/ionicons.js Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://file.sayafx.us.kg/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://file.sayafx.us.kg/S1/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

file.sayafx.us.kg
unpkg.zhihu.com
unpkg.zhimg.com
172.67.178.83
211.152.149.12
2404:2280:1b4:0:3::7f8
2606:4700:3031::ac43:b253
0aded3d990aee36c3766940bb5a4fba3f76e355610cd4958d62444ff3763c3b1
ea9575f9e8b956cca48fb33fa86f3d8dd560aa875e7699bccf0cf0f7f1f1e2e6

file.sayafx.us.kg Open in urlscan Pro 2606:4700:3031::ac43:b253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

33 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

6 kBTransfer

15 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

file.sayafx.us.kg Open in urlscan Pro
2606:4700:3031::ac43:b253 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

6 kB
Transfer

15 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions