robinhood-crypto-wallet.free.nf Open in urlscan Pro
185.27.134.34 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://robinhood-crypto-wallet.free.nf/?i=1
Effective URL:
https://robinhood-crypto-wallet.free.nf/?i=2
Submission: On June 19 via api (June 19th 2024, 6:07:20 pm UTC) from US — Scanned from GB

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 185.27.134.34, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is robinhood-crypto-wallet.free.nf.
TLS certificate: Issued by WR1 on June 19th 2024. Valid for: 3 months.

This is the only time robinhood-crypto-wallet.free.nf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Robinhood (Financial)

Domain & IP information

	IP Address	AS Autonomous System
5	185.27.134.34 185.27.134.34	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
2	13.227.219.5 13.227.219.5	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.100 108.156.60.100	16509 (AMAZON-02) (AMAZON-02)
14	4

5 185.27.134.34 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

robinhood-crypto-wallet.free.nf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.219.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-5.ams54.r.cloudfront.net

cdn.robinhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-100.ams1.r.cloudfront.net

robinhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	free.nf robinhood-crypto-wallet.free.nf	20 KB
3	robinhood.com cdn.robinhood.com — Cisco Umbrella Rank: 17801 robinhood.com — Cisco Umbrella Rank: 6465	412 KB
0	moy.su Failed apps-obinhood-crypto-wallet.moy.su Failed
14	3

	Domain	Requested by
5	robinhood-crypto-wallet.free.nf	robinhood-crypto-wallet.free.nf
2	cdn.robinhood.com	robinhood-crypto-wallet.free.nf
1	robinhood.com
0	apps-obinhood-crypto-wallet.moy.su Failed	robinhood-crypto-wallet.free.nf
14	4

This site contains no links.

Subject Issuer	Validity	Valid
robinhood-crypto-wallet.free.nf WR1	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.robinhood.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-18` - `2025-02-17`	a year	crt.sh
robinhood.com Amazon RSA 2048 M03	`2024-02-06` - `2025-03-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://robinhood-crypto-wallet.free.nf/?i=2
Frame ID: 11946F48E6EBA99E6FF2F6CC08C8A330
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | Robinhood

Page URL History Show full URLs

https://robinhood-crypto-wallet.free.nf/?i=1 Page URL
https://robinhood-crypto-wallet.free.nf/?i=2 Page URL

Page Statistics

14
Requests

57 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

433 kB
Transfer

590 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://robinhood-crypto-wallet.free.nf/?i=1 Page URL
https://robinhood-crypto-wallet.free.nf/?i=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response robinhood-crypto-wallet.free.nf/	843 B 701 B	568ms 33ms	Document text/html	185.27.134.34 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://robinhood-crypto-wallet.free.nf/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.34 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `189d03682a6da08401278a20afadc730ed0048e8988a4cd2eaa054a36f6fc1fe` Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-cache Connection keep-alive Content-Encoding br Content-Type text/html Date Wed, 19 Jun 2024 18:07:13 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	aes.js Show response robinhood-crypto-wallet.free.nf/	13 KB 5 KB	31ms 31ms	Script application/javascript	185.27.134.34 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://robinhood-crypto-wallet.free.nf/aes.js Requested by Host: robinhood-crypto-wallet.free.nf URL: https://robinhood-crypto-wallet.free.nf/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.34 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://robinhood-crypto-wallet.free.nf/?i=1 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 19 Jun 2024 18:07:13 GMT Content-Encoding br Last-Modified Mon, 30 Oct 2023 22:35:04 GMT Server nginx ETag W/"65402f98-35a5" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	Primary Request / Show response robinhood-crypto-wallet.free.nf/	9 KB 2 KB	47ms 46ms	Document text/html	185.27.134.34 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://robinhood-crypto-wallet.free.nf/?i=2 Requested by Host: robinhood-crypto-wallet.free.nf URL: https://robinhood-crypto-wallet.free.nf/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.34 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `67bdd4ee5781262d8dcc6f78120d0d07f6f277c57aabdd4a3e38a023828124c0` Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer https://robinhood-crypto-wallet.free.nf/?i=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control max-age=2592000, public, proxy-revalidate Connection keep-alive Content-Encoding br Content-Type text/html; charset=UTF-8 Date Wed, 19 Jun 2024 18:07:13 GMT ETag W/"2529-61b41443466c8" Expires Fri, 19 Jul 2024 18:07:13 GMT Last-Modified Wed, 19 Jun 2024 17:09:51 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	legacyStyles.54f4576ded752cf2cfa8.css robinhood-crypto-wallet.free.nf/	94 KB 9 KB	35ms 35ms	Stylesheet text/css	185.27.134.34 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://robinhood-crypto-wallet.free.nf/legacyStyles.54f4576ded752cf2cfa8.css Requested by Host: robinhood-crypto-wallet.free.nf URL: https://robinhood-crypto-wallet.free.nf/?i=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.34 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `549b3e6c4a807afa38716f12c7282c1755d69e3eb6268e1d4f01f817450eda12` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://robinhood-crypto-wallet.free.nf/?i=2 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 19 Jun 2024 18:07:13 GMT Content-Encoding br Last-Modified Wed, 19 Jun 2024 16:46:02 GMT Server nginx ETag W/"17819-61b40ef058448" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, must-revalidate Connection keep-alive Expires Fri, 19 Jul 2024 18:07:13 GMT
GET H/1.1	200 OK	stayle.css robinhood-crypto-wallet.free.nf/	27 KB 3 KB	70ms 33ms	Stylesheet text/css	185.27.134.34 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://robinhood-crypto-wallet.free.nf/stayle.css Requested by Host: robinhood-crypto-wallet.free.nf URL: https://robinhood-crypto-wallet.free.nf/?i=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.34 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `692930bb156108b20c0ec637381a87f3ae168935df7b891c5fa9300cbb182824` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://robinhood-crypto-wallet.free.nf/?i=2 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Wed, 19 Jun 2024 18:07:13 GMT Content-Encoding br Last-Modified Wed, 19 Jun 2024 16:29:14 GMT Server nginx ETag W/"6cda-61b40b2fa7fd0" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, must-revalidate Connection keep-alive Expires Fri, 19 Jul 2024 18:07:13 GMT
GET H2	200	App.8d455d3471c517adc757.css cdn.robinhood.com/assets/generated_assets/webapp/web-platform-prefetch-sdp/member/	40 KB 5 KB	133ms 30ms	Stylesheet text/css	13.227.219.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.robinhood.com/assets/generated_assets/webapp/web-platform-prefetch-sdp/member/App.8d455d3471c517adc757.css Requested by Host: robinhood-crypto-wallet.free.nf URL: https://robinhood-crypto-wallet.free.nf/?i=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-5.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `9ff7ad461432be849c2fe8936aa46010a74c0ee8aac9a38f42857eafe5ce7c77` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://robinhood-crypto-wallet.free.nf/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 11 Jun 2024 23:53:24 GMT content-encoding br via 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront) x-amz-version-id 9wmnnCp08ik.orZTRSmQXLFNfTJhIdUH x-amz-cf-pop AMS54-C1 age 670430 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 5035 last-modified Tue, 17 Oct 2023 23:24:48 GMT server AmazonS3 etag "d9d6378fb7a124f3419eb0a5b1653041" content-type text/css cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id 7Z6EgX607SifZYOrtosf6AdB-kC3nCUBA9XeliDPjL_yTkh4lxi_Qw==
GET H2	200	9435691b466061dc75b0.jpg cdn.robinhood.com/assets/generated_assets/webapp/web-platform-prefetch-sdp/member/	401 KB 402 KB	135ms 32ms	Image image/jpeg	13.227.219.5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.robinhood.com/assets/generated_assets/webapp/web-platform-prefetch-sdp/member/9435691b466061dc75b0.jpg Requested by Host: robinhood-crypto-wallet.free.nf URL: https://robinhood-crypto-wallet.free.nf/?i=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-5.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `d94ee7e0d70ca2074c1d040a373731061200dc94aa3b218a9264f0511f603c78` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://robinhood-crypto-wallet.free.nf/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 17:56:10 GMT x-amz-version-id 7H9_cQG1ikZ61wdqGoqmAz7x1qT0lzwi via 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront) x-amz-cf-pop AMS54-C1 age 1383065 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 410967 last-modified Mon, 11 Sep 2023 19:38:11 GMT server AmazonS3 etag "798d9c619b33d8eeee5f06c1b809cc06" content-type image/jpeg cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id y6aKZvAiE1JlkofE5ObbzXT5TeCBUkNBj7NIgHaqKCklHX1LMVwEjQ==
GET		8b42e3fc6d1d161d6fbd.woff2 apps-obinhood-crypto-wallet.moy.su/fonts/	0 0

GET		ece4dfe7c8753c6ed9e4.woff2 apps-obinhood-crypto-wallet.moy.su/fonts/	0 0

GET		f31b2ecb2f8e039d53bd.woff2 apps-obinhood-crypto-wallet.moy.su/fonts/	0 0

GET		eae2cabcf8266bed9e32.woff apps-obinhood-crypto-wallet.moy.su/fonts/	0 0

GET		ba3ebea0939580614269.woff apps-obinhood-crypto-wallet.moy.su/fonts/	0 0

GET		8ba279fa6846f41bb219.woff apps-obinhood-crypto-wallet.moy.su/fonts/	0 0

GET H2	200	favicon.ico robinhood.com/	4 KB 5 KB	109ms 30ms	Other image/x-icon	108.156.60.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://robinhood.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.60.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-60-100.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash `f2413a8bddf0d54c3a1080c123f4f51db1eeb03310f548a75f5ce1466aaaa30e` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://robinhood-crypto-wallet.free.nf/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id eyupMHYJgG5HTcaUiM3BsFsGJQBTr.7H date Wed, 19 Jun 2024 05:58:03 GMT via 1.1 96e04892ec84a7161914f66c3ba3b5f0.cloudfront.net (CloudFront) last-modified Tue, 15 Aug 2023 23:56:59 GMT server AmazonS3 x-amz-cf-pop AMS1-P2 age 43753 x-amz-server-side-encryption AES256 etag "734e49d28ba3dcde3907168b74f93bda" x-cache Hit from cloudfront content-type image/x-icon accept-ranges bytes content-length 4286 x-amz-cf-id wgpw8fGMr6Vk5vZQp8I-3X9o8FnPBGmSe9PdfbOAeSftkafDUSh6WQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apps-obinhood-crypto-wallet.moy.su
URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/8b42e3fc6d1d161d6fbd.woff2

Domain: apps-obinhood-crypto-wallet.moy.su
URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/ece4dfe7c8753c6ed9e4.woff2

Domain: apps-obinhood-crypto-wallet.moy.su
URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/f31b2ecb2f8e039d53bd.woff2

Domain: apps-obinhood-crypto-wallet.moy.su
URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/eae2cabcf8266bed9e32.woff

Domain: apps-obinhood-crypto-wallet.moy.su
URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/ba3ebea0939580614269.woff

Domain: apps-obinhood-crypto-wallet.moy.su
URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/8ba279fa6846f41bb219.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Robinhood (Financial)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			robinhood-crypto-wallet.free.nf/	1970-01-21 07:03:00	Name: __test Value: b13bae09baee6ea20fdc5cba11a0a792

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://robinhood-crypto-wallet.free.nf/?i=2 Message: Access to font at 'https://apps-obinhood-crypto-wallet.moy.su/fonts/8b42e3fc6d1d161d6fbd.woff2' from origin 'https://robinhood-crypto-wallet.free.nf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/8b42e3fc6d1d161d6fbd.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://robinhood-crypto-wallet.free.nf/?i=2 Message: Access to font at 'https://apps-obinhood-crypto-wallet.moy.su/fonts/f31b2ecb2f8e039d53bd.woff2' from origin 'https://robinhood-crypto-wallet.free.nf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/f31b2ecb2f8e039d53bd.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://robinhood-crypto-wallet.free.nf/?i=2 Message: Access to font at 'https://apps-obinhood-crypto-wallet.moy.su/fonts/ece4dfe7c8753c6ed9e4.woff2' from origin 'https://robinhood-crypto-wallet.free.nf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/ece4dfe7c8753c6ed9e4.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://robinhood-crypto-wallet.free.nf/?i=2 Message: Access to font at 'https://apps-obinhood-crypto-wallet.moy.su/fonts/eae2cabcf8266bed9e32.woff' from origin 'https://robinhood-crypto-wallet.free.nf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/eae2cabcf8266bed9e32.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://robinhood-crypto-wallet.free.nf/?i=2 Message: Access to font at 'https://apps-obinhood-crypto-wallet.moy.su/fonts/ba3ebea0939580614269.woff' from origin 'https://robinhood-crypto-wallet.free.nf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/ba3ebea0939580614269.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://robinhood-crypto-wallet.free.nf/?i=2 Message: Access to font at 'https://apps-obinhood-crypto-wallet.moy.su/fonts/8ba279fa6846f41bb219.woff' from origin 'https://robinhood-crypto-wallet.free.nf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://apps-obinhood-crypto-wallet.moy.su/fonts/8ba279fa6846f41bb219.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps-obinhood-crypto-wallet.moy.su
cdn.robinhood.com
robinhood-crypto-wallet.free.nf
robinhood.com
apps-obinhood-crypto-wallet.moy.su
108.156.60.100
13.227.219.5
185.27.134.34
189d03682a6da08401278a20afadc730ed0048e8988a4cd2eaa054a36f6fc1fe
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
549b3e6c4a807afa38716f12c7282c1755d69e3eb6268e1d4f01f817450eda12
67bdd4ee5781262d8dcc6f78120d0d07f6f277c57aabdd4a3e38a023828124c0
692930bb156108b20c0ec637381a87f3ae168935df7b891c5fa9300cbb182824
9ff7ad461432be849c2fe8936aa46010a74c0ee8aac9a38f42857eafe5ce7c77
d94ee7e0d70ca2074c1d040a373731061200dc94aa3b218a9264f0511f603c78
f2413a8bddf0d54c3a1080c123f4f51db1eeb03310f548a75f5ce1466aaaa30e

robinhood-crypto-wallet.free.nf Open in urlscan Pro 185.27.134.34 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

57 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

433 kBTransfer

590 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

12 Console Messages

Indicators

robinhood-crypto-wallet.free.nf Open in urlscan Pro
185.27.134.34 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

57 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

433 kB
Transfer

590 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!