URL: https://acts-as-textcaptcha.hiddenloop.dev/
Submission Tags: phishingrod
Submission: On February 03 via api from DE — Scanned from GB

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 151.236.216.71, located in London, United Kingdom and belongs to AKAMAI-AP Akamai Technologies, Inc., SG. The main domain is acts-as-textcaptcha.hiddenloop.dev.
TLS certificate: Issued by R3 on February 3rd 2023. Valid for: 3 months.
This is the only time acts-as-textcaptcha.hiddenloop.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 151.236.216.71 63949 (AKAMAI-AP...)
1 4 2606:4700:e4:... 13335 (CLOUDFLAR...)
2 52.22.90.224 14618 (AMAZON-AES)
8 3
Apex Domain
Subdomains
Transfer
4 shields.io
img.shields.io — Cisco Umbrella Rank: 41647
3 KB
3 hiddenloop.dev
acts-as-textcaptcha.hiddenloop.dev
53 KB
2 codeclimate.com
api.codeclimate.com — Cisco Umbrella Rank: 370173
34 KB
8 3
Domain Requested by
4 img.shields.io 1 redirects acts-as-textcaptcha.hiddenloop.dev
3 acts-as-textcaptcha.hiddenloop.dev acts-as-textcaptcha.hiddenloop.dev
2 api.codeclimate.com acts-as-textcaptcha.hiddenloop.dev
8 3
Subject Issuer Validity Valid
acts-as-textcaptcha.hiddenloop.dev
R3
2023-02-03 -
2023-05-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-08 -
2023-06-08
a year crt.sh
*.codeclimate.com
Amazon
2022-04-19 -
2023-05-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://acts-as-textcaptcha.hiddenloop.dev/
Frame ID: 8EB0651025194D8EC337DBB59C32AF03
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

ActsAsTextcaptcha Demo

Page Statistics

8
Requests

88 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

90 kB
Transfer

93 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://img.shields.io/depfu/matthutchinson/acts_as_textcaptcha.svg?style=flat HTTP 301
  • https://img.shields.io/depfu/dependencies/github/matthutchinson/acts_as_textcaptcha.svg?style=flat

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
acts-as-textcaptcha.hiddenloop.dev/
5 KB
2 KB
Document
General
Full URL
https://acts-as-textcaptcha.hiddenloop.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.236.216.71 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
151-236-216-71.ip.linodeusercontent.com
Software
Caddy /
Resource Hash
cd4c8ea53f0a60cc8e226ad2cda5ff9b9451eb4f080f680c4878bdcd8d896e2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
1726
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 15:23:30 GMT
etag
W/"cd4c8ea53f0a60cc8e226ad2cda5ff9b"
link
</assets/application-236c31ba1b46afd6ec77dc863b0761996ff37f048ea15a109f75f0477fb9b88e.css>; rel=preload; as=style; nopush
referrer-policy
strict-origin-when-cross-origin
server
Caddy
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
42418b59-dc20-40a2-8586-e81b506d879d
x-runtime
0.036351
x-xss-protection
0
application-236c31ba1b46afd6ec77dc863b0761996ff37f048ea15a109f75f0477fb9b88e.css
acts-as-textcaptcha.hiddenloop.dev/assets/
2 KB
868 B
Stylesheet
General
Full URL
https://acts-as-textcaptcha.hiddenloop.dev/assets/application-236c31ba1b46afd6ec77dc863b0761996ff37f048ea15a109f75f0477fb9b88e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.236.216.71 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
151-236-216-71.ip.linodeusercontent.com
Software
Caddy /
Resource Hash
d9aeba589b49b8dde1303f8891c61137bf67539704633769bb149e17662e74c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acts-as-textcaptcha.hiddenloop.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 15:23:30 GMT
content-encoding
gzip
last-modified
Sat, 28 Jan 2023 14:55:17 GMT
server
Caddy
etag
"rp7as51co"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
alt-svc
h3=":443"; ma=2592000
content-length
808
captcha_roboto-19ab4fe49177074eb7438cb077348ff176ac1292ca36d7f76910ee3dcb2d7611.png
acts-as-textcaptcha.hiddenloop.dev/assets/
50 KB
50 KB
Image
General
Full URL
https://acts-as-textcaptcha.hiddenloop.dev/assets/captcha_roboto-19ab4fe49177074eb7438cb077348ff176ac1292ca36d7f76910ee3dcb2d7611.png
Requested by
Host: acts-as-textcaptcha.hiddenloop.dev
URL: https://acts-as-textcaptcha.hiddenloop.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.236.216.71 London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
151-236-216-71.ip.linodeusercontent.com
Software
Caddy /
Resource Hash
3e79435cf44d9b2559b56dd2d810be519f29c4049790429c39171691138a41bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acts-as-textcaptcha.hiddenloop.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 15:23:30 GMT
last-modified
Sat, 28 Jan 2023 14:55:17 GMT
server
Caddy
etag
"rp7as513h6"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
51162
acts_as_textcaptcha.svg
img.shields.io/gem/v/
1 KB
872 B
Image
General
Full URL
https://img.shields.io/gem/v/acts_as_textcaptcha.svg?style=flat
Requested by
Host: acts-as-textcaptcha.hiddenloop.dev
URL: https://acts-as-textcaptcha.hiddenloop.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:af10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31801ebb44d36b022e2773da464d5ca3f7272ed4530216d8341c478e1452fd2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acts-as-textcaptcha.hiddenloop.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 15:23:31 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id
01GRBY09C5PFGXWQ8G7V2PV3YZ-lhr
last-modified
Fri, 03 Feb 2023 15:23:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqhfhCtsOpfpq8WGjosl7XFXu30xC8%2FLLWqiQMMwnnj4bjd4G%2FTmaz10nM%2B8%2FThU0VVCYs2K8XtiMmBFyTS81LdUltIoCHvAMEyIe7WWsS8FOhAuqerb7OUil2xpPB3h8H4mAmLRXJlrvh%2BM2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300, s-maxage=300
cf-ray
793c2b0f28be7780-LHR
expires
Fri, 03 Feb 2023 15:28:31 GMT
master.svg
img.shields.io/travis/com/matthutchinson/acts_as_textcaptcha/
1 KB
826 B
Image
General
Full URL
https://img.shields.io/travis/com/matthutchinson/acts_as_textcaptcha/master.svg?style=flat
Requested by
Host: acts-as-textcaptcha.hiddenloop.dev
URL: https://acts-as-textcaptcha.hiddenloop.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:af10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917920463e9018b9e1ebe1556e1e97a9bb8498b557c4fc36460f3dadc6e9a8b2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acts-as-textcaptcha.hiddenloop.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 15:23:31 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id
01GRBY09C673WVYWH9JD979VRC-lhr
last-modified
Fri, 03 Feb 2023 15:23:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b69NyQVhN%2Ff2ByCTzpIv2U9k3fyq5PcMpfg57f3bDNWr2l%2BOxCDQb0rWmQXkCys2s6jWQw7Rsy4Ln8IaotSDOQx9i%2BvZzFcmEsyDT%2BIbiVlppoBvDQp8JO21M0DDVDIbzFmjaO8gUKg1nRzb7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=30, s-maxage=30
cf-ray
793c2b0f28c07780-LHR
expires
Fri, 03 Feb 2023 15:24:01 GMT
acts_as_textcaptcha.svg
img.shields.io/depfu/dependencies/github/matthutchinson/
Redirect Chain
  • https://img.shields.io/depfu/matthutchinson/acts_as_textcaptcha.svg?style=flat
  • https://img.shields.io/depfu/dependencies/github/matthutchinson/acts_as_textcaptcha.svg?style=flat
1 KB
822 B
Image
General
Full URL
https://img.shields.io/depfu/dependencies/github/matthutchinson/acts_as_textcaptcha.svg?style=flat
Requested by
Host: acts-as-textcaptcha.hiddenloop.dev
URL: https://acts-as-textcaptcha.hiddenloop.dev/
Protocol
H2
Server
2606:4700:e4::ac40:af10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fe909878d0b6833867e393cf7fac03e31cded56088ea8dd67f28c07c7fdc60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acts-as-textcaptcha.hiddenloop.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 15:23:31 GMT
via
2 fly.io
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fly-request-id
01GRBY09FJV3BV0K734S8W82WV-lhr
last-modified
Fri, 03 Feb 2023 15:23:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOIgWjRp25w4uRVnboHtQJ6qtkVTUooVI9hNKMDRKigYxzKrxR3orYwbL5rZ1VoiiEGZSqcXBH%2B4Sv%2BTAWkJqmrEdIhoEGD4REealEAD33jsNWnLoJEwqn3222a1G6sQctxcXui4rjtatl%2FH1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=120, s-maxage=120
cf-ray
793c2b0fd9d17780-LHR
expires
Fri, 03 Feb 2023 15:25:31 GMT

Redirect headers

date
Fri, 03 Feb 2023 15:23:31 GMT
via
2 fly.io
cf-cache-status
MISS
last-modified
Fri, 03 Feb 2023 14:55:07 GMT
fly-request-id
01GRBY09C3B2QV8HPRGGV6MD8V-lhr
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXvny%2FIpl%2BT%2BMI5OPTOOjDwNpGAK%2FHFrznBwi29w1wjUyBpbiTNG9mMgCbB8QgUGsu7%2FkFtb%2BpjTg4JU90xgONbxz4tc8u6pe2N6h11uc%2BaTPXWBHsyLpNvDo0xgVTU9etKh2OekWFRo%2BEVa%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/depfu/dependencies/github/matthutchinson/acts_as_textcaptcha.svg?style=flat
cache-control
max-age=86400, s-maxage=86400
cf-ray
793c2b0f28c17780-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
maintainability
api.codeclimate.com/v1/badges/db61b57be5b466b300ab/
15 KB
16 KB
Image
General
Full URL
https://api.codeclimate.com/v1/badges/db61b57be5b466b300ab/maintainability
Requested by
Host: acts-as-textcaptcha.hiddenloop.dev
URL: https://acts-as-textcaptcha.hiddenloop.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.90.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-90-224.compute-1.amazonaws.com
Software
nginx + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
e405b9522dbb510807c85641f28900c718bd90cade05757bdab8ad5bacd28135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acts-as-textcaptcha.hiddenloop.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-runtime
0.015856
date
Fri, 03 Feb 2023 15:23:31 GMT
strict-transport-security
max-age=31536000;
referrer-policy
no-referrer
server
nginx + Phusion Passenger(R) 6.0.14
x-forwarded-host
DENY
etag
W/"ce9b311a3459548fdb0c864a95cfa752"
x-powered-by
Phusion Passenger(R) 6.0.14
vary
Origin
content-type
image/svg+xml
status
200 OK
cache-control
no-cache
content-transfer-encoding
binary
content-disposition
inline; filename="maintainability-unknown.svg"
x-request-id
867c59a6-e231-4e5a-bba7-b2dc6f30dd35
test_coverage
api.codeclimate.com/v1/badges/c67969dd7b921477bdcc/
18 KB
18 KB
Image
General
Full URL
https://api.codeclimate.com/v1/badges/c67969dd7b921477bdcc/test_coverage
Requested by
Host: acts-as-textcaptcha.hiddenloop.dev
URL: https://acts-as-textcaptcha.hiddenloop.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.90.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-90-224.compute-1.amazonaws.com
Software
nginx + Phusion Passenger(R) 6.0.14 / Phusion Passenger(R) 6.0.14
Resource Hash
e9db843fc8de163bc17dd12fe82f88a9279e20f74be2df47eb1af253d6cb663f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acts-as-textcaptcha.hiddenloop.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-runtime
0.005968
date
Fri, 03 Feb 2023 15:23:31 GMT
strict-transport-security
max-age=31536000;
referrer-policy
no-referrer
server
nginx + Phusion Passenger(R) 6.0.14
x-forwarded-host
DENY
etag
W/"e71d4ad384c92250fb5d8feaca570f07"
x-powered-by
Phusion Passenger(R) 6.0.14
vary
Origin
content-type
image/svg+xml
status
200 OK
cache-control
no-cache
content-transfer-encoding
binary
content-disposition
inline; filename="test_coverage-100.svg"
x-request-id
ada5e530-170a-4b9a-abc8-5b686bfd8051

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
acts-as-textcaptcha.hiddenloop.dev/ Name: _acts_as_textcaptcha_demo_session
Value: hPXOwLtLnK8q4AiOVZSwSZWKnI%2FjagrL3NuZn4ya78KDGmI4ZWV%2BQXcGF5i83KMzgpOzGsSxZH4LNH5r2X%2FfKEjlOcyRCQmiXvOFvvNGRUnpB7ZU6CfBrNuRibgNVK7uOjoQrFycYdHUEevud%2BVH9vbdBlTsLDVrOMdkDZghBg8Ew4aFc3zxXY3crIR%2Fh6f8V518CuJLt9wu8bkRVMF5mrAGaDFU5u3RYHMBNgVSSByvY16p9aDy%2B7I96HffcOXWveVjn96oojjhBcDIduZKFOoYIVSx7%2Bj38EOfEWo173Iu4tWYC8SaJq0%3D--7eJoCOo8beMxXu9T--dA3N4lJvqvZ8Iyy%2FLkMxNw%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0