xss-vulnerable-login-cstad.hackpi.online Open in urlscan Pro
136.228.158.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xss-vulnerable-login-cstad.hackpi.online/
Effective URL:
https://xss-vulnerable-login-cstad.hackpi.online/login
Submission: On April 08 via api (April 8th 2024, 8:40:40 am UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 136.228.158.126, located in Phnom Penh, Cambodia and belongs to SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH. The main domain is xss-vulnerable-login-cstad.hackpi.online.
TLS certificate: Issued by R3 on April 8th 2024. Valid for: 3 months.

This is the only time xss-vulnerable-login-cstad.hackpi.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 13	136.228.158.126 136.228.158.126		131207 (SINET-KH ...) (SINET-KH SINET)
12	1

13 136.228.158.126 (Phnom Penh, Cambodia) 1 redirects

ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH)
PTR: sinet.126.158.228.136.sinet.com.kh

xss-vulnerable-login-cstad.hackpi.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	hackpi.online 1 redirects xss-vulnerable-login-cstad.hackpi.online	692 KB
12	1

	Domain	Requested by
13	xss-vulnerable-login-cstad.hackpi.online	1 redirects xss-vulnerable-login-cstad.hackpi.online
12	1

This site contains no links.

Subject Issuer	Validity	Valid
xss-vulnerable-login-cstad.hackpi.online R3	`2024-04-08` - `2024-07-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xss-vulnerable-login-cstad.hackpi.online/login
Frame ID: EE5F3A20FA99E647DED35E92B0DF10DB
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ISTAD - Vulnerable - Login

Page URL History Show full URLs

https://xss-vulnerable-login-cstad.hackpi.online/ HTTP 307
https://xss-vulnerable-login-cstad.hackpi.online/login Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

692 kB
Transfer

946 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xss-vulnerable-login-cstad.hackpi.online/ HTTP 307
https://xss-vulnerable-login-cstad.hackpi.online/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response xss-vulnerable-login-cstad.hackpi.online/ Redirect Chain https://xss-vulnerable-login-cstad.hackpi.online/ https://xss-vulnerable-login-cstad.hackpi.online/login	7 KB 2 KB	299ms 299ms	Document text/html	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Next.js Resource Hash `fc87ee04405c220271e4e4fa14131807d2531bd0bd4516453e34ea5a91bbac31` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control s-maxage=31536000, stale-while-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Mon, 08 Apr 2024 08:40:33 GMT etag "11iuqsrro7r5r1" server nginx/1.18.0 (Ubuntu) vary RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding x-nextjs-cache HIT x-powered-by Next.js Redirect headers date Mon, 08 Apr 2024 08:40:33 GMT location /login server nginx/1.18.0 (Ubuntu)
GET H2	200	c9a5bc6a7c948fb0-s.p.woff2 xss-vulnerable-login-cstad.hackpi.online/_next/static/media/	45 KB 46 KB	368ms 366ms	Font font/woff2	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2 Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login Origin https://xss-vulnerable-login-cstad.hackpi.online accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"b5d8-18ebc80a263" content-type font/woff2 cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 46552
GET H2	200	0743cc02ec778272.css xss-vulnerable-login-cstad.hackpi.online/_next/static/css/	10 KB 3 KB	366ms 365ms	Stylesheet text/css	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/css/0743cc02ec778272.css Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `3c7701307cf35afe85473d0acb850af10bc8817a0a4ad595e0efcd5b4d96eeef` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login Origin https://xss-vulnerable-login-cstad.hackpi.online accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"2727-18ebc80a267" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	fb9a9af3f6f81ba5.css xss-vulnerable-login-cstad.hackpi.online/_next/static/css/	14 KB 3 KB	366ms 366ms	Stylesheet text/css	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/css/fb9a9af3f6f81ba5.css Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `48952358285d23b311fbda90d835c52396fd5797af95ad5f84bc1d775aa84502` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login Origin https://xss-vulnerable-login-cstad.hackpi.online accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"364a-18ebc80a267" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	webpack-3fc136d9d1ae7cc0.js Show response xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/	4 KB 2 KB	346ms 343ms	Script application/javascript	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/webpack-3fc136d9d1ae7cc0.js Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `0c26086ed17ec9a024de0cf42869812662b35d096a44651102f85c38ecaeb68b` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login Origin https://xss-vulnerable-login-cstad.hackpi.online accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"e1f-18ebc80a267" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	fd9d1056-54a4589125e24ea9.js Show response xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/	168 KB 53 KB	935ms 933ms	Script application/javascript	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/fd9d1056-54a4589125e24ea9.js Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `a76c068cf3857b3d68e6a49b85cc7e71ddf0ecdb60dbbf22c5c951e642904201` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login Origin https://xss-vulnerable-login-cstad.hackpi.online accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"2a09e-18ebc80a267" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	69-8e6d74cbd7b8ba8c.js Show response xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/	110 KB 29 KB	936ms 934ms	Script application/javascript	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/69-8e6d74cbd7b8ba8c.js Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `a7ac5c57282e7158016e8aa140e56bf410dcc61dda1cfb6e046631668354aeef` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login Origin https://xss-vulnerable-login-cstad.hackpi.online accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"1b7dc-18ebc80a267" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	main-app-211c41536461e7b5.js Show response xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/	462 B 685 B	934ms 932ms	Script application/javascript	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/main-app-211c41536461e7b5.js Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `9fb64b9802038a3bf086d03715fef10d76578213201155576edd6863c6576c47` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login Origin https://xss-vulnerable-login-cstad.hackpi.online accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"1ce-18ebc80a263" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 462
GET H2	200	340-54ac8662d015a9c6.js Show response xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/	35 KB 12 KB	935ms 933ms	Script application/javascript	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/340-54ac8662d015a9c6.js Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `370f7438552c95a02efed25c73743ea34977664186b5e37e6908afe2640819a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"8d98-18ebc80a267" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	page-0932ce3c2edd261a.js Show response xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/app/login/	18 KB 7 KB	935ms 933ms	Script application/javascript	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/_next/static/chunks/app/login/page-0932ce3c2edd261a.js Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `55ee885339378ade31daaea5c43d247e93a39a7c994480a9c7e125c1cecdcf0b` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:34 GMT content-encoding gzip last-modified Mon, 08 Apr 2024 06:58:50 GMT server nginx/1.18.0 (Ubuntu) etag W/"489b-18ebc80a263" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable accept-ranges bytes
GET H2	200	ISTAD.jpg xss-vulnerable-login-cstad.hackpi.online/images/	480 KB 481 KB	296ms 296ms	Image image/jpeg	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Show image Full URL https://xss-vulnerable-login-cstad.hackpi.online/images/ISTAD.jpg Requested by Host: xss-vulnerable-login-cstad.hackpi.online URL: https://xss-vulnerable-login-cstad.hackpi.online/_next/static/css/0743cc02ec778272.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `e4e6fe53df65be067e3737b8d3bfd869a215dd040e1f0c9350596a0087b5a2a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/_next/static/css/0743cc02ec778272.css accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Apr 2024 08:40:35 GMT last-modified Sun, 07 Apr 2024 08:50:13 GMT server nginx/1.18.0 (Ubuntu) etag W/"780c9-18eb7c040ae" content-type image/jpeg cache-control public, max-age=0 accept-ranges bytes content-length 491721
GET H2	200	favicon.ico xss-vulnerable-login-cstad.hackpi.online/	54 KB 55 KB	298ms 297ms	Other image/x-icon	136.228.158.126 SINET-KH SINET
General Check archive.org Show headers Download Go to Full URL https://xss-vulnerable-login-cstad.hackpi.online/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 136.228.158.126 Phnom Penh, Cambodia, ASN131207 (SINET-KH SINET, Cambodias specialist Internet and Telecom Service Provider., KH), Reverse DNS sinet.126.158.228.136.sinet.com.kh Software nginx/1.18.0 (Ubuntu) / Resource Hash `3dbf992af2107aa477013e9038082b0165ee2ec44d53af39349e313190fbd14b` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://xss-vulnerable-login-cstad.hackpi.online/login accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nextjs-cache HIT date Mon, 08 Apr 2024 08:40:36 GMT cache-control public, max-age=0, must-revalidate server nginx/1.18.0 (Ubuntu) vary RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url content-type image/x-icon

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __next_f object| webpackChunk_N_E undefined| _N_E object| next

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://xss-vulnerable-login-cstad.hackpi.online/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

xss-vulnerable-login-cstad.hackpi.online
136.228.158.126
0c26086ed17ec9a024de0cf42869812662b35d096a44651102f85c38ecaeb68b
370f7438552c95a02efed25c73743ea34977664186b5e37e6908afe2640819a3
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3c7701307cf35afe85473d0acb850af10bc8817a0a4ad595e0efcd5b4d96eeef
3dbf992af2107aa477013e9038082b0165ee2ec44d53af39349e313190fbd14b
48952358285d23b311fbda90d835c52396fd5797af95ad5f84bc1d775aa84502
55ee885339378ade31daaea5c43d247e93a39a7c994480a9c7e125c1cecdcf0b
9fb64b9802038a3bf086d03715fef10d76578213201155576edd6863c6576c47
a76c068cf3857b3d68e6a49b85cc7e71ddf0ecdb60dbbf22c5c951e642904201
a7ac5c57282e7158016e8aa140e56bf410dcc61dda1cfb6e046631668354aeef
e4e6fe53df65be067e3737b8d3bfd869a215dd040e1f0c9350596a0087b5a2a3
fc87ee04405c220271e4e4fa14131807d2531bd0bd4516453e34ea5a91bbac31

xss-vulnerable-login-cstad.hackpi.online Open in urlscan Pro 136.228.158.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

692 kBTransfer

946 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

xss-vulnerable-login-cstad.hackpi.online Open in urlscan Pro
136.228.158.126 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

692 kB
Transfer

946 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions