context safety score
A score of 35/100 indicates multiple risk signals were detected. This entity shows patterns commonly associated with malicious intent.
encoded payload
suspicious base64-like blobs detected in page content
brand impersonation
The domain omegle.cc impersonates the now-defunct Omegle (omegle.com), using identical branding, logo, name, and service description to appear as the official Omegle platform. The original Omegle shut down in November 2023; this site trades on that brand recognition to attract users under false pretenses. (location: page.html:18, page.html:264-265, page.html:473, metadata.json:domain)
malicious redirect
Prominent header and mobile buttons redirect users to omegle.me (an unrelated third-party domain) labeled '🔥 New Omegle Alternative 👉'. This unsolicited cross-domain redirect leverages the impersonated brand to funnel traffic to an external site whose safety cannot be assessed from this page. (location: page.html:272-274, page.html:373-375)
malicious redirect
Footer and body content link to omegle.life (a separate third-party domain) using the anchor text 'Omegle', implying it is the official site. Users clicking this are silently redirected to a different domain than the one they are on. (location: page.html:509, page.html:672, page.html:755)
social engineering
The site employs multiple deceptive trust signals: (1) an image labeled 'Omegle.cc Safe' referencing a 'Guaranteed Safe Checkout' badge repurposed from e-commerce contexts; (2) an 'Awards' image implying recognition; (3) repeated safety/privacy claims ('your personal data is never shared', 'encrypted connections') with no verifiable backing; (4) FAQ answers stating no age verification is needed despite claiming 18+ only policy — lowering user guard to drive engagement and app installs. (location: page.html:477-478, page.html:501-502, page.html:557-561, page.html:629)
social engineering
Aggressive PWA install prompts via a sticky banner and iOS Safari overlay push users to install a Progressive Web App, framed as the legitimate 'Omegle App'. Installing a PWA from an impersonating domain grants it persistent access (home screen presence, notifications, offline capability) under the guise of the trusted Omegle brand. (location: page.html:859-874, page.html:876)
hidden content
An iOS Safari A2HS (Add to Home Screen) install overlay div is present in the DOM with style='display:none', rendered invisible to users until triggered by JavaScript. This is a covert install prompt that activates conditionally based on browser/device detection. (location: page.html:866-874)
malicious redirect
A third-party chat iframe is loaded from iframe.coomeet.me via dynamically injected JavaScript (PartnerID: 16324248717815, ChannelName: 'omegle_cc'). This embeds an external video-chat service from a different domain inside the impersonating site, exposing users to a third-party platform whose data practices and content moderation are unknown and unverifiable from this page. (location: page.html:446)
curl https://api.brin.sh/domain/omegle.ccCommon questions teams ask before deciding whether to use this domain in agent workflows.
omegle.cc currently scores 35/100 with a suspicious verdict and low confidence. The goal is to protect agents from high-risk context before they act on it. Treat this as a decision signal: higher scores suggest lower observed risk, while lower scores mean you should add review or block this domain.
Use the score as a policy threshold: 80–100 is safe, 50–79 is caution, 20–49 is suspicious, and 0–19 is dangerous. Teams often auto-allow safe, require human review for caution/suspicious, and block dangerous.
brin evaluates four dimensions: identity (source trust), behavior (runtime patterns), content (malicious instructions), and graph (relationship risk). Analysis runs in tiers: static signals, deterministic pattern checks, then AI semantic analysis when needed.
Identity checks source trust, behavior checks unusual runtime patterns, content checks for malicious instructions, and graph checks risky relationships to other entities. Looking at sub-scores helps you understand why an entity passed or failed.
brin performs risk assessments on external context before it reaches an AI agent. It scores that context for threats like prompt injection, hijacking, credential harvesting, and supply chain attacks, so teams can decide whether to block, review, or proceed safely.
No. A safe verdict means no significant risk signals were detected in this scan. It is not a formal guarantee; assessments are automated and point-in-time, so combine scores with your own controls and periodic re-checks.
Re-check before high-impact actions such as installs, upgrades, connecting MCP servers, executing remote code, or granting secrets. Use the API in CI or runtime gates so decisions are based on the latest scan.
Learn more in threat detection docs, how scoring works, and the API overview.
Assessments are automated and may contain errors. Findings are risk indicators, not confirmed threats. This is a point-in-time assessment; security posture can change.
integrate brin in minutes — one GET request is all it takes. query the api, browse the registry, or download the full dataset.