![](/screenshots/6f8ba0b7-6ca5-4e7c-b242-525769743002.png)
xss-vulnerable-login-cstad.hackpi.online
Open in
urlscan Pro
136.228.158.126
Public Scan
Effective URL: https://xss-vulnerable-login-cstad.hackpi.online/login
Submission: On April 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on April 8th 2024. Valid for: 3 months.
This is the only time xss-vulnerable-login-cstad.hackpi.online was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 136.228.158.126 136.228.158.126 | 131207 (SINET-KH ...) (SINET-KH SINET) | |
12 | 1 |
ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH)
PTR: sinet.126.158.228.136.sinet.com.kh
xss-vulnerable-login-cstad.hackpi.online |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
hackpi.online
1 redirects
xss-vulnerable-login-cstad.hackpi.online |
692 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
13 | xss-vulnerable-login-cstad.hackpi.online |
1 redirects
xss-vulnerable-login-cstad.hackpi.online
|
12 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
xss-vulnerable-login-cstad.hackpi.online R3 |
2024-04-08 - 2024-07-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://xss-vulnerable-login-cstad.hackpi.online/login
Frame ID: EE5F3A20FA99E647DED35E92B0DF10DB
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/6f8ba0b7-6ca5-4e7c-b242-525769743002.png)
Page Title
ISTAD - Vulnerable - LoginPage URL History Show full URLs
-
https://xss-vulnerable-login-cstad.hackpi.online/
HTTP 307
https://xss-vulnerable-login-cstad.hackpi.online/login Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://xss-vulnerable-login-cstad.hackpi.online/
HTTP 307
https://xss-vulnerable-login-cstad.hackpi.online/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
xss-vulnerable-login-cstad.hackpi.online/ Redirect Chain
|
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c9a5bc6a7c948fb0-s.p.woff2
xss-vulnerable-login-cstad.hackpi.online/_next/static/media/ |
45 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0743cc02ec778272.css
xss-vulnerable-login-cstad.hackpi.online/_next/static/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb9a9af3f6f81ba5.css
xss-vulnerable-login-cstad.hackpi.online/_next/static/css/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-3fc136d9d1ae7cc0.js
xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fd9d1056-54a4589125e24ea9.js
xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/ |
168 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69-8e6d74cbd7b8ba8c.js
xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/ |
110 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-app-211c41536461e7b5.js
xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/ |
462 B 685 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
340-54ac8662d015a9c6.js
xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/ |
35 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-0932ce3c2edd261a.js
xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/app/login/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ISTAD.jpg
xss-vulnerable-login-cstad.hackpi.online/images/ |
480 KB 481 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
xss-vulnerable-login-cstad.hackpi.online/ |
54 KB 55 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| __next_f object| webpackChunk_N_E undefined| _N_E object| next0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
xss-vulnerable-login-cstad.hackpi.online
136.228.158.126
0c26086ed17ec9a024de0cf42869812662b35d096a44651102f85c38ecaeb68b
370f7438552c95a02efed25c73743ea34977664186b5e37e6908afe2640819a3
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3c7701307cf35afe85473d0acb850af10bc8817a0a4ad595e0efcd5b4d96eeef
3dbf992af2107aa477013e9038082b0165ee2ec44d53af39349e313190fbd14b
48952358285d23b311fbda90d835c52396fd5797af95ad5f84bc1d775aa84502
55ee885339378ade31daaea5c43d247e93a39a7c994480a9c7e125c1cecdcf0b
9fb64b9802038a3bf086d03715fef10d76578213201155576edd6863c6576c47
a76c068cf3857b3d68e6a49b85cc7e71ddf0ecdb60dbbf22c5c951e642904201
a7ac5c57282e7158016e8aa140e56bf410dcc61dda1cfb6e046631668354aeef
e4e6fe53df65be067e3737b8d3bfd869a215dd040e1f0c9350596a0087b5a2a3
fc87ee04405c220271e4e4fa14131807d2531bd0bd4516453e34ea5a91bbac31