urlscan.io logo urlscan.io
SecurityTrails logo

incapt.su Open in urlscan Pro
81.94.159.87  Public Scan

Go To Rescan Add Verdict Report
URL: http://incapt.su/blog/leaks
Submission: On March 07 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 81.94.159.87, located in Moscow, Russian Federation and belongs to WESTCALL-AS, RU. The main domain is incapt.su.
This is the only time incapt.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 81.94.159.87 8595 (WESTCALL-AS)
2 172.217.23.106 15169 (GOOGLE)
3 142.250.186.99 15169 (GOOGLE)
9 3
Apex Domain
Subdomains		 Transfer
3 gstatic.com
fonts.gstatic.com
52 KB
3 incapt.su
incapt.su
397 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 incbackend.top
incbackend.top
182 KB
9 4
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
3 incapt.su incapt.su
2 fonts.googleapis.com incapt.su
1 incbackend.top incapt.su
9 4

This site contains links to these domains. Also see Links.

Domain
twitter.com
incblog7vmuq7rktic73r4ha4j757m3ptym37tyvifzp2roedyyzzxid.onion
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://incapt.su/blog/leaks
Frame ID: 87946E831E2E8EEAF4AB83DB65C02F45
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

INC Ransom

Page Statistics

9
Requests

56 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

633 kB
Transfer

641 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request leaks
incapt.su/blog/ 		551 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
http://incapt.su/blog/leaks
Protocol
HTTP/1.1
Server
81.94.159.87 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e0fb3d86eae14bbf577b4f40fa041d6f541aff06b468e767bb978943760857f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 07 Mar 2024 16:17:49 GMT
etag
W/"655fc4ae-227"
last-modified
Thu, 23 Nov 2023 21:31:26 GMT
server
nginx/1.18.0 (Ubuntu)
transfer-encoding
chunked
main.608a1d3e.js
incapt.su/static/js/ 		322 KB
322 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://incapt.su/static/js/main.608a1d3e.js
Requested by
Host: incapt.su
URL: http://incapt.su/blog/leaks
Protocol
HTTP/1.1
Server
81.94.159.87 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a54bc72ed991f986d8a3c47e60b0c4833c6610e7e47be13ae3265e8151f79857

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://incapt.su/blog/leaks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 16:17:49 GMT
last-modified
Sun, 11 Feb 2024 11:57:28 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"65c8b628-50867"
content-length
329831
content-type
application/javascript
main.8450c86c.css
incapt.su/static/css/ 		74 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://incapt.su/static/css/main.8450c86c.css
Requested by
Host: incapt.su
URL: http://incapt.su/blog/leaks
Protocol
HTTP/1.1
Server
81.94.159.87 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dae5d3fe691bc2b07922da502be9ba86a5070391c40f15948f6e6cab31236f01

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://incapt.su/blog/leaks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 16:17:49 GMT
last-modified
Thu, 23 Nov 2023 21:31:25 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"655fc4ad-12768"
content-length
75624
content-type
text/css
css2
fonts.googleapis.com/ 		9 KB
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800&display=swap
Requested by
Host: incapt.su
URL: http://incapt.su/static/css/main.8450c86c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f10.1e100.net
Software
ESF /
Resource Hash
9a90ead4d4bd0d464c9c50ef3d00a037a8c5106b89c6e4cd89d0a42cec60f31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://incapt.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Mar 2024 16:17:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Mar 2024 15:38:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Mar 2024 16:17:50 GMT
css2
fonts.googleapis.com/ 		2 KB
849 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
Requested by
Host: incapt.su
URL: http://incapt.su/static/css/main.8450c86c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f10.1e100.net
Software
ESF /
Resource Hash
153771fa4bd1db6b3dbce81e61081312d9ebe1cc8dc80379d0cefabfda339ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://incapt.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Mar 2024 16:17:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Mar 2024 14:20:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Mar 2024 16:17:50 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://incapt.su
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 00:50:54 GMT
x-content-type-options
nosniff
age
228416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 00:50:54 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://incapt.su
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 01:21:35 GMT
x-content-type-options
nosniff
age
226575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 01:21:35 GMT
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v14/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v14/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
f2113de896c7ffcc1d75fe539e9ba823bb93ada5cbf6fa83873d35a042b2ca46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://incapt.su
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 23:22:26 GMT
x-content-type-options
nosniff
age
233724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37000
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 22:08:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Mar 2025 23:22:26 GMT
get-leaks
incbackend.top/api/blog/ 		182 KB
182 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://incbackend.top/api/blog/get-leaks
Requested by
Host: incapt.su
URL: http://incapt.su/static/js/main.608a1d3e.js
Protocol
HTTP/1.1
Server
81.94.159.87 Moscow, Russian Federation, ASN8595 (WESTCALL-AS, RU),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
d54036455f9658c640ed9ae9ebdf3d69ace4b8de70adf5db6664dd947568d548

Request headers

Accept
application/json, text/plain, */*
Referer
http://incapt.su/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Mar 2024 16:17:52 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
content-length
186352
etag
W/"2d7f0-TiQidu2NL6QiPm5Y7W5oJGAavZw"
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies