urlscan.io logo urlscan.io
SecurityTrails logo

wanglaoji.st Open in urlscan Pro
204.12.203.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.google.co.id/amp/s/wanglaoji.st/sasuke/amp1.html%3fbagus=TOTO12
Effective URL: https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12
Submission Tags: @phish_report
Submission: On August 31 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 204.12.203.57, located in United States and belongs to WII, US. The main domain is wanglaoji.st.
TLS certificate: Issued by wanglaoji.st.news.ac.id on August 31st 2024. Valid for: a year.
This is the only time wanglaoji.st was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.250.184.227 15169 (GOOGLE)
1 204.12.203.57 32097 (WII)
4 8.211.36.181 45102 (ALIBABA-C...)
5 4
Apex Domain
Subdomains		 Transfer
4 chaitin.com
waf.chaitin.com
144 KB
1 wanglaoji.st
wanglaoji.st
1001 B
1 google.co.id
www.google.co.id — Cisco Umbrella Rank: 2753
996 B
5 3
Domain Requested by
4 waf.chaitin.com wanglaoji.st
waf.chaitin.com
1 wanglaoji.st
1 www.google.co.id 1 redirects
5 3

This site contains links to these domains. Also see Links.

Domain
waf.chaitin.com
Subject Issuer Validity Valid
wanglaoji.st.news.ac.id
wanglaoji.st.news.ac.id		 2024-08-31 -
2025-08-31		 a year crt.sh
waf.chaitin.com
E5		 2024-08-22 -
2024-11-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12
Frame ID: F477C14FA22846C35AA3505F7DF1A734
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2B4C8781CF33BF34BA5F8BA6BEE196FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://www.google.co.id/amp/s/wanglaoji.st/sasuke/amp1.html%3fbagus=TOTO12 HTTP 302
    https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12 Page URL

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

145 kB
Transfer

191 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.google.co.id/amp/s/wanglaoji.st/sasuke/amp1.html%3fbagus=TOTO12 HTTP 302
    https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request amp1.html
wanglaoji.st/sasuke/
Redirect Chain
  • https://www.google.co.id/amp/s/wanglaoji.st/sasuke/amp1.html%3fbagus=TOTO12
  • https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12
776 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.12.203.57 , United States, ASN32097 (WII, US),
Reverse DNS
Software
/
Resource Hash
f13898518d4f6c657838cc4839c1bba0beafa7435ad4e039b4a6a20d1f0ee4b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Connection
close
Content-Length
776
Content-Type
text/html
Date
Sat, 31 Aug 2024 09:24:15 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
247
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-VDsrIBvZvtTAKxIb72C5Jw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/clkf
content-type
text/html; charset=UTF-8
date
Sat, 31 Aug 2024 09:24:14 GMT
location
https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
server
gws
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
0
index.html
waf.chaitin.com/captcha/api/ 		656 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waf.chaitin.com/captcha/api/index.html?0.983675828330947
Requested by
Host: wanglaoji.st
URL: https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.211.36.181 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.27.0 /
Resource Hash
45018709835a62d94f35eea92b43c8c3554ed823a484a7ceacde1b352c63d315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wanglaoji.st/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 09:24:16 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Server
nginx/1.27.0
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
sdk.js
waf.chaitin.com/captcha/api/ 		142 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waf.chaitin.com/captcha/api/sdk.js
Requested by
Host: wanglaoji.st
URL: https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.211.36.181 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.27.0 /
Resource Hash
a424a7d0fbe16c3e51d7553101400be1e38593dd1fe277e8ec4cc49cb65ae60d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wanglaoji.st/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 09:24:16 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Mon, 29 Jul 2024 13:46:12 GMT
Server
nginx/1.27.0
ETag
"66a79d24-2370e"
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145166
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80db373721f61d03942c5b6857cfd0bf41f1b23c2192a88e12a602492513996c

Request headers

Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a663c6bf2e22d68f2836b8d3684420ff1b8c087fdf4b09e84eaf4ff777932f0

Request headers

Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
seed
waf.chaitin.com/captcha/api/ 		48 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waf.chaitin.com/captcha/api/seed?once_id=f2126a35abf34122ad7c5d1c9c0a66cb_4&v=1.0.0&hints=permHook,languages,headless,webDriverValue,globalThis,vendor,webdriver
Requested by
Host: waf.chaitin.com
URL: https://waf.chaitin.com/captcha/api/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.211.36.181 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.27.0 /
Resource Hash
dff128741785d5925968a85875dce04aa6d95db753b5e3cf7692e8801f2db93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wanglaoji.st/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 31 Aug 2024 09:24:17 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx/1.27.0
Connection
keep-alive
Content-Length
48
Content-Type
application/json; charset=utf-8
truncated
/ Frame 2B4C 		158 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d6f921b6fc1f7ec2d5c4d366bcc5a4cc21af3ec253d0e2db5e298ad77b2772b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
text/html
inspect
waf.chaitin.com/captcha/api/ 		912 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waf.chaitin.com/captcha/api/inspect?seed=24Wkc3VN
Requested by
Host: waf.chaitin.com
URL: https://waf.chaitin.com/captcha/api/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.211.36.181 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.27.0 /
Resource Hash
15588290cd4cbd544c1409de13991c20469dd273b0bb7ff7643d7fc2e2bde030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wanglaoji.st/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 31 Aug 2024 09:24:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx/1.27.0
Connection
keep-alive
Content-Length
912
Content-Type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| captcha function| run object| $Recap

2 Cookies

Domain/Path Name / Value
.google.co.id/ Name: __Secure-ENID
Value: 22.SE=S4xX0moK-9RqtkJXSPBZLEYBWj9ay64_YUXlZ95wH6dzlAtLEy41QsdCKl3HryiP-R4_xE_hAdnyEst7C4tvhestfRL52HjFVZJ4Xuy_S4C9OxhjYcON4pGXFbS_TVXJkr7oi6nLAc0ybWNOmFmbNPs3y2mK5o2Td9zLh89brGG3ypSc7579I8RzsJsZlvkpliuqnAkI6tJdoeWrBNZJeCArUo3u
wanglaoji.st/ Name: sl-session
Value: 4wZ8Y78y1GZVvXoR0zbvcw==

1 Console Messages

Source Level URL
Text
network error URL: https://wanglaoji.st/sasuke/amp1.html?bagus=TOTO12
Message:
Failed to load resource: the server responded with a status of 468 ()