www.geizaizen.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://geizaizen.xyz/
Effective URL:
https://www.geizaizen.xyz/
Submission Tags: falconsandbox
Submission: On October 11 via api (October 11th 2024, 3:20:47 am UTC) from US — Scanned from NL

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.geizaizen.xyz.
TLS certificate: Issued by WE1 on October 11th 2024. Valid for: 3 months.

This is the only time www.geizaizen.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:bdf::64 2620:1ec:bdf::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	4

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

geizaizen.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.geizaizen.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

www.geizaizen.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	geizaizen.xyz 1 redirects geizaizen.xyz www.geizaizen.xyz	44 KB
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 x.clarity.ms — Cisco Umbrella Rank: 6487	28 KB
9	2

	Domain	Requested by
5	www.geizaizen.xyz	www.geizaizen.xyz
2	x.clarity.ms	www.clarity.ms
2	www.clarity.ms	www.geizaizen.xyz www.clarity.ms
1	geizaizen.xyz	1 redirects
9	4

This site contains links to these domains. Also see Links.

Domain
103.179.148.53

Subject Issuer	Validity	Valid
geizaizen.xyz WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.geizaizen.xyz/
Frame ID: 067F01883C318926DBAEB3D2D01A9767
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

文萍小说网 - 成人文学,性愛淫書,家庭倫理亂倫小說,学生校园,全部免费阅读

Page URL History Show full URLs

https://geizaizen.xyz/ HTTP 302
http://www.geizaizen.xyz/ HTTP 307
https://www.geizaizen.xyz/ Page URL

Page Statistics

9
Requests

100 %
HTTPS

40 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

72 kB
Transfer

178 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://103.179.148.53:33811/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://geizaizen.xyz/ HTTP 302
http://www.geizaizen.xyz/ HTTP 307
https://www.geizaizen.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.geizaizen.xyz/ Redirect Chain https://geizaizen.xyz/ http://www.geizaizen.xyz/ https://www.geizaizen.xyz/	88 KB 24 KB	2039ms 1984ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.geizaizen.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `62d7953ef8c8a60c232ca74da859e01d017a56552193da5095898dfbf4518bb3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-allow-origin * access-control-max-age 1800 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d0bb73749c2775d-AMS content-encoding zstd content-type text/html; charset=utf-8 date Fri, 11 Oct 2024 03:20:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cyIcjhd8%2Fa%2BnnKz3Y2GbVOTW4thTVZWEgGpksqBmKFW2kzgwyYVELqpyxXfy3KYq0A6HlGSFunUk6lS%2BDbeIGHiYMi0ERXbVnjQ%2FP5K%2FHyztnXW1HefIQVb%2Bne8kMIZ%2BgaHdu06qxYFiGdUKz1T1A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding Redirect headers Location https://www.geizaizen.xyz/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	speculation www.geizaizen.xyz/cdn-cgi/	128 B 482 B	29ms 23ms	Other application/speculationrules+json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.geizaizen.xyz/cdn-cgi/speculation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.geizaizen.xyz Referer https://www.geizaizen.xyz/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tR0ye%2FUFtg5WRyz2k6NsNz8fSGb3zR%2BYLIQeyglcQKYO65SP97ign6lHOejLpVPYw%2BCV8jRiIZl%2BDXOQdVAO8j23eN%2FrtpaEga0jVomFydoC5D%2Bf372tniss%2B3ZSuUT6PElVE13teAr9raBe6395%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d0bb743c934775d-AMS access-control-allow-origin https://www.geizaizen.xyz alt-svc h3=":443"; ma=86400 content-length 128 date Fri, 11 Oct 2024 03:20:42 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H2	200	common.js Show response www.geizaizen.xyz/template/	11 KB 4 KB	88ms 84ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.geizaizen.xyz/template/common.js Requested by Host: www.geizaizen.xyz URL: https://www.geizaizen.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `10454e5bb84d0ba8d890f8eabe48cd7b7f2e07c35e83ef7368909e79168a09a6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.geizaizen.xyz/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"66e4f851-2d51" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42uvHwL77W42H%2BjKnFbESQfKCaTnGc5XsfCFRjIctAUi2yX23dsvAIrPjWshNbzDmEOuczJiN5ZZ09nwClYhFZcxSgUjdIgpHjEPJf8YaKLxqqS2JMAMNStkEP0sNwaOuNRMRNkELe6zZM%2FnmlMWmA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d0bb743c933775d-AMS expires Fri, 11 Oct 2024 15:20:42 GMT alt-svc h3=":443"; ma=86400 date Fri, 11 Oct 2024 03:20:42 GMT content-type application/javascript last-modified Sat, 14 Sep 2024 02:43:29 GMT vary Accept-Encoding server cloudflare
GET H2	200	n0j3z9fwvh Show response www.clarity.ms/tag/	567 B 822 B	277ms 187ms	Script application/x-javascript	2620:1ec:bdf::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/n0j3z9fwvh Requested by Host: www.geizaizen.xyz URL: https://www.geizaizen.xyz/template/common.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `e39c1d1bf295c58e37c1af26f894a1ffef6d6ef735aed5838eacf15715cb3afd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.geizaizen.xyz/ Response headers cache-control no-cache, no-store request-context appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2 expires -1 accept-ranges bytes x-cache CONFIG_NOCACHE content-length 567 date Fri, 11 Oct 2024 03:20:43 GMT content-type application/x-javascript x-azure-ref 20241011T032043Z-16456d9fcf7ptjnkp93dgd1a4s0000000n5000000000a9pk
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.48/	64 KB 27 KB	35ms 34ms	Script application/javascript	2620:1ec:bdf::64 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.48/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/n0j3z9fwvh Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.geizaizen.xyz/ Response headers x-azure-ref 20241011T032043Z-16456d9fcf7ptjnkp93dgd1a4s0000000n5000000000a9pr cache-control public, max-age=86400 x-ms-version 2018-03-28 content-encoding br etag W/"0x8DCE7BC2B1268DE" x-fd-int-roxy-purgeid 51562430 x-ms-request-id 7c31dd59-101e-0028-345c-1a4f73000000 access-control-allow-origin * x-cache TCP_HIT date Fri, 11 Oct 2024 03:20:43 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding last-modified Tue, 08 Oct 2024 17:10:54 GMT
GET H3	200	8c87ae581b9138113df0a34abc9c87d8.gif www.geizaizen.xyz/static/	13 KB 14 KB	80ms 80ms	Image image/gif	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.geizaizen.xyz/static/8c87ae581b9138113df0a34abc9c87d8.gif Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1076fadff92df9f60a802337d1e9eb6a2b2cc6cc39acfaea3c7784d9a0c26d87` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.geizaizen.xyz/ Response headers cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66db5d62-34b3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZG27RxuFDpZE5fmLQDp7HdjRri60Iq2d94%2FSZD4HeNsrW2XvzhbYLmBlJsXNQZKHsKHUUVaLphsUtvH%2BygI%2FqqTGbqofvOtf7f1GRZznwcRMeg8VNVjtCsfLmawAIQIIYx9%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d0bb7471a0893be-AMS expires Sun, 10 Nov 2024 03:20:43 GMT accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 13491 date Fri, 11 Oct 2024 03:20:43 GMT content-type image/gif last-modified Fri, 06 Sep 2024 19:52:02 GMT vary Accept-Encoding server cloudflare
GET H3	404	favicon.ico www.geizaizen.xyz/	548 B 615 B	720ms 720ms	Other text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.geizaizen.xyz/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.geizaizen.xyz/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KszfERUVV89Qi1%2BaX0dDbIJO2yMiRnd5Tk%2FNOsgHDP5fjhS91tB%2BgMovj8VLpnPvKNPio5Hf09jEHVWvJHYYU%2FMMMKB%2Bq6AMQrIGBGAlX0ERLTlaFakjGCIm9oMocFBS59jhsQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d0bb7472a1093be-AMS alt-svc h3=":443"; ma=86400 date Fri, 11 Oct 2024 03:20:44 GMT content-type text/html vary Accept-Encoding server cloudflare
POST H/1.1	204 No Content	collect Show response x.clarity.ms/	0 281 B	431ms 214ms	XHR text/plain	20.114.190.119 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://x.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.48/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/x-clarity-gzip Referer https://www.geizaizen.xyz/ Response headers Request-Context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78 Access-Control-Allow-Origin https://www.geizaizen.xyz Date Fri, 11 Oct 2024 03:20:43 GMT Vary Origin Server nginx Connection keep-alive Access-Control-Allow-Credentials true
POST H/1.1	204 No Content	collect Show response x.clarity.ms/	0 281 B	105ms 103ms	XHR text/plain	20.114.190.119 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://x.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.48/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/x-clarity-gzip Referer https://www.geizaizen.xyz/ Response headers Request-Context appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78 Access-Control-Allow-Origin https://www.geizaizen.xyz Date Fri, 11 Oct 2024 03:20:45 GMT Vary Origin Server nginx Connection keep-alive Access-Control-Allow-Credentials true

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.geizaizen.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3f73d8bd3f28162b7d33d9a1035766fc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.geizaizen.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

geizaizen.xyz
www.clarity.ms
www.geizaizen.xyz
x.clarity.ms
188.114.96.3
188.114.97.3
20.114.190.119
2620:1ec:bdf::64
2a06:98c1:3120::3
10454e5bb84d0ba8d890f8eabe48cd7b7f2e07c35e83ef7368909e79168a09a6
1076fadff92df9f60a802337d1e9eb6a2b2cc6cc39acfaea3c7784d9a0c26d87
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4
62d7953ef8c8a60c232ca74da859e01d017a56552193da5095898dfbf4518bb3
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e39c1d1bf295c58e37c1af26f894a1ffef6d6ef735aed5838eacf15715cb3afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.geizaizen.xyz Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

40 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

72 kBTransfer

178 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.geizaizen.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

40 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

72 kB
Transfer

178 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions