urlscan.io logo urlscan.io
SecurityTrails logo

nikmat.canduhappywater.st Open in urlscan Pro
198.251.80.157  Public Scan

Go To Rescan Add Verdict Report
URL: https://nikmat.canduhappywater.st/ni-na-me-ai-da.html?ipon=IBLBET%20WAP
Submission Tags: @phish_report
Submission: On August 22 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 198.251.80.157, located in Las Vegas, United States and belongs to PONYNET, US. The main domain is nikmat.canduhappywater.st.
TLS certificate: Issued by R10 on August 5th 2024. Valid for: 3 months.
This is the only time nikmat.canduhappywater.st was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.251.80.157 53667 (PONYNET)
4 8.211.36.181 45102 (ALIBABA-C...)
1 ()
6 4
Apex Domain
Subdomains		 Transfer
4 chaitin.com
waf.chaitin.com
144 KB
2 canduhappywater.st
nikmat.canduhappywater.st
1 KB
6 2
Domain Requested by
4 waf.chaitin.com nikmat.canduhappywater.st
waf.chaitin.com
2 nikmat.canduhappywater.st waf.chaitin.com
6 2

This site contains no links.

Subject Issuer Validity Valid
nikmat.canduhappywater.st
R10		 2024-08-05 -
2024-11-03		 3 months crt.sh
waf.chaitin.com
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nikmat.canduhappywater.st/ni-na-me-ai-da.html?ipon=IBLBET%20WAP
Frame ID: 3B35BCAB57A02A0ED0B324FFCA5396CF
Requests: 7 HTTP requests in this frame

Frame: blob://https://nikmat.canduhappywater.st/ee140172-9142-4c3a-ae77-873c4ee057a0
Frame ID: 1D3B49A829A675D5F9DC77C7CB9727BA
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: FA020AF7700351D965F75F4F9A9DCF81
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

146 kB
Transfer

193 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ni-na-me-ai-da.html
nikmat.canduhappywater.st/ 		842 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nikmat.canduhappywater.st/ni-na-me-ai-da.html?ipon=IBLBET%20WAP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
198.251.80.157 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
/
Resource Hash
a5b8817f3b5526b975e07c5f5f3b1be763628b2310f5255b9b0ca832761fce81

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

CDN-Cache-Control
no-cache, no-store
Cache-Control
no-cache, no-store
Connection
close
Content-Length
842
Content-Type
text/html
Date
Thu, 22 Aug 2024 10:40:05 GMT
index.html
waf.chaitin.com/captcha/api/ 		656 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waf.chaitin.com/captcha/api/index.html?0.2725380744020691
Requested by
Host: nikmat.canduhappywater.st
URL: https://nikmat.canduhappywater.st/ni-na-me-ai-da.html?ipon=IBLBET%20WAP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.211.36.181 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.27.0 /
Resource Hash
45018709835a62d94f35eea92b43c8c3554ed823a484a7ceacde1b352c63d315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nikmat.canduhappywater.st/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 22 Aug 2024 10:40:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Server
nginx/1.27.0
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
sdk.js
waf.chaitin.com/captcha/api/ 		142 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waf.chaitin.com/captcha/api/sdk.js
Requested by
Host: nikmat.canduhappywater.st
URL: https://nikmat.canduhappywater.st/ni-na-me-ai-da.html?ipon=IBLBET%20WAP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.211.36.181 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.27.0 /
Resource Hash
a424a7d0fbe16c3e51d7553101400be1e38593dd1fe277e8ec4cc49cb65ae60d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nikmat.canduhappywater.st/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 22 Aug 2024 10:40:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Mon, 29 Jul 2024 13:46:12 GMT
Server
nginx/1.27.0
ETag
"66a79d24-2370e"
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145166
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80db373721f61d03942c5b6857cfd0bf41f1b23c2192a88e12a602492513996c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a663c6bf2e22d68f2836b8d3684420ff1b8c087fdf4b09e84eaf4ff777932f0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
seed
waf.chaitin.com/captcha/api/ 		48 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://waf.chaitin.com/captcha/api/seed?once_id=47f36bd30dfd4775aed4bb978d47f934_6&v=1.0.0&hints=permHook,vendor,languages,webDriverValue,headless,webdriver,globalThis
Requested by
Host: waf.chaitin.com
URL: https://waf.chaitin.com/captcha/api/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.211.36.181 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.27.0 /
Resource Hash
a1a620ec60a5b36a729a12689d49b62b2b948683e485945048ffc07930c2e662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nikmat.canduhappywater.st/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Aug 2024 10:40:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx/1.27.0
Connection
keep-alive
Content-Length
48
Content-Type
application/json; charset=utf-8
ee140172-9142-4c3a-ae77-873c4ee057a0
https://nikmat.canduhappywater.st/ Frame 1D3B 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://nikmat.canduhappywater.st/ee140172-9142-4c3a-ae77-873c4ee057a0
Requested by
Host: waf.chaitin.com
URL: https://waf.chaitin.com/captcha/api/sdk.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83e3416117cb409825258f3ec2e3d7ef4ebc0cee84419279042fb792775381d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
1601
Content-Type
text/html
truncated
/ Frame FA02 		158 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d6f921b6fc1f7ec2d5c4d366bcc5a4cc21af3ec253d0e2db5e298ad77b2772b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/html
inspect
waf.chaitin.com/captcha/api/ 		912 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://waf.chaitin.com/captcha/api/inspect?seed=b2usCPAK
Requested by
Host: waf.chaitin.com
URL: https://waf.chaitin.com/captcha/api/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.211.36.181 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.27.0 /
Resource Hash
4ee881274e5d76b0f628ffaacf37c89926f1b1c93603c76253e16d0621b21e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nikmat.canduhappywater.st/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Aug 2024 10:40:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx/1.27.0
Connection
keep-alive
Content-Length
912
Content-Type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| captcha function| run object| $Recap

1 Cookies

Domain/Path Name / Value
nikmat.canduhappywater.st/ Name: sl-session
Value: /PBpQQVnyGbc7TE/cg70ew==