uscounter-robinhoodrestriction.162-240-229-169.cprapid.com Open in urlscan Pro
162.240.229.169 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://komin.fo/robins
Effective URL:
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth
Submission: On June 16 via manual (June 16th 2024, 12:04:58 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 162.240.229.169, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is uscounter-robinhoodrestriction.162-240-229-169.cprapid.com.
TLS certificate: Issued by R11 on June 15th 2024. Valid for: 3 months.

This is the only time uscounter-robinhoodrestriction.162-240-229-169.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Robinhood (Financial)

Domain & IP information

	IP Address	AS Autonomous System
2	202.89.117.210 202.89.117.210	45320 (DEPKOMINF...) (DEPKOMINFO-AS-ID Departemen Komunikasi dan Informasi Republik Indonesia)
1 15	162.240.229.169 162.240.229.169	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14c7	() ()
19	5

2 202.89.117.210 (Indonesia)

ASN45320 (DEPKOMINFO-AS-ID Departemen Komunikasi dan Informasi Republik Indonesia, ID)

komin.fo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 162.240.229.169 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-229-169.unifiedlayer.com

uscounter-robinhoodrestriction.162-240-229-169.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14c7 (None, )

ASN- ()

cdn-icons-png.flaticon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cprapid.com 1 redirects uscounter-robinhoodrestriction.162-240-229-169.cprapid.com	414 KB
2	komin.fo komin.fo	206 KB
1	flaticon.com cdn-icons-png.flaticon.com	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 457	31 KB
0	helpmegrowutah.org Failed wisconsin.helpmegrowutah.org Failed
19	5

	Domain	Requested by
15	uscounter-robinhoodrestriction.162-240-229-169.cprapid.com	1 redirects uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
2	komin.fo
1	cdn-icons-png.flaticon.com	uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
1	ajax.googleapis.com	uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
0	wisconsin.helpmegrowutah.org Failed	uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
19	5

This site contains no links.

Subject Issuer	Validity	Valid
komin.fo Sectigo RSA Domain Validation Secure Server CA	`2024-03-08` - `2025-03-08`	a year	crt.sh
www.uscounter-robinhoodrestriction.162-240-229-169.cprapid.com R11	`2024-06-15` - `2024-09-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.flaticon.com E6	`2024-06-07` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth
Frame ID: A6B421DD6E02AB6A7B6BF152BB3F0CA3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | Robinhood

Page URL History Show full URLs

https://komin.fo/robins Page URL
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/?wew&utm_source=kominfo&utm_medium=shorturl Page URL
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin HTTP 301
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/ Page URL
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

659 kB
Transfer

719 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://komin.fo/robins Page URL
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/?wew&utm_source=kominfo&utm_medium=shorturl Page URL
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin HTTP 301
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/ Page URL
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin HTTP 301
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK robins Show response
komin.fo/ 675 B
2 KB 1375ms
577ms Document
text/html 202.89.117.210
DEPKOMINFO-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL

https://komin.fo/robins

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

202.89.117.210 , Indonesia, ASN45320 (DEPKOMINFO-AS-ID Departemen Komunikasi dan Informasi Republik Indonesia, ID),

Reverse DNS

Software

nginx/1.14.1 /

Resource Hash

e31e9c483be9add2687e92bcf347a0ce4c180b7fab7b5df93f1650f3fa771888

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';style-src 'self';script-src 'self';connect-src 'self';img-src 'self';font-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self';media-src 'self';child-src 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://komin.fo
cache-control: private, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'none';style-src 'self';script-src 'self';connect-src 'self';img-src 'self';font-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self';media-src 'self';child-src 'self'
content-type: text/html; charset=UTF-8
date: Sun, 16 Jun 2024 00:04:44 GMT
expires: -1
permissions-policy: geolocation=self
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.14.1
strict-transport-security: max-age=15724800; includeSubDomains
transfer-encoding: chunked
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK /
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/ 69 B
575 B 1727ms
1009ms Document
text/html 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/?wew&utm_source=kominfo&utm_medium=shorturl

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-240-229-169.unifiedlayer.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://komin.fo/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Jun 2024 00:04:45 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
komin.fo/ 204 KB
204 KB 379ms
378ms Other
image/x-icon 202.89.117.210
DEPKOMINFO-AS-ID ...

General

Check archive.org

Show headers Download Go to

Full URL

https://komin.fo/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

202.89.117.210 , Indonesia, ASN45320 (DEPKOMINFO-AS-ID Departemen Komunikasi dan Informasi Republik Indonesia, ID),

Reverse DNS

Software

nginx/1.14.1 /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://komin.fo/robins
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 00:04:45 GMT
last-modified: Fri, 26 Jan 2024 13:24:10 GMT
server: nginx/1.14.1
etag: "65b3b27a-32e9c"
x-frame-options: SAMEORIGIN
content-type: image/x-icon
accept-ranges: bytes
content-length: 208540

GET
H/1.1

200
OK

/
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/
Redirect Chain

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin
https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/

92 B
523 B

694ms
694ms

Document
text/html

162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/

Requested by

Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/?wew&utm_source=kominfo&utm_medium=shorturl

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-240-229-169.unifiedlayer.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/?wew&utm_source=kominfo&utm_medium=shorturl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Jun 2024 00:04:47 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=98
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 282
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 16 Jun 2024 00:04:47 GMT
Keep-Alive: timeout=5, max=99
Location: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/
Server: Apache

GET
H/1.1 200
OK Primary Request auth Show response
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/ 10 KB
3 KB 237ms
237ms Document
text/html 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth

Requested by

Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-240-229-169.unifiedlayer.com

Software

Apache /

Resource Hash

8032d99d4c7e7a0c668c4822c7c5fc6e40f6dde9ae7bac3591310ba8edd28e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Jun 2024 00:04:48 GMT
Keep-Alive: timeout=5, max=97
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK legacy.css
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/ 8 KB
9 KB 225ms
224ms Stylesheet
text/css 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css

Requested by

Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-240-229-169.unifiedlayer.com

Software

Apache /

Resource Hash

dafef08402f6de96e73f5798dfb91f5291ee1e55d3f10174fde44966f3162c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 26 Feb 2023 19:22:44 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 8691
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.css
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/ 3 KB
4 KB 454ms
229ms Stylesheet
text/css 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/app.css

Requested by

Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-240-229-169.unifiedlayer.com

Software

Apache /

Resource Hash

6f9f23c037764fa240bf5073075f7a5842ad9eb457133fb6399c296784b05200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Mar 2023 07:53:50 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3504
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/ 14 KB
14 KB 604ms
232ms Stylesheet
text/css 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/style.css

Requested by

Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-240-229-169.unifiedlayer.com

Software

Apache /

Resource Hash

ce72e3b98db4842b7dc5ea8610d9046ac2e979f773c0b53ac6aa10cf29f64d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 26 Feb 2023 19:22:44 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14044
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 632fcb3e7ed928b2a960f3e003d10b44.jpg
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/img/ 378 KB
378 KB 606ms
234ms Image
image/jpeg 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/img/632fcb3e7ed928b2a960f3e003d10b44.jpg

Requested by

Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-240-229-169.unifiedlayer.com

Software

Apache /

Resource Hash

01373b02ad74b5c99cc5abd66cc1acf1cc4fffc85a51a16212e6f40d0de3f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 26 Feb 2023 19:23:14 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 387068
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 23:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Jun 2025 23:49:08 GMT

GET
H/1.1 404
Not Found ece4dfe7c8753c6ed9e4ede8ad811074.woff2
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ 0
0 259ms
259ms Font
text/html 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ece4dfe7c8753c6ed9e4ede8ad811074.woff2
Requested by: Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-229-169.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Origin: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET favicon-1.png
wisconsin.helpmegrowutah.org/ 0
0

GET
H/1.1 404
Not Found 8b42e3fc6d1d161d6fbd7487babe6cfe.woff2
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ 0
0 307ms
307ms Font
text/html 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/8b42e3fc6d1d161d6fbd7487babe6cfe.woff2
Requested by: Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-229-169.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Origin: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 6866733.png
cdn-icons-png.flaticon.com/512/6866/ 9 KB
9 KB 246ms
44ms Image
image/png 2a02:26f0:3500:11::215:14c7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-icons-png.flaticon.com/512/6866/6866733.png
Requested by: Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14c7 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b26a8b8f4bef207596f466204fb1eaa35fbf3624f8e6be5e0414319dbdb61c08

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 00:04:49 GMT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 8859
pragma: public
last-modified: Mon, 18 Sep 2023 22:44:57 GMT
etag: "8700a581daf8ad9974b82880089e00a5"
vary: Accept-Encoding
x-goog-generation: 1695077097581465
content-type: image/png
access-control-allow-origin: *
x-default-rule: YES
cache-control: public, max-age=31536000
x-goog-stored-content-length: 8859
x-amz-checksum-crc32c: svkUtA==
accept-ranges: bytes
x-amz-meta-x-goog-reserved-source-generation: 1644833944313622
expires: Sun, 16 Jun 2024 00:04:49 GMT

GET
H/1.1 404
Not Found f31b2ecb2f8e039d53bd75d5314229c7.woff2
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ 0
0 304ms
304ms Font
text/html 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/f31b2ecb2f8e039d53bd75d5314229c7.woff2
Requested by: Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-229-169.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Origin: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 8ba279fa6846f41bb21912578ff1ea58.woff
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ 0
0 239ms
238ms Font
text/html 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/8ba279fa6846f41bb21912578ff1ea58.woff
Requested by: Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-229-169.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Origin: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found eae2cabcf8266bed9e324af939bcfa6b.woff
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ 0
0 240ms
240ms Font
text/html 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/eae2cabcf8266bed9e324af939bcfa6b.woff
Requested by: Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-229-169.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Origin: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found ba3ebea0939580614269729932955862.woff
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ 0
0 240ms
240ms Font
text/html 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ba3ebea0939580614269729932955862.woff
Requested by: Host: uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-229-169.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/css/legacy.css
Origin: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:49 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK favicon.ico
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/img/ 4 KB
4 KB 223ms
222ms Other
image/x-icon 162.240.229.169
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/img/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.240.229.169 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

162-240-229-169.unifiedlayer.com

Software

Apache /

Resource Hash

f2413a8bddf0d54c3a1080c123f4f51db1eeb03310f548a75f5ce1466aaaa30e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 00:04:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 26 Feb 2023 19:22:44 GMT
Server: Apache
Content-Type: image/x-icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4286
X-XSS-Protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wisconsin.helpmegrowutah.org
URL: https://wisconsin.helpmegrowutah.org/favicon-1.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Robinhood (Financial)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
komin.fo/	1970-01-20 21:21:43	Name: XSRF-TOKEN Value: eyJpdiI6IkE4eWNvVElWVXNyTWNPY043c1ZVekE9PSIsInZhbHVlIjoiWVBVRTVRT3pOanVpRm12eVpianFjVy81bzNZWjhvY3BrNC9WcDQ2dWpzb2gwd1NkemVsbEoyTW81bVg4MlAvSWJiZXlpQzNiNXA3akdNb1g3czF1d2w2VTEwMDA0UVI2OUtoRzhFWmJqenBCUHhtKzg3UnJKMWpTVy8zNlNnSmQiLCJtYWMiOiIyNWFkZDgwNDEwNzZkNjg5YjZmOTJhOGM1OTg1MjdiODBlMGUwZjhiODk1MmYwMTAxYmIwZmEwODU4YzEyMDgxIiwidGFnIjoiIn0%3D
komin.fo/	1970-01-20 21:21:43	Name: short_url_kominfo_session Value: V1xBbEsFwLIDKjro5SSussnwWIhm3WGa9ezV8cIn
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: db0a744a3b2034996dc21d7dd7da08ce

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/signin/auth Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ece4dfe7c8753c6ed9e4ede8ad811074.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/8b42e3fc6d1d161d6fbd7487babe6cfe.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/f31b2ecb2f8e039d53bd75d5314229c7.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/8ba279fa6846f41bb21912578ff1ea58.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/eae2cabcf8266bed9e324af939bcfa6b.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://uscounter-robinhoodrestriction.162-240-229-169.cprapid.com/Assets/generated_assets/ba3ebea0939580614269729932955862.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none';style-src 'self';script-src 'self';connect-src 'self';img-src 'self';font-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self';media-src 'self';child-src 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-icons-png.flaticon.com
komin.fo
uscounter-robinhoodrestriction.162-240-229-169.cprapid.com
wisconsin.helpmegrowutah.org
wisconsin.helpmegrowutah.org
162.240.229.169
202.89.117.210
2a00:1450:4001:829::200a
2a02:26f0:3500:11::215:14c7
01373b02ad74b5c99cc5abd66cc1acf1cc4fffc85a51a16212e6f40d0de3f126
6f9f23c037764fa240bf5073075f7a5842ad9eb457133fb6399c296784b05200
8032d99d4c7e7a0c668c4822c7c5fc6e40f6dde9ae7bac3591310ba8edd28e5f
b26a8b8f4bef207596f466204fb1eaa35fbf3624f8e6be5e0414319dbdb61c08
ce72e3b98db4842b7dc5ea8610d9046ac2e979f773c0b53ac6aa10cf29f64d3a
dafef08402f6de96e73f5798dfb91f5291ee1e55d3f10174fde44966f3162c8a
e31e9c483be9add2687e92bcf347a0ce4c180b7fab7b5df93f1650f3fa771888
f2413a8bddf0d54c3a1080c123f4f51db1eeb03310f548a75f5ce1466aaaa30e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

uscounter-robinhoodrestriction.162-240-229-169.cprapid.com Open in urlscan Pro 162.240.229.169 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

659 kBTransfer

719 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

3 Cookies

7 Console Messages

Security Headers

Indicators

uscounter-robinhoodrestriction.162-240-229-169.cprapid.com Open in urlscan Pro
162.240.229.169 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

659 kB
Transfer

719 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!