urlscan.io logo urlscan.io
SecurityTrails logo

brilliant-flan-c13ff6.netlify.app Open in urlscan Pro
2600:1f18:16e:df00::64  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://brilliant-flan-c13ff6.netlify.app/
Submission: On August 06 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2600:1f18:16e:df00::64, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is brilliant-flan-c13ff6.netlify.app.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.
This is the only time brilliant-flan-c13ff6.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
15 2600:1f18:16e... 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.130.30 13335 (CLOUDFLAR...)
1 2 2600:1408:ec0... 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
19 5
15    2600:1f18:16e:df00::64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
brilliant-flan-c13ff6.netlify.app
1    2607:f8b0:4004:c21::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.67.130.30 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
2    2600:1408:ec00:1081::f03 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
support.microsoft.com
1    2607:f8b0:400d:c1d::65 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
15 netlify.app
brilliant-flan-c13ff6.netlify.app
651 KB
2 microsoft.com
support.microsoft.com — Cisco Umbrella Rank: 12550
343 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 12323
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
102 KB
19 5
Domain Requested by
15 brilliant-flan-c13ff6.netlify.app brilliant-flan-c13ff6.netlify.app
2 support.microsoft.com 1 redirects brilliant-flan-c13ff6.netlify.app
1 www.google-analytics.com www.googletagmanager.com
1 embed.tawk.to brilliant-flan-c13ff6.netlify.app
1 www.googletagmanager.com brilliant-flan-c13ff6.netlify.app
19 5

This site contains no links.

Subject Issuer Validity Valid
*.netlify.app
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-02-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
tawk.to
WE1		 2024-07-24 -
2024-10-22		 3 months crt.sh
support.microsoft.com
Microsoft Azure ECC TLS Issuing CA 04		 2024-05-01 -
2025-04-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://brilliant-flan-c13ff6.netlify.app/
Frame ID: 2844B7BF62D1D3F9407F5766098952F1
Requests: 18 HTTP requests in this frame

Frame: https://support.microsoft.com/en-US
Frame ID: 1D7C328ED17987939EB95A47D0B22FD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Service - Helpline

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.netlify\.(?:com|app)/
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

754 kB
Transfer

975 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://support.microsoft.com/ HTTP 301
  • https://support.microsoft.com/en-US

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
brilliant-flan-c13ff6.netlify.app/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
1d7e7426477fade975ab924e6f718b04b520c5ffaa8be9efe05571c5ef8bc80e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
57593
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
4065
content-type
text/html; charset=UTF-8
date
Tue, 06 Aug 2024 10:43:30 GMT
etag
"1bdbe7b3060a33260c5eb2658ebc398b-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-nf-request-id
01J4KMJWR03658Q9Q3MP6129SE
styles.css
brilliant-flan-c13ff6.netlify.app/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://brilliant-flan-c13ff6.netlify.app/styles.css
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
c39958089eebb1b3b8a3d0203efff9386ff364eaf5fa05f9fb037e9b5f7fcef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJWSTTG3KT9RT70CHSJJM
date
Tue, 06 Aug 2024 10:43:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20484
cache-status
"Netlify Edge"; hit
etag
"53c7f140fc1b42b575c826ff3d347709-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
2791
scripts.js
brilliant-flan-c13ff6.netlify.app/ 		843 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://brilliant-flan-c13ff6.netlify.app/scripts.js
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
3406b91395463f01155727e125df3d1dae7d01f1fe7c8ca20513e4913f8f1dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJWSTBEFGAHW36QGHS8W4
date
Tue, 06 Aug 2024 10:43:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
57582
cache-status
"Netlify Edge"; hit
etag
"75fac5cf2098d8be8346f3251c955ebd-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
843
jquery.min.js
brilliant-flan-c13ff6.netlify.app/cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://brilliant-flan-c13ff6.netlify.app/cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJWSTEN0D1SFMQABKYDD5
date
Tue, 06 Aug 2024 10:43:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
57582
cache-status
"Netlify Edge"; hit
etag
1721664479-ssl-df
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
public,max-age=0,must-revalidate
content-length
1247
bootstrap.min.js
brilliant-flan-c13ff6.netlify.app/stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://brilliant-flan-c13ff6.netlify.app/stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
Origin
https://brilliant-flan-c13ff6.netlify.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJWST11YFWH8G0CM2JB25
date
Tue, 06 Aug 2024 10:43:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
41736
cache-status
"Netlify Edge"; hit
etag
1721664479-ssl-df
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
public,max-age=0,must-revalidate
content-length
1247
font-awesome.min.css
brilliant-flan-c13ff6.netlify.app/maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://brilliant-flan-c13ff6.netlify.app/maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJWSTP3J6B4M2JNP67HDY
date
Tue, 06 Aug 2024 10:43:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20484
cache-status
"Netlify Edge"; hit
etag
1721664479-ssl-df
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
public,max-age=0,must-revalidate
content-length
1247
js
www.googletagmanager.com/gtag/ 		306 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LPS865GCM1
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4886a2c3e05449f7ded482d3c1814a4d05d05bb088993c9d823e13574653dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:43:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103810
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Aug 2024 10:43:31 GMT
cross.png
brilliant-flan-c13ff6.netlify.app/ 		377 KB
378 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brilliant-flan-c13ff6.netlify.app/cross.png
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJWSTS3EMWVJNECFK4MH3
date
Tue, 06 Aug 2024 10:43:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20484
cache-status
"Netlify Edge"; hit
etag
"8d7d14dbe2821b70e0f5cdc9b7a9a362-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
386359
def.png
brilliant-flan-c13ff6.netlify.app/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brilliant-flan-c13ff6.netlify.app/def.png
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJWSTSFR7TVP81R8WE9J8
date
Tue, 06 Aug 2024 10:43:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20484
cache-status
"Netlify Edge"; hit
etag
"abfc075563f7c75cabb89992ee4e7362-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
3834
gif1.gif
brilliant-flan-c13ff6.netlify.app/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brilliant-flan-c13ff6.netlify.app/gif1.gif
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
a38ce8950f9fd31142fa9f3f673db29058f43989dd4415118bc8d223d0302f77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJXEKP6X5492C8QJQFBFM
date
Tue, 06 Aug 2024 10:43:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20485
cache-status
"Netlify Edge"; hit
etag
"93cdce1d6b994412490eb3c6cbcd6b5f-ssl"
content-type
image/gif
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
10261
microsoft.png
brilliant-flan-c13ff6.netlify.app/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brilliant-flan-c13ff6.netlify.app/microsoft.png
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
fccaeb23b60aa3fd5130234f5ecfe5f07be02f2006311196de9884d4af9c7d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJXENMQP3VX99WCXQDGQH
date
Tue, 06 Aug 2024 10:43:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20485
cache-status
"Netlify Edge"; hit
etag
"aa0e36508295376c461e552e856636eb-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
17003
gif2.gif
brilliant-flan-c13ff6.netlify.app/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brilliant-flan-c13ff6.netlify.app/gif2.gif
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
4e1c30469b24a3e29ff7ee42e124056a91e2d5c892d1693d3ac51f456d1e1df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJXG1513EZQW4CNPP9GJY
date
Tue, 06 Aug 2024 10:43:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20485
cache-status
"Netlify Edge"; hit
etag
"8021abfad9385b1462a29da696caf25b-ssl"
content-type
image/gif
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
16699
msl.png
brilliant-flan-c13ff6.netlify.app/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brilliant-flan-c13ff6.netlify.app/msl.png
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJXG13515QZJMWH0NB5KT
date
Tue, 06 Aug 2024 10:43:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20485
cache-status
"Netlify Edge"; hit
etag
"b45281fbb8bcd5a789d91bfb3129c4b0-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
1045
warn.png
brilliant-flan-c13ff6.netlify.app/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brilliant-flan-c13ff6.netlify.app/warn.png
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
a00268b274d7757a5c883c487083d4fd9914161e72cb528a9f3c9f1df1f3e032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJXG1G5BNEJE4EC4QAM8P
date
Tue, 06 Aug 2024 10:43:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20485
cache-status
"Netlify Edge"; hit
etag
"34b593a89b72b50a558317950e6682af-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
4242
corssbg.png
brilliant-flan-c13ff6.netlify.app/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brilliant-flan-c13ff6.netlify.app/corssbg.png
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
9f4c0bd395a0c6dbb50714db9e76dc59cc531c83403ef29ecd5b43398df445ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4KMJXG1ST9994X9659S67EG
date
Tue, 06 Aug 2024 10:43:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20485
cache-status
"Netlify Edge"; hit
etag
"2e48feb1c1c9476366ec2e67959cf30c-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
17045
1hv29ibvf
embed.tawk.to/665731739a809f19fb36a57b/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/665731739a809f19fb36a57b/1hv29ibvf
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaaa681745d443dbbf6b864378cb7d78eb03007632962ec35c26398ea4c63b31
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
Origin
https://brilliant-flan-c13ff6.netlify.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 10:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"stable-v4-66909c6d5c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0L06FwO61te6lRq%2FHOtE0fcNkKXmdvvq0DO3iQFS4GDxsxCLSldi6GNOjsss%2FJy5UUJtHhse9TJ1sFru9Z0qVJg8JDId5arUJLKjPy0zNSlJ1WyDTsgiKuUB%2FxW5dcb"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
8aee6d29ea80b405-YYZ
alt-svc
h3=":443"; ma=86400
en-US
support.microsoft.com/ Frame 1D7C
Redirect Chain
  • https://support.microsoft.com/
  • https://support.microsoft.com/en-US
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://support.microsoft.com/en-US
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:1081::f03 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25496
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
date
Tue, 06 Aug 2024 10:43:31 GMT
expires
Tue, 06 Aug 2024 10:43:31 GMT
pragma
no-cache
request-context
appId=
server
Kestrel
strict-transport-security
max-age=86400 ; includeSubDomains
vary
Accept-Encoding
x-correlationid
0HN5IDKBV846A:000002FB
x-operationid
d71d69c69009ba835e491780f0389682

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=0, no-cache, no-store
content-length
0
critical-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
date
Tue, 06 Aug 2024 10:43:31 GMT
expires
Tue, 06 Aug 2024 10:43:31 GMT
location
https://support.microsoft.com/en-US
pragma
no-cache
request-context
appId=
server
Kestrel
strict-transport-security
max-age=86400 ; includeSubDomains
x-correlationid
0HN5IDKBV846A:000002FA
x-operationid
c93cb25b74708bcfc395271c08fd09c8
ado.mp3
brilliant-flan-c13ff6.netlify.app/ 		196 KB
196 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://brilliant-flan-c13ff6.netlify.app/ado.mp3
Requested by
Host: brilliant-flan-c13ff6.netlify.app
URL: https://brilliant-flan-c13ff6.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:16e:df00::64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Netlify /
Resource Hash
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-nf-request-id
01J4KMJXHSTXN5JMJEQ8FFSPJT
date
Tue, 06 Aug 2024 10:43:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Netlify
age
20485
cache-status
"Netlify Edge"; hit
etag
"7e99a7207baa1fefa8a24c66e8fb0cb2-ssl"
content-type
audio/mpeg
Content-Range
bytes 0-200831/200832
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
Content-Length
200832
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LPS865GCM1&gtm=45je47v0v9187345237za200&_p=1722941011430&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=595148566.1722941012&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722941011&sct=1&seg=0&dl=https%3A%2F%2Fbrilliant-flan-c13ff6.netlify.app%2F&dt=Service%20-%20Helpline&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1185
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LPS865GCM1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://brilliant-flan-c13ff6.netlify.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Aug 2024 10:43:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://brilliant-flan-c13ff6.netlify.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| startScan function| playSound object| date string| current_date string| current_time string| date_time function| gtag object| dataLayer object| Tawk_API object| Tawk_LoadStart object| elem function| openFullscreen function| closeFullscreen function| showDontLeavePopup function| clickIE4 function| clickNS4 string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

19 Cookies

Domain/Path Name / Value
support.microsoft.com/signin-oidc Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8LWN6nmb9HBGpcIJvpEgkL0RBdBESRykJd9v8rPfVGhtK32RtgfFTrZbhXUjPpKeDEZW_pjyw05OQmhaGtU84BAdREpXdpXscWHQ1DfbPvcuw6wLA2L6Yrq5KoOkHMZ_88X2mADfg0QNstedXUPEs9cvj6dGP3q99K5KqOYNizEGkw3MPoxt3g4YIE3dhyDR-jxk5lV3w_YJ_PcXXL2WOeA3RvQMFFhKA5bwTPc7hdj3gslMZwRcBWnwtcDyQjOlNqxN2OfB-m_Wn3NaoY68L_c
Value: N
support.microsoft.com/ Name: EXPID
Value: 779c0a41-7677-483f-bdcb-66165d39a9e2
.brilliant-flan-c13ff6.netlify.app/ Name: _ga
Value: GA1.1.595148566.1722941012
.brilliant-flan-c13ff6.netlify.app/ Name: _ga_LPS865GCM1
Value: GS1.1.1722941011.1.0.1722941011.0.0.0
support.microsoft.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: e97d1a62-e0f7-49fc-a472-642f929b1923
support.microsoft.com/ Name: ai_session
Value: IO19Bfyjn83Sqs7ml3i5mB|1722941012609|1722941012609
login.microsoftonline.com/ Name: buid
Value: 0.ARgAMe_N-B6jSkuT5F9XHpElWhkrJ-4RRD9DjyhcE8tv1AcBAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYih5Q2jgI6RQR9fcBZRmbEHfJ2JB_XmpdctiLfSsjWbySVUQBx3nAweObjQ21RFlm36_cq2kAsQJnN-FE9tr4bmFXEXD6gWCvPhQTN7OUdHQgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYMMHxplsdDa9txm0dyXP8b7_rLrtkrIGcoqg2ugYwm-HykBnib5tTRgfgw48wJvbUMEcI7kg8sQQtAdct0ldYivaxkyrjOnUCkqZ3We0ULt2fackD4rXsdtI4fSALl_AXpmOOTgNvbj7I3WBkFACK5n7h3DWRdtQ62VGQERr-gnUgAA
.login.microsoftonline.com/ Name: esctx-YZWEQ0bDLKM
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYmGxCKhf7XIRxjJN5K9RW1D2vTZOHKI863xZY_a2iu_SKV237nhW61RCLMQ9fhYD7efH3yDSemMRb27ofPfV4OUhygf22KIk8HAOqucetKw8qQxX5-MD7hMi8lN08HhftsDavMvDcu7d0uEgIwnPlzCAA
login.microsoftonline.com/ Name: fpc
Value: ArkXrZ-aj1tJuw4dOr0Tss5qwEtIAQAAAFP1Q94OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
www.microsoft.com/ Name: akacd_OneRF
Value: 1730717013~rv=53~id=192b792afccb2bb9ed787a2de88a4c1b
.login.live.com/ Name: uaid
Value: 88d4d39f391c415ea71448d5dfb37a4b
.login.live.com/ Name: MSPRequ
Value: id=12&lt=1722941013&co=0
.login.live.com/ Name: OParams
Value: 11O.DnX7Pa3LVdiBdrK3aUFLo8G*jtgbTrdbBN6YIiWUx3lhm35!72JfeqI7TdLjjTaqW8xucOEZQUkq2H27TSy6sYhGvmwFjSFJwzf35!uY0I59gHBClbqDfxVQBxzd9tROeTDpd8j5!M5Gjy*wvtAiCXRcDKAUtqjREzY4soarhez3dN4qUfMDwl8yWDzKY1V3Vn!Z5JO5L0ccuHsw5mF28DijY*gonvD09as5G0ualAwAIT06PgDCVCVOTPtuLc!jGt7yf3u!!AJrim2jF3h99W0$
.microsoft.com/ Name: MC1
Value: GUID=3f1b68d660a4491bb27e3d411944b255&HASH=3f1b&LV=202408&V=4&LU=1722941014080
.microsoft.com/ Name: MS0
Value: 42ddb383ea724f29b9b3df167e38fe49
support.microsoft.com/ Name: MSFPC
Value: GUID=3f1b68d660a4491bb27e3d411944b255&HASH=3f1b&LV=202408&V=4&LU=1722941014080

5 Console Messages

Source Level URL
Text
network error URL: https://brilliant-flan-c13ff6.netlify.app/maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://brilliant-flan-c13ff6.netlify.app/cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://brilliant-flan-c13ff6.netlify.app/stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error
Message:
Refused to frame 'https://support.microsoft.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
security error
Message:
Refused to frame 'https://mem.gfx.ms/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://support.microsoft.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload