urlscan.io logo urlscan.io
SecurityTrails logo

agen618.online Open in urlscan Pro
209.172.2.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cipai.pages.dev/
Effective URL: https://agen618.online/cgi-sys/suspendedpage.cgi?page=daftar
Submission Tags: @phish_report
Submission: On June 16 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 209.172.2.130, located in Wilmington, United States and belongs to ORANGEHOST, US. The main domain is agen618.online.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 28th 2024. Valid for: 3 months.
This is the only time agen618.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.66.44.213 13335 (CLOUDFLAR...)
2 4 209.172.2.130 19853 (ORANGEHOST)
4 2
Apex Domain
Subdomains		 Transfer
4 agen618.online
agen618.online
812 B
2 pages.dev
cipai.pages.dev
1 KB
4 2
Domain Requested by
4 agen618.online 2 redirects
2 cipai.pages.dev
4 2

This site contains no links.

Subject Issuer Validity Valid
cipai.pages.dev
GTS CA 1P5		 2024-06-03 -
2024-09-01		 3 months crt.sh
agen618.online.adminkatak.xyz
cPanel, Inc. Certification Authority		 2024-05-28 -
2024-08-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://agen618.online/cgi-sys/suspendedpage.cgi?page=daftar
Frame ID: 6D17D40EADDDE9043BBDF25AB73471AF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Account Suspended

Page URL History Show full URLs

  1. https://cipai.pages.dev/ Page URL
  2. https://agen618.online/dekstop/index.php?page=daftar HTTP 302
    https://agen618.online/cgi-sys/suspendedpage.cgi?page=daftar Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2 kB
Transfer

1 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cipai.pages.dev/ Page URL
  2. https://agen618.online/dekstop/index.php?page=daftar HTTP 302
    https://agen618.online/cgi-sys/suspendedpage.cgi?page=daftar Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://agen618.online/favicon.ico HTTP 302
  • https://agen618.online/cgi-sys/suspendedpage.cgi

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cipai.pages.dev/ 		337 B
702 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cipai.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71fd445ad1b59aa8b587066d7d8842a517f3c7d24defdd9071d99fbfe139a929
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
894ad2c4bf1d70f9-HEL
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 12:32:34 GMT
etag
W/"82a2960f0259a4fc9a4ee3985e93fdcf"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lsaa%2BUZSi4sob3%2FIxURyglggG0IbMVpLRsyuou9GeoxyCS2WssraFeszmdK37TT6HOtVLkclCsR7xKU%2Fm%2FkQE3XzAiNmCL8QRQngaIHVMjxIYilC8l1yyj0re1YDAfsnunM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
Primary Request suspendedpage.cgi
agen618.online/cgi-sys/
Redirect Chain
  • https://agen618.online/dekstop/index.php?page=daftar
  • https://agen618.online/cgi-sys/suspendedpage.cgi?page=daftar
134 B
156 B 		Document
General
Check archive.org
Download Go to
Full URL
https://agen618.online/cgi-sys/suspendedpage.cgi?page=daftar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.172.2.130 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS
host130.securelyhosted.com
Software
/
Resource Hash
75c115a16905e7faa1cad785a55e0fa3dc0a5684881ef04e18741f3b4d21e412

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://cipai.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html
date
Sun, 16 Jun 2024 12:32:33 GMT
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
771
content-type
text/html
date
Sun, 16 Jun 2024 12:32:33 GMT
location
https://agen618.online/cgi-sys/suspendedpage.cgi?page=daftar
favicon.ico
cipai.pages.dev/ 		337 B
665 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cipai.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cipai.pages.dev/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:32:34 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"82a2960f0259a4fc9a4ee3985e93fdcf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=40k61nJEIvD2UXMvXSCpG%2FjoAJ3kQ4tySLJ1ixi2Y64mWLxzrAGWHUsj6WUFV65C9B2M6y15oo%2BLVN9lAT9BdSFK%2Fe0iKmCKHvus6z2QuXlC2b%2FOS6DjoN2TTIjM6tya2vY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
894ad2c54f6970f9-HEL
alt-svc
h3=":443"; ma=86400
suspendedpage.cgi
agen618.online/cgi-sys/
Redirect Chain
  • https://agen618.online/favicon.ico
  • https://agen618.online/cgi-sys/suspendedpage.cgi
134 B
127 B 		Other
General
Check archive.org
Download Go to
Full URL
https://agen618.online/cgi-sys/suspendedpage.cgi
Protocol
H3
Server
209.172.2.130 Wilmington, United States, ASN19853 (ORANGEHOST, US),
Reverse DNS
host130.securelyhosted.com
Software
/
Resource Hash
75c115a16905e7faa1cad785a55e0fa3dc0a5684881ef04e18741f3b4d21e412

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://agen618.online/cgi-sys/suspendedpage.cgi?page=daftar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 16 Jun 2024 12:32:33 GMT
content-encoding
br
vary
Accept-Encoding
content-type
text/html

Redirect headers

location
https://agen618.online/cgi-sys/suspendedpage.cgi
date
Sun, 16 Jun 2024 12:32:33 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
771
content-type
text/html

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agen618.online
cipai.pages.dev
172.66.44.213
209.172.2.130
71fd445ad1b59aa8b587066d7d8842a517f3c7d24defdd9071d99fbfe139a929
75c115a16905e7faa1cad785a55e0fa3dc0a5684881ef04e18741f3b4d21e412