wossupport.rf.gd
Open in
urlscan Pro
185.27.134.57
Malicious Activity!
Public Scan
Effective URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Submission: On July 05 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by GoGetSSL RSA DV CA on June 9th 2023. Valid for: 3 months.
This is the only time wossupport.rf.gd was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.21.69.121 104.21.69.121 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 25 | 185.27.134.57 185.27.134.57 | 34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited) | |
10 | 13.33.174.117 13.33.174.117 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 142.250.207.42 142.250.207.42 | 15169 (GOOGLE) (GOOGLE) | |
1 | 69.16.175.10 69.16.175.10 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
2 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.26.8.174 104.26.8.174 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.65.229 151.101.65.229 | 54113 (FASTLY) (FASTLY) | |
1 | 172.217.175.8 172.217.175.8 | 15169 (GOOGLE) (GOOGLE) | |
6 | 34.107.203.234 34.107.203.234 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 142.251.42.131 142.251.42.131 | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.139.128.10 151.139.128.10 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 216.239.32.178 216.239.32.178 | 15169 (GOOGLE) (GOOGLE) | |
4 | 185.17.186.162 185.17.186.162 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
57 | 15 |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-117.nrt57.r.cloudfront.net
tools.luckyorange.com |
ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f8.1e100.net
www.googletagmanager.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com
settings.luckyorange.com | |
api-preview.luckyorange.com |
ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
rf.gd
1 redirects
wossupport.rf.gd |
3 MB |
16 |
luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 12054 settings.luckyorange.com — Cisco Umbrella Rank: 11934 api-preview.luckyorange.com — Cisco Umbrella Rank: 15697 |
426 KB |
5 |
mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7488 o2.mouseflow.com — Cisco Umbrella Rank: 44316 |
57 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1032 |
72 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63 |
255 B |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79 |
82 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368 |
23 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274 |
5 KB |
1 |
infinityfree.net
errors.infinityfree.net |
|
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 749 |
29 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88 |
2 KB |
1 |
smarttoday.live
1 redirects
smarttoday.live |
508 B |
57 | 13 |
Domain | Requested by | |
---|---|---|
25 | wossupport.rf.gd |
1 redirects
wossupport.rf.gd
|
10 | tools.luckyorange.com |
wossupport.rf.gd
tools.luckyorange.com |
4 | api-preview.luckyorange.com |
tools.luckyorange.com
|
4 | o2.mouseflow.com |
cdn.mouseflow.com
|
2 | settings.luckyorange.com |
tools.luckyorange.com
|
2 | maxcdn.bootstrapcdn.com |
wossupport.rf.gd
maxcdn.bootstrapcdn.com |
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | cdn.mouseflow.com |
wossupport.rf.gd
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.googletagmanager.com |
wossupport.rf.gd
|
1 | cdn.jsdelivr.net |
wossupport.rf.gd
|
1 | cdnjs.cloudflare.com |
wossupport.rf.gd
|
1 | errors.infinityfree.net |
wossupport.rf.gd
|
1 | code.jquery.com |
wossupport.rf.gd
|
1 | fonts.googleapis.com |
wossupport.rf.gd
|
1 | smarttoday.live | 1 redirects |
57 | 16 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wossupport.rf.gd GoGetSSL RSA DV CA |
2023-06-09 - 2023-09-07 |
3 months | crt.sh |
luckyorange.com Amazon RSA 2048 M01 |
2023-02-27 - 2024-01-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
settings.luckyorange.com R3 |
2023-06-21 - 2023-09-19 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-24 - 2023-09-24 |
a year | crt.sh |
api-preview.luckyorange.com R3 |
2023-06-21 - 2023-09-19 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Frame ID: AD72B239A0DCA471053A8DA20C1D6D2C
Requests: 43 HTTP requests in this frame
Frame:
https://tools.luckyorange.com/core/core.js?v=11aa352
Frame ID: 881D2B3A6AC48AC454B10B1A2A97E3E2
Requests: 3 HTTP requests in this frame
Frame:
https://tools.luckyorange.com/core/frame.js?v=11aa352
Frame ID: 7B89A29C8FD10A45C76C291BC986D888
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
ã‚»ã‚ュリティセンターコード0x268d3サービスPage URL History Show full URLs
-
https://smarttoday.live/dating/rd/index.php
HTTP 302
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582 Page URL
- https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Mouse Flow (Analytics) Expand
Detected patterns
- cdn\.mouseflow\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://smarttoday.live/dating/rd/index.php
HTTP 302
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582 Page URL
- https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://smarttoday.live/dating/rd/index.php HTTP 302
- https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
- https://wossupport.rf.gd/chat2.css HTTP 302
- https://errors.infinityfree.net/errors/403/
57 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
index.php
wossupport.rf.gd/ Redirect Chain
|
899 B 739 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aes.js
wossupport.rf.gd/ |
30 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
wossupport.rf.gd/ |
40 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lo.js
tools.luckyorange.com/core/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
wossupport.rf.gd/ |
205 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
34 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
code.jquery.com/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
wossupport.rf.gd/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
errors.infinityfree.net/errors/403/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7a-bg.png
wossupport.rf.gd/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg2.jpeg
wossupport.rf.gd/ |
358 KB 359 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minimize.png
wossupport.rf.gd/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.png
wossupport.rf.gd/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setting.png
wossupport.rf.gd/ |
364 B 578 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
que.png
wossupport.rf.gd/ |
349 B 562 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
virus-scan.png
wossupport.rf.gd/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bell.png
wossupport.rf.gd/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pc.png
wossupport.rf.gd/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
def.png
wossupport.rf.gd/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cross.png
wossupport.rf.gd/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-img.png
wossupport.rf.gd/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ |
82 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fullscreen.js
wossupport.rf.gd/ |
245 B 410 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
before.js
wossupport.rf.gd/ |
366 B 471 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
wossupport.rf.gd/ |
2 KB 763 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light.js
wossupport.rf.gd/ |
503 B 499 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
232 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ab023d5f
settings.luckyorange.com/ |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
ab023d5f
settings.luckyorange.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
tools.luckyorange.com/core/ Frame 881D |
206 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0wa0rni0ng0.mp3
wossupport.rf.gd/ |
2 KB 3 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0d36df93-4be4-4945-a372-1272a8dd9452.js
cdn.mouseflow.com/projects/ |
192 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beep.mp3
wossupport.rf.gd/ |
8 KB 9 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alertmicrosoft.mp3
wossupport.rf.gd/ |
56 B 305 B |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
tools.luckyorange.com/messenger/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
tools.luckyorange.com/messenger/ |
1 KB 912 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.js
tools.luckyorange.com/core/ Frame 7B89 |
57 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.51149f0e.css
tools.luckyorange.com/messenger/css/ Frame 7B89 |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.f7467ed3.css
tools.luckyorange.com/messenger/css/ Frame 7B89 |
497 B 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.58dfd0a5.js
tools.luckyorange.com/messenger/js/ Frame 7B89 |
125 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.94b4a82e.js
tools.luckyorange.com/messenger/js/ Frame 7B89 |
1 MB 302 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
o2.mouseflow.com/ |
0 212 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a7d70021-c164-4412-a772-adbefe45863c
https://wossupport.rf.gd/ Frame 881D |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9f1b284d-eee2-4fe5-afe3-f9bf914a6400
https://wossupport.rf.gd/ Frame 881D |
22 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
search
api-preview.luckyorange.com/conversations/threads/ Frame 7B89 |
21 B 112 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
search
api-preview.luckyorange.com/conversations/threads/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
ab023d5f-1688547046352-99fe8e92e256a1dd
api-preview.luckyorange.com/visitors/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ab023d5f-1688547046352-99fe8e92e256a1dd
api-preview.luckyorange.com/visitors/ Frame 7B89 |
458 B 475 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lo-symbol.f1058a7b.svg
tools.luckyorange.com/messenger/img/ Frame 7B89 |
955 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
html
o2.mouseflow.com/ |
0 193 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ |
65 KB 66 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dom
o2.mouseflow.com/ |
0 194 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dom
o2.mouseflow.com/ |
0 193 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| LO function| $ function| jQuery function| getVariableFromURl string| phone string| phone_number object| html5 object| Modernizr object| bootstrap function| addEvent object| modal object| btn undefined| span object| _mfq function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| LOQ object| _loq boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wossupport.rf.gd/ | Name: __test Value: c54ff9276ed3d5f2b961d38152b70175 |
|
.rf.gd/ | Name: _ga_3TR7PMS9YS Value: GS1.1.1688547046.1.0.1688547046.0.0.0 |
|
.rf.gd/ | Name: _ga Value: GA1.1.2009213529.1688547047 |
|
.rf.gd/ | Name: lo-uid Value: ab023d5f-1688547046352-99fe8e92e256a1dd |
|
.rf.gd/ | Name: lo-visits Value: 1 |
|
.rf.gd/ | Name: mf_user Value: c8a3afdaf6bece75f8e231e4f786ebbb| |
|
.rf.gd/ | Name: mf_0d36df93-4be4-4945-a372-1272a8dd9452 Value: cec04657b46c996f0b6f85e97f9cc0bb|07054649eb09d94e0ad785b9a225797fcfd3aa9d.2840121101.1688547046952|1688547046949||0|||0|17.91|77.81498 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-preview.luckyorange.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdnjs.cloudflare.com
code.jquery.com
errors.infinityfree.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
o2.mouseflow.com
settings.luckyorange.com
smarttoday.live
tools.luckyorange.com
wossupport.rf.gd
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
104.18.10.207
104.21.69.121
104.26.8.174
13.33.174.117
142.250.207.42
142.251.42.131
151.101.65.229
151.139.128.10
172.217.175.8
185.17.186.162
185.27.134.57
216.239.32.178
34.107.203.234
69.16.175.10
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0677c7ddbe1d514f886fed6dae932c05293389be7acee88601c473fdc86f6ac1
0e5b6ff49c863112f692e1af6be1e95b615b2fc21d18ad849a61219ed1078375
10a99594267aa4bd3ea83586bbc93bea00f127ac756526763bdf856b437e413c
13ee09efef992ec899ca28dea08d00886fce5e8b3ad6c19e6c753a899bcfdaea
2583d8751556269beb23406aa81e71d3157e3b60a52c27474b49a954d28a79ee
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
33db97809bc63a2e2c8163155ad1ee0657d50c00584d5e3d50f8683212ec95c8
38a4631325053d2848d947f0af0e23ed2d86efc143d9811becec972a9ad61f9b
3b50116c3101a511d2559c79c005b6cf57fd89fd52dac1d3566ebaeaf53f1dec
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
40dd8a184408b9c6f376673ffd39c74611f4ef9ff0a1daa8b3760015d801883d
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4a5bcf47e0ad55e1760ae95932886ce0424772f5105efed5a4177747cc169508
5216faa387027ca8107dbbd952640dfb8406244baddca11706ed17cce69eefce
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd
89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e
91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0
a4c4018aaeb57c171f6ee7406708949e8596491a2bc04dfb2595c45351d9c90c
a64809b121a623f12b805aae55047b721691ef0b2093ef940ad4f3d1ada63aa8
ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048
aeca40d7d9c38b0e118e2c7abd082a7e609284396b20c89a38b2cb5844c61ef4
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b2901f408265c7a9d8d5cfe0c8865e27289949848862945f8a3eda85898100be
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
bc42ff6262c121035b412fdc45b304ca56ed0353704f77702a4c2b50162da702
c0e7be4528cf4d58de02bb42cfbd4f9fcf78189e411e8847f6604fdddd32479f
c85d73fc047c17a081f3da69eb9885ae5c142b7418aef114a93d43c63ae89a72
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dfcc16fd49167f62d2acb07ed991fb0535f5ca863c5c15cfa20cfd76c1b1cfbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d3814614580ebf09dcb473a120b2baf5d429d6394dd0baaa6216d190b32df
e5cf7987f8eda377da9ce7bb1aed3144eccc244cac88c225d3c3d2f7a1226494
e8e65d2f80115c8b0fa2c26cce598b99aa247aa1f7b008cdff2bc96c2e976058
ecc70814d107f2a64331b496f44652d8e894b488ada04203df65b7465220de8b
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
fe7622e5cee2bcdd0d9e6dcd28d0199d4962db0dbfec9c5917a8e1194d819ffd
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995