urlscan.io logo urlscan.io
SecurityTrails logo

robinhood-verify.com Open in urlscan Pro
34.125.159.54  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://robinhood-verify.com/
Effective URL: https://robinhood-verify.com/Login.php
Submission: On July 10 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 34.125.159.54, located in Las Vegas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is robinhood-verify.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 8th 2022. Valid for: 3 months.
This is the only time robinhood-verify.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Robinhood (Financial)

Domain & IP information

IP Address AS Autonomous System
1 4 34.125.159.54 396982 (GOOGLE-CL...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
5 18.66.97.118 16509 (AMAZON-02)
12 3
Apex Domain
Subdomains		 Transfer
5 robinhood.com
cdn.robinhood.com — Cisco Umbrella Rank: 19828
1 MB
4 arkoselabs.com
robinhood-api.arkoselabs.com — Cisco Umbrella Rank: 64515
82 KB
4 robinhood-verify.com
robinhood-verify.com
387 KB
12 3
Domain Requested by
5 cdn.robinhood.com robinhood-verify.com
4 robinhood-api.arkoselabs.com robinhood-verify.com
robinhood-api.arkoselabs.com
4 robinhood-verify.com 1 redirects robinhood-verify.com
12 3

This site contains links to these domains. Also see Links.

Domain
robinhood.com
Subject Issuer Validity Valid
robinhood-verify.com
cPanel, Inc. Certification Authority		 2022-07-08 -
2022-10-06		 3 months crt.sh
arkoselabs.com
Cloudflare Inc ECC CA-3		 2021-10-06 -
2022-10-05		 a year crt.sh
*.robinhood.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-29 -
2023-04-25		 a year crt.sh

This page contains 2 frames:

Primary Page: https://robinhood-verify.com/Login.php
Frame ID: C29928FE5F7D3C98895B9DFCE54C658E
Requests: 9 HTTP requests in this frame

Frame: https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.html
Frame ID: CB13FC69B1DAD58C49C2D9628B65BA4B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log In | Robinhood

Page URL History Show full URLs

  1. https://robinhood-verify.com/ HTTP 302
    https://robinhood-verify.com/Login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1746 kB
Transfer

5543 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://robinhood-verify.com/ HTTP 302
    https://robinhood-verify.com/Login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login.php
robinhood-verify.com/
Redirect Chain
  • https://robinhood-verify.com/
  • https://robinhood-verify.com/Login.php
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://robinhood-verify.com/Login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.125.159.54 Las Vegas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.159.125.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
45d1bafcba353cbf0fa0a20c9367aa26a4f061d715c5c29d07d357c2eb8962e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Jul 2022 01:28:09 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Jul 2022 01:28:09 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
location
Login.php
jquery.js
robinhood-verify.com/files/js/ 		266 KB
266 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robinhood-verify.com/files/js/jquery.js
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.125.159.54 Las Vegas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.159.125.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://robinhood-verify.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 01:28:09 GMT
Last-Modified
Wed, 07 Oct 2020 20:45:56 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
272153
styles.64d4eb4f9c6d9cc4adee.css
robinhood-verify.com/assets/ 		112 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://robinhood-verify.com/assets/styles.64d4eb4f9c6d9cc4adee.css
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.125.159.54 Las Vegas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.159.125.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
d084e3a1a947e5c3ebdf358236504852c2d10d5c33fda67bac3f50d1ed652e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://robinhood-verify.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 10 Jul 2022 01:28:10 GMT
Last-Modified
Fri, 08 Jul 2022 20:41:16 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
114839
api.js
robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/ 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/api.js
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::6812:2ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff206f135f1b39c6973dd7e1262ba4a1db090a2ae4d292b9ffb0de0f5f79262f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://robinhood-verify.com/
Origin
https://robinhood-verify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 01:28:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
05TA00JHKYNPE3K2
cf-ray
72858568daee01f4-ZRH
cache-tag
7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-id-2
9np+DJkqCzsC3L+s5dcODjgnWEEYBK5qGKeB+OwGUd/LyOdGurxRjs3Py6J45CGmtnYjlPLGUas=
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 23 May 2022 04:02:29 GMT
server
cloudflare
etag
W/"ffd2803666c213a654ae4f81d26b9941"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
9zA4hBhJcSli0thEHky0icuFq24VXzxH
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, max-age=0, s-maxage=31536000
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
content-security-policy
default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
content-type
application/javascript; charset=utf-8
632fcb3e7ed928b2a960f3e003d10b44.jpg
cdn.robinhood.com/assets/generated_assets/webapp/ 		378 KB
379 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.robinhood.com/assets/generated_assets/webapp/632fcb3e7ed928b2a960f3e003d10b44.jpg
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01373b02ad74b5c99cc5abd66cc1acf1cc4fffc85a51a16212e6f40d0de3f126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://robinhood-verify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 02 Jul 2022 04:44:51 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified
Mon, 25 Apr 2022 23:37:31 GMT
server
AmazonS3
age
679400
etag
"cdfcb3cb965d71cf114d0aeb8f0a50cd"
x-cache
Hit from cloudfront
x-amz-version-id
PoIhcChpT0cSJtwVGrPw9Ghq6AqCPYF_
cache-control
public,max-age=2419200,immutable
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
387068
x-amz-cf-id
_-1BNR_iWLFhkKFLUNAq31vnkRYy03AoFqdpJYwdJTj0juUVZYJNaQ==
runtime-b1afb00b1e3657fd7483.js
cdn.robinhood.com/assets/generated_assets/webapp/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.robinhood.com/assets/generated_assets/webapp/runtime-b1afb00b1e3657fd7483.js
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2d299efe5234784fdb63850ba566b3db0504a90bb1b8e5b614ff7c3c6723500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://robinhood-verify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 17:02:40 GMT
content-encoding
br
age
289531
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
10346
last-modified
Wed, 06 Jul 2022 16:52:16 GMT
server
AmazonS3
etag
"e1a790b9bed71a1699fdb267b90da629"
x-amz-version-id
DVz0RMMy1i4LMxWUDgKa0umX68H57kBS
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
27n9uoVhRiQ1DUXdXjZvLrmIhrOtiG6iEF9gtCBsKyegoDH0Axlr_g==
Volatile-488235c2a42222206374.js
cdn.robinhood.com/assets/generated_assets/webapp/ 		78 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.robinhood.com/assets/generated_assets/webapp/Volatile-488235c2a42222206374.js
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da25338943c59736760edf42e42aeb695ee9e01f402cbef46cbfc0499bbdb263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://robinhood-verify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 17:02:40 GMT
content-encoding
br
age
289531
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20814
last-modified
Wed, 06 Jul 2022 16:52:16 GMT
server
AmazonS3
etag
"8aeace0acfb5ab19f0587b8051c3783e"
x-amz-version-id
ZuI_kS.8L.Nxfz38GWe1wtyau93q2_pt
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
aEUWbKyXi0lB9NCd_kwE82ta-gg8fAIooWwGYgyS0qJQE5XgOcmqCg==
Vendor-9b29ade88ac9aeba36d3.js
cdn.robinhood.com/assets/generated_assets/webapp/ 		2 MB
492 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.robinhood.com/assets/generated_assets/webapp/Vendor-9b29ade88ac9aeba36d3.js
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25a73754ea000f3a54d07d6be5b8b039b594043430b6ef0333ef569aae3f01ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://robinhood-verify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 16:40:23 GMT
content-encoding
br
age
377268
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
502526
last-modified
Fri, 01 Jul 2022 15:27:47 GMT
server
AmazonS3
etag
"170ae7c222d336f635103e04365aaf63"
x-amz-version-id
7Ly3pB7nG7jqOmu3.mirpj40QOhWrOun
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
bkpYAfVxj5hGAgROVlRBTRBCaU6L8uo1Q3Q9xpV0ov4wd8PkCfJybQ==
App-56a8f094021078544640.js
cdn.robinhood.com/assets/generated_assets/webapp/ 		2 MB
374 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.robinhood.com/assets/generated_assets/webapp/App-56a8f094021078544640.js
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2725b7fd153f70da35ca4987870e115d7471ba91c9f5720b28fd23c54c94bb22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://robinhood-verify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 17:02:40 GMT
content-encoding
br
age
289531
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
382468
last-modified
Tue, 05 Jul 2022 23:41:49 GMT
server
AmazonS3
etag
"d13b7dc1aae2c1f9d26e27f622772208"
x-amz-version-id
MR56o5fedMIbiA1fIotJ7Vpx2UVY9b0U
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
wKn4tTGF0E4KCuTK1sYh7eEY3Ss6jFOkym5J_-7-7SQGfpZ0cDL4pw==
enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.html
robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/ Frame CB13 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.html
Requested by
Host: robinhood-verify.com
URL: https://robinhood-verify.com/Login.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::6812:2ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0caf7b4395b29d2bd4c162f57340c2ae2e3ba707b0e195fd1296dc4ecdd8d5d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://robinhood-verify.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
1448644
cache-control
public, max-age=31536000, immutable
cache-tag
7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3
cf-cache-status
HIT
cf-ray
7285856a7f3623c7-ZRH
content-encoding
br
content-security-policy
default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
content-type
text/html; charset=utf-8
date
Sun, 10 Jul 2022 01:28:10 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 23 May 2022 04:02:28 GMT
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-amz-id-2
x5w18VLPAzvJ4V+yqCkQqFcxNcUrfqUhpEgYQQk16r2WPcxiBHx4trLlZkGZIlaIxhqLr1lCjdk=
x-amz-request-id
K0012DWPTRNMGVBK
x-amz-version-id
_BkiuPWpWXxccXvOL6cTUY0tNrkbeHXa
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vendors~enforcement.bundle.2076b0fbe04d5fbcf3a3be4d42b8735e.js
robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/ Frame CB13 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/vendors~enforcement.bundle.2076b0fbe04d5fbcf3a3be4d42b8735e.js
Requested by
Host: robinhood-api.arkoselabs.com
URL: https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::6812:2ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbc5f4e347ff90fcde1b6a1458841df14e23d1e00f22e18a7fe3137a7cef67e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.html
Origin
https://robinhood-api.arkoselabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 01:28:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1448644
cache-tag
7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3
vary
Accept-Encoding
x-amz-request-id
YJ4MTWNRRATJWBQA
x-amz-id-2
vom7NH4kJPtN6BtKPLHfZkwLe+BzSDR82c/PZcjpSi/+vhUaVAJRtqZNyMw95BJrgTJolBX/V8w=
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 23 May 2022 04:02:29 GMT
server
cloudflare
etag
W/"cdd7afe10ab88a333b9a7d682b17f450"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-version-id
P3sxGZlsFyRBJzJG7nnxVVZjeI7P3dGp
content-security-policy
default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
cf-ray
7285856acf6823c7-ZRH
enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.js
robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/ Frame CB13 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.js
Requested by
Host: robinhood-api.arkoselabs.com
URL: https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2606:4700:4400::6812:2ae5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139b23de015497989dbdaf9ac85f65de99b12faadad5697d155eaf27cbb1921a
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://robinhood-api.arkoselabs.com/v2/7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3/enforcement.2076b0fbe04d5fbcf3a3be4d42b8735e.html
Origin
https://robinhood-api.arkoselabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 01:28:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1448644
cache-tag
7F867EDC-C71B-467F-B0A1-8DCBA5D4D2E3
vary
Accept-Encoding
x-amz-request-id
YJ4J19RJZXPQHE2P
x-amz-id-2
mOUWEmQcG8szbSBlWv7sGqIqZ1/wGHzvJMAU+jKnSDibp+442a2/J+LwBCHEmLeoIXjwqXmDSy4=
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 23 May 2022 04:02:28 GMT
server
cloudflare
etag
W/"2fea92bd0824135496a22cccce240ac3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
x-amz-version-id
3U8yxsQ3tjkFHEbN.7HRNhH0vofWmFi3
content-security-policy
default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' 'unsafe-inline' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
cf-ray
7285856acf6a23c7-ZRH

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Robinhood (Financial)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| arkoseLabsClientApi18d2fa20 object| __LOADABLE_LOADED_CHUNKS__ object| SENTRY_RELEASE function| clearImmediate function| setImmediate

0 Cookies