URL: https://support.nitrosolutions.co.uk/
Submission Tags: phishingrod
Submission: On June 25 via api from DE — Scanned from GB

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 165.227.229.217, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is support.nitrosolutions.co.uk.
TLS certificate: Issued by E6 on June 25th 2024. Valid for: 3 months.
This is the only time support.nitrosolutions.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 165.227.229.217 14061 (DIGITALOC...)
2 2.19.126.225 20940 (AKAMAI-ASN1)
1 2.16.100.91 20940 (AKAMAI-ASN1)
2 193.237.239.177 5378 (Vodafone)
8 5
Apex Domain
Subdomains
Transfer
3 typekit.net
use.typekit.net — Cisco Umbrella Rank: 649
p.typekit.net — Cisco Umbrella Rank: 807
25 KB
3 nitrosolutions.co.uk
support.nitrosolutions.co.uk
627 KB
2 rt-itservices.co.uk
nitrous.rt-itservices.co.uk
1 KB
8 3
Domain Requested by
3 support.nitrosolutions.co.uk support.nitrosolutions.co.uk
2 nitrous.rt-itservices.co.uk support.nitrosolutions.co.uk
2 use.typekit.net support.nitrosolutions.co.uk
use.typekit.net
1 p.typekit.net use.typekit.net
8 4

This site contains no links.

Subject Issuer Validity Valid
support.nitrosolutions.co.uk
E6
2024-06-25 -
2024-09-23
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
nitrous.rt-itservices.co.uk
R3
2024-04-28 -
2024-07-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://support.nitrosolutions.co.uk/
Frame ID: 71C7D562372F1C13D7BF92CF7C615256
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

NitroSolutions HelpDesk

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

652 kB
Transfer

3336 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
support.nitrosolutions.co.uk/
2 KB
1 KB
Document
General
Full URL
https://support.nitrosolutions.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.227.229.217 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty / Express
Resource Hash
5e8be4c33e60eaec849b395bec6f9d4398db6b9cb6676d7971f40b7c86a9616a

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 10:31:24 GMT
etag
W/"715-eNCuDdDWzfQUr8LkOBXHQB3FT2w"
server
openresty
vary
Accept-Encoding
x-powered-by
Express
x-served-by
support.nitrosolutions.co.uk
qdw7rvw.css
use.typekit.net/
1 KB
815 B
Stylesheet
General
Full URL
https://use.typekit.net/qdw7rvw.css
Requested by
Host: support.nitrosolutions.co.uk
URL: https://support.nitrosolutions.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-225.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
86043db8edc1272e7ba2ed25e15ffedc7a7c7a1dbe078eb1343ba0ef1d743c35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://support.nitrosolutions.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 25 Jun 2024 10:31:24 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
592
bundle.js
support.nitrosolutions.co.uk/static/js/
3 MB
624 KB
Script
General
Full URL
https://support.nitrosolutions.co.uk/static/js/bundle.js
Requested by
Host: support.nitrosolutions.co.uk
URL: https://support.nitrosolutions.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.227.229.217 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty / Express
Resource Hash
19df8885f9c5c6f7412b3acc6e68555cd74894314caffad5e113eb551425b299

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://support.nitrosolutions.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:31:24 GMT
content-encoding
gzip
server
openresty
x-powered-by
Express
etag
W/"339605-iTdwk8Vee9PYXuNWwBpxAklCeEU"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
x-served-by
support.nitrosolutions.co.uk
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=qdw7rvw&ht=tk&f=6128&a=66088314&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qdw7rvw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.100.91 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-100-91.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://use.typekit.net/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:31:25 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c56203ce9fbb1837e36c4ab6b60e7e7cadefb04ec4bc1f5b8055244bef083b

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
data
nitrous.rt-itservices.co.uk/sites/
839 B
1 KB
XHR
General
Full URL
https://nitrous.rt-itservices.co.uk/sites/data
Requested by
Host: support.nitrosolutions.co.uk
URL: https://support.nitrosolutions.co.uk/static/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.237.239.177 Warwick, United Kingdom, ASN5378 (Vodafone, GB),
Reverse DNS
static-193-237-239-177.vodafonexdsl.co.uk
Software
openresty / Express
Resource Hash
4e728c060629f03ff691a64a7aa0f2386db457a277e84c512a696e6ca64ef47d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://support.nitrosolutions.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:31:25 GMT
server
openresty
x-powered-by
Express
etag
W/"347-BmsBCk0y6XwebNxahhD98EkB0Ac"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
839
x-served-by
nitrous.rt-itservices.co.uk
data
nitrous.rt-itservices.co.uk/sites/
839 B
150 B
XHR
General
Full URL
https://nitrous.rt-itservices.co.uk/sites/data
Requested by
Host: support.nitrosolutions.co.uk
URL: https://support.nitrosolutions.co.uk/static/js/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.237.239.177 Warwick, United Kingdom, ASN5378 (Vodafone, GB),
Reverse DNS
static-193-237-239-177.vodafonexdsl.co.uk
Software
openresty / Express
Resource Hash
4e728c060629f03ff691a64a7aa0f2386db457a277e84c512a696e6ca64ef47d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://support.nitrosolutions.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:31:25 GMT
server
openresty
x-powered-by
Express
etag
W/"347-BmsBCk0y6XwebNxahhD98EkB0Ac"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
839
x-served-by
nitrous.rt-itservices.co.uk
Favicon.png
support.nitrosolutions.co.uk/
1 KB
1 KB
Other
General
Full URL
https://support.nitrosolutions.co.uk/Favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.227.229.217 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty / Express
Resource Hash
71d8002bf7be01bbbe14da2e16db4f0c5dad9e7c584487a0db3f4f1a425da095

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://support.nitrosolutions.co.uk/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:31:25 GMT
last-modified
Thu, 13 Oct 2022 14:11:43 GMT
server
openresty
x-powered-by
Express
etag
W/"492-183d1afcd18"
access-control-allow-methods
*
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
access-control-allow-headers
*
content-length
1170
x-served-by
support.nitrosolutions.co.uk
truncated
/
266 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/4a35fd/000000000000000077359aed/30/
23 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/4a35fd/000000000000000077359aed/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qdw7rvw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-225.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95ea93c2dddef59792b3ca11d3b7b6cbe0b1fe6788140a2ffff637a872ae6595

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://use.typekit.net/qdw7rvw.css
Origin
https://support.nitrosolutions.co.uk
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:31:26 GMT
server
nginx
etag
"63d1def0686e50df63f36dc8bdda38617e2f88d8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24008

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| webpackHotUpdateit_supportdesk_fe object| __REACT_DEVTOOLS_GLOBAL_HOOK__ boolean| __reactRefreshInjected boolean| __EMOTION_REACT_11__

0 Cookies