vpn.xiaonainiu.filegear-sg.me Open in urlscan Pro
2606:4700:3033::ac43:8343 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vpn.xiaonainiu.filegear-sg.me/
Submission: On August 05 via automatic, source certstream-suspicious (August 5th 2024, 6:12:03 am UTC) — Scanned from SG

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3033::ac43:8343, located in United States and belongs to CLOUDFLARENET, US. The main domain is vpn.xiaonainiu.filegear-sg.me.
TLS certificate: Issued by E6 on August 5th 2024. Valid for: 3 months.

This is the only time vpn.xiaonainiu.filegear-sg.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3033::ac43:8343	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	117.72.37.2 117.72.37.2	141679 (CHINATELE...) (CHINATELECOM-IDC-BTHBD-AP China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch)
2	2620:1ec:bdf::59 2620:1ec:bdf::59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.231.230.148 52.231.230.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.67.131.67 172.67.131.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	6

7 2606:4700:3033::ac43:8343 (United States)

ASN13335 (CLOUDFLARENET, US)

vpn.xiaonainiu.filegear-sg.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 117.72.37.2 (China)

ASN141679 (CHINATELECOM-IDC-BTHBD-AP China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch, CN)

tj.melost.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.230.148 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.131.67 (United States)

ASN13335 (CLOUDFLARENET, US)

vpn.xiaonainiu.filegear-sg.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	filegear-sg.me vpn.xiaonainiu.filegear-sg.me	6 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 u.clarity.ms — Cisco Umbrella Rank: 8734 c.clarity.ms — Cisco Umbrella Rank: 1838	28 KB
2	melost.cn tj.melost.cn	24 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	772 B
16	4

	Domain	Requested by
9	vpn.xiaonainiu.filegear-sg.me	vpn.xiaonainiu.filegear-sg.me
2	c.clarity.ms	1 redirects
2	u.clarity.ms	www.clarity.ms
2	www.clarity.ms	vpn.xiaonainiu.filegear-sg.me www.clarity.ms
2	tj.melost.cn	vpn.xiaonainiu.filegear-sg.me tj.melost.cn
1	c.bing.com	1 redirects
16	6

This site contains no links.

Subject Issuer	Validity	Valid
xiaonainiu.filegear-sg.me E6	`2024-08-05` - `2024-11-03`	3 months	crt.sh
tj.melost.cn R11	`2024-06-07` - `2024-09-05`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://vpn.xiaonainiu.filegear-sg.me/
Frame ID: 85C4B22C3322001BFAEE2680B9D13374
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

影盘社-网盘资源搜索神器

Page Statistics

16
Requests

94 %
HTTPS

43 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

59 kB
Transfer

147 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A926A04F07994FAFA3A87DCAB950FC2F&RedC=c.clarity.ms&MXFR=2B4CD6F0C13B68F406A2C222C53B665C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A926A04F07994FAFA3A87DCAB950FC2F&MUID=248CD42721B86BA9299EC0F520B96A09

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vpn.xiaonainiu.filegear-sg.me/ 18 KB
5 KB 2875ms
2437ms Document
text/html 2606:4700:3033::ac43:8343
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8343 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e750b42a38dc14947bb63d5977b813dad80a059652824acd5346b1629580b75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ae4a1bd8ae0a3dd-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 05 Aug 2024 06:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1Sj3waW%2ByPRUM6dL9ukJg94waMUE9fc3XS41XkaH20vS6VZtO42r3WehUufv2DIGp8qFrRfms3m5Pmj7YvLz8X2YscOltKhpm%2FcWvFa1LV33VQljxPfApwjthA2LcfCbYL2fKGL9lU5rdI3X22x50E9ghMpteRhoYZkOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 404 index-_FB0E_qO.js
vpn.xiaonainiu.filegear-sg.me/assets/ 0
0 32ms
27ms Script
text/plain 2606:4700:3033::ac43:8343
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/assets/index-_FB0E_qO.js
Requested by: Host: vpn.xiaonainiu.filegear-sg.me
URL: https://vpn.xiaonainiu.filegear-sg.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8343 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
Origin: https://vpn.xiaonainiu.filegear-sg.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6Z7%2FZdV4LPXU04o%2FRBUk8Z1Ci06DQdcVrKr%2BzT%2FJatRZ%2BWxnARyjq8OcjgzO6nSmQRO961QRaC3PzENcapY8DW7dZmfDRZRQ8deTcsB9YtMTCx0KEhjMyommS5DmLjJBOnScJjFVf0nUmf1Lsmu7fIZ18Js89PoZebc3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 8ae4a1ccdb14a3dd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H2 404 libs-C2xrR1NN.js
vpn.xiaonainiu.filegear-sg.me/assets/ 0
0 17ms
14ms Script
text/plain 2606:4700:3033::ac43:8343
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/assets/libs-C2xrR1NN.js
Requested by: Host: vpn.xiaonainiu.filegear-sg.me
URL: https://vpn.xiaonainiu.filegear-sg.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8343 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
Origin: https://vpn.xiaonainiu.filegear-sg.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ov2rBz8%2FOLaYVf7JJfRAhtYo1%2FTknHT1eImH4jKtcivvpzSPqm5ivWbWQEsKkrQ6qD0Dd0r%2BMVUSEFVmPGLtwP4W0t1hPd%2B%2BeE5IjGGGL%2F2NuKAf0SWgnrpiuLCQdpX%2Ff0FXSENcIKhye%2Bo%2F2668t5WbIRFrzTF5jMPOpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 8ae4a1cceb15a3dd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H2 404 react-Br6nzd0F.js
vpn.xiaonainiu.filegear-sg.me/assets/ 0
0 22ms
19ms Script
text/plain 2606:4700:3033::ac43:8343
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/assets/react-Br6nzd0F.js
Requested by: Host: vpn.xiaonainiu.filegear-sg.me
URL: https://vpn.xiaonainiu.filegear-sg.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8343 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
Origin: https://vpn.xiaonainiu.filegear-sg.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8G9JnH0R6g%2Fu5dOsQFi1qSAE8EpmRNeT48EKYibo11r0Y%2Bt9wFhJ8ymJJLnKulOV3J7mMGC%2FKX0P%2BRNl6QQ%2Bccz1fQw012wIcrJpLJUwGKxI5NCLms1O0g9sTQOnuVqEeoFfyrgttGP6J2qRNanP73Ovc9T7LMPyN1z4Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 8ae4a1cceb16a3dd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H2 404 ui-DNZBGJ5q.js
vpn.xiaonainiu.filegear-sg.me/assets/ 0
0 20ms
17ms Script
text/plain 2606:4700:3033::ac43:8343
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/assets/ui-DNZBGJ5q.js
Requested by: Host: vpn.xiaonainiu.filegear-sg.me
URL: https://vpn.xiaonainiu.filegear-sg.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8343 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
Origin: https://vpn.xiaonainiu.filegear-sg.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKWEgauBPtxVE0Qo4c2gaIu0PQ5YqOoGPeP%2BLRQ4l1C8nTppqKU8pHgWA3nuQVVGa0tevLxKZr8ceb%2BdDqgpoj2kjURu%2BGjTyo%2Fzf4hTxTpqSsbvfGcVIqjf9td0G6K0qzlkfE%2B9dFmAPhawo7pFeFllvyeYFjIJ640jkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 8ae4a1cceb18a3dd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H2 404 ui-D8Rog_6B.css
vpn.xiaonainiu.filegear-sg.me/assets/ 0
0 21ms
18ms Stylesheet
text/plain 2606:4700:3033::ac43:8343
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/assets/ui-D8Rog_6B.css
Requested by: Host: vpn.xiaonainiu.filegear-sg.me
URL: https://vpn.xiaonainiu.filegear-sg.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8343 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
Origin: https://vpn.xiaonainiu.filegear-sg.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n2g1DQrMiTZAX85GRpkJGJqmiib4aDrdGMdS1KzjiTRpvcEe7Yi%2BGSHNLxyv%2B2PInBOdUDQ5t0GCxewQqQgqaQsVQZhDFMAbXUkANf8JFU%2BWzy48lVTarETXAQw0Uxh%2BeMl6ktEuOs78H3PV%2F85MaTnQAkTkQYfOGDpfqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 8ae4a1ccdb11a3dd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H2 404 index-Co0HO7ek.css
vpn.xiaonainiu.filegear-sg.me/assets/ 0
0 25ms
22ms Stylesheet
text/plain 2606:4700:3033::ac43:8343
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/assets/index-Co0HO7ek.css
Requested by: Host: vpn.xiaonainiu.filegear-sg.me
URL: https://vpn.xiaonainiu.filegear-sg.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8343 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
Origin: https://vpn.xiaonainiu.filegear-sg.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoBQAVm2HeAYjfkBSRYnU%2F4sQPjr4wVX43bXdqfj4oaR93WveFgERDcOL7hulzyFIa0ruBhzG1SiYndulMP1W1tJh4Q8aHdndMybPrY0u8l2T6xJ4GM1%2FyXSS0pHBSfKg5AMNRJYTvuPMby8KxcAcM8QxonWGd3M7By1hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 8ae4a1ccdb13a3dd-SIN
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H2 200 matomo.js Show response
tj.melost.cn/ 66 KB
24 KB 1601ms
365ms Script
application/javascript 117.72.37.2
CHINATELECOM-IDC-...

General

Check archive.org

Show headers Download Go to

Full URL

https://tj.melost.cn/matomo.js

Requested by

Host: vpn.xiaonainiu.filegear-sg.me
URL: https://vpn.xiaonainiu.filegear-sg.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.72.37.2 , China, ASN141679 (CHINATELECOM-IDC-BTHBD-AP China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch, CN),

Reverse DNS

Software

nginx /

Resource Hash

f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 19 Jun 2024 19:51:09 GMT
server: nginx
etag: W/"667336ad-10784"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 05 Aug 2024 18:11:51 GMT

GET
H2 200 l8dftl9s6o Show response
www.clarity.ms/tag/ 637 B
1001 B 408ms
359ms Script
application/x-javascript 2620:1ec:bdf::59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/l8dftl9s6o
Requested by: Host: vpn.xiaonainiu.filegear-sg.me
URL: https://vpn.xiaonainiu.filegear-sg.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 682202cbd2e8e8e00ccebb987c712a0b7ef07734311d57dc6dfc63706ff4e61c

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date: Mon, 05 Aug 2024 06:11:50 GMT
x-azure-ref: 20240805T061149Z-16dbb9f4c996zhd7d29apfb5t00000000k60000000004h72
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
expires: -1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 19ms
18ms Script
application/javascript 2620:1ec:bdf::59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/l8dftl9s6o
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:50 GMT
content-encoding: br
last-modified: Thu, 01 Aug 2024 19:54:07 GMT
etag: W/"0x8DCB263B4239D88"
vary: Accept-Encoding
x-azure-ref: 20240805T061150Z-16dbb9f4c996zhd7d29apfb5t00000000k60000000004h81
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9e208180-101e-0028-4dba-e44f73000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
293 B 848ms
246ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vpn.xiaonainiu.filegear-sg.me
Date: Mon, 05 Aug 2024 06:11:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 204 matomo.php
tj.melost.cn/ 0
149 B 2472ms
2470ms Ping
text/plain 117.72.37.2
CHINATELECOM-IDC-...

General

Check archive.org

Show headers Download Go to

Full URL

https://tj.melost.cn/matomo.php?action_name=%E5%BD%B1%E7%9B%98%E7%A4%BE-%E7%BD%91%E7%9B%98%E8%B5%84%E6%BA%90%E6%90%9C%E7%B4%A2%E7%A5%9E%E5%99%A8&idsite=3&rec=1&r=507364&h=14&m=11&s=51&url=https%3A%2F%2Fvpn.xiaonainiu.filegear-sg.me%2F&_id=08e2b1cf32053d9a&_idn=1&send_image=0&_refts=0&pv_id=qqXRiW&pf_net=439&pf_srv=2436&pf_tfr=4&pf_dm1=40&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: tj.melost.cn
URL: https://tj.melost.cn/matomo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.72.37.2 , China, ASN141679 (CHINATELECOM-IDC-BTHBD-AP China Telecom Beijing Tianjin Hebei Big Data Industry Park Branch, CN),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://vpn.xiaonainiu.filegear-sg.me
date: Mon, 05 Aug 2024 06:11:54 GMT
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
server: nginx

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A926A04F07994FAFA3A87DCAB950FC2F&RedC=c.clarity.ms&MXFR=2B4CD6F0C13B68F406A2C222C53B665C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A926A04F07994FAFA3A87DCAB950FC2F&MUID=248CD42721B86BA9299EC0F520B96A09

42 B
441 B

65ms
65ms

Image
image/gif

52.231.230.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A926A04F07994FAFA3A87DCAB950FC2F&MUID=248CD42721B86BA9299EC0F520B96A09
Protocol: H2
Server: 52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Aug 2024 06:11:51 GMT
last-modified: Wed, 31 Jul 2024 18:21:55 GMT
server: Microsoft-IIS/10.0
etag: "bfef2a8676e3da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 05 Aug 2024 06:11:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5DCD2A78E7545A29C7BA5D3E3699131 Ref B: SIN30EDGE0114 Ref C: 2024-08-05T06:11:52Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A926A04F07994FAFA3A87DCAB950FC2F&MUID=248CD42721B86BA9299EC0F520B96A09
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 404 logo.svg
vpn.xiaonainiu.filegear-sg.me/static/ 9 B
456 B 15ms
14ms Other
text/plain 172.67.131.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/static/logo.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNmrXg%2B0z1aLitVNnbtSxFk9Rb0i2s0bK8n7dk1X4Z4L7gLGG0Fg7sStT4atpnQSSU0e7OOv95IOrENDA%2FwMbYfGjKsrvlGQGixR8SF4oa6pTc4xddchtDbZC7O6hXX3zKNLpqISAP1Fg%2FeIf6HngQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 8ae4a1d98aae81ea-SIN
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H3 404 favicon.ico
vpn.xiaonainiu.filegear-sg.me/ 9 B
424 B 14ms
13ms Other
text/plain 172.67.131.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.xiaonainiu.filegear-sg.me/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31

Request headers

Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 06:11:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQHdB66n73HrTdcco%2FF4AHtMap2JmVs6a6hJZzk7tOYDJ6orO%2BKLQV7ybslNTiNdUi%2FWlHjOA7f2OZxAy7G0mAs2%2Fpi27dmEqfqcEYmZ21mR%2FQUAxp5CFktLD83KuB0HLmKURqSG6JCweKvL9ZNsCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 8ae4a1d99ac581ea-SIN
alt-svc: h3=":443"; ma=86400
content-length: 9

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
293 B 239ms
237ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vpn.xiaonainiu.filegear-sg.me/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vpn.xiaonainiu.filegear-sg.me
Date: Mon, 05 Aug 2024 06:11:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 07:19:34	Name: CLID Value: 16910639727247ed8beb4b617b495f18.20240805.20250805
.xiaonainiu.filegear-sg.me/	1970-01-21 07:19:34	Name: _clck Value: rhekhs%7C2%7Cfo2%7C0%7C1678
.xiaonainiu.filegear-sg.me/	1970-01-20 22:35:24	Name: _clsk Value: 13mwqdz%7C1722838311331%7C1%7C1%7Cu.clarity.ms%2Fcollect
vpn.xiaonainiu.filegear-sg.me/	1970-01-21 07:59:53	Name: _pk_id.3.db1f Value: 08e2b1cf32053d9a.1722838312.
vpn.xiaonainiu.filegear-sg.me/	1970-01-20 22:34:00	Name: _pk_ses.3.db1f Value: 1
.bing.com/	1970-01-21 07:55:34	Name: MUID Value: 248CD42721B86BA9299EC0F520B96A09
.c.bing.com/	1970-01-20 22:44:03	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:55:34	Name: SRM_B Value: 248CD42721B86BA9299EC0F520B96A09
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:55:34	Name: MUID Value: 248CD42721B86BA9299EC0F520B96A09
.c.clarity.ms/	1970-01-20 22:44:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:33:58	Name: ANONCHK Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vpn.xiaonainiu.filegear-sg.me/assets/ui-D8Rog_6B.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.xiaonainiu.filegear-sg.me/assets/index-Co0HO7ek.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.xiaonainiu.filegear-sg.me/assets/libs-C2xrR1NN.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.xiaonainiu.filegear-sg.me/assets/react-Br6nzd0F.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.xiaonainiu.filegear-sg.me/assets/ui-DNZBGJ5q.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.xiaonainiu.filegear-sg.me/assets/index-_FB0E_qO.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.xiaonainiu.filegear-sg.me/static/logo.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.xiaonainiu.filegear-sg.me/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
tj.melost.cn
u.clarity.ms
vpn.xiaonainiu.filegear-sg.me
www.clarity.ms
117.72.37.2
172.67.131.67
2606:4700:3033::ac43:8343
2620:1ec:bdf::59
2620:1ec:c11::237
4.227.249.197
52.231.230.148
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
682202cbd2e8e8e00ccebb987c712a0b7ef07734311d57dc6dfc63706ff4e61c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e750b42a38dc14947bb63d5977b813dad80a059652824acd5346b1629580b75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

vpn.xiaonainiu.filegear-sg.me Open in urlscan Pro 2606:4700:3033::ac43:8343 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

94 %HTTPS

43 %IPv6

4 Domains

6 Subdomains

6 IPs

3 Countries

59 kBTransfer

147 kBSize

12 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

12 Cookies

8 Console Messages

Indicators

vpn.xiaonainiu.filegear-sg.me Open in urlscan Pro
2606:4700:3033::ac43:8343 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

43 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

59 kB
Transfer

147 kB
Size

12
Cookies

16 HTTP transactions
0 data transactions