help.nomadinternet.com Open in urlscan Pro
82.221.130.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nomadsupport.com/
Effective URL:
https://help.nomadinternet.com/guest/ticket/add
Submission: On August 26 via automatic, source certstream-suspicious (August 26th 2024, 5:30:47 pm UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 16 HTTP transactions. The main IP is 82.221.130.82, located in Reykjavik, Iceland and belongs to THORDC-AS, IS. The main domain is help.nomadinternet.com.
TLS certificate: Issued by R10 on August 20th 2024. Valid for: 3 months.

This is the only time help.nomadinternet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
4	82.221.130.82 82.221.130.82	50613 (THORDC-AS) (THORDC-AS)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	178.248.238.120 178.248.238.120	51115 (HLL-AS) (HLL-AS)
2	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
16	7

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

nomadsupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 82.221.130.82 (Reykjavik, Iceland)

ASN50613 (THORDC-AS, IS)

help.nomadinternet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.248.238.120 (Russian Federation)

ASN51115 (HLL-AS, RU)

api.bitrix24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	nomadinternet.com help.nomadinternet.com	66 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10	959 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	100 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	90 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	27 KB
1	gstatic.com www.gstatic.com	213 KB
1	bitrix24.com api.bitrix24.com	9 KB
1	nomadsupport.com 1 redirects nomadsupport.com	324 B
16	8

	Domain	Requested by
4	help.nomadinternet.com	help.nomadinternet.com
3	www.google.com	help.nomadinternet.com www.gstatic.com
3	cdnjs.cloudflare.com	help.nomadinternet.com
2	use.fontawesome.com	help.nomadinternet.com use.fontawesome.com
2	cdn.jsdelivr.net	help.nomadinternet.com
1	www.gstatic.com	www.google.com
1	api.bitrix24.com	help.nomadinternet.com
1	nomadsupport.com	1 redirects
16	8

This site contains no links.

Subject Issuer	Validity	Valid
help.nomadinternet.com R10	`2024-08-20` - `2024-11-18`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.bitrix24.com Go Daddy Secure Certificate Authority - G2	`2023-11-19` - `2024-12-20`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://help.nomadinternet.com/guest/ticket/add
Frame ID: BF2C024764ECE8F829BE5353BFD74D7D
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld48ioqAAAAAI2yuM3mVgflIaMEVO5Ae-ujbBI3&co=aHR0cHM6Ly9oZWxwLm5vbWFkaW50ZXJuZXQuY29tOjQ0Mw..&hl=en&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=normal&cb=cxea2js6alr3
Frame ID: 5EB20328FB32628F4D4BF94E9416C4E6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=i7X0JrnYWy9Y_5EYdoFM79kV&k=6Ld48ioqAAAAAI2yuM3mVgflIaMEVO5Ae-ujbBI3
Frame ID: 859C33F34A95A674D88DD2ED2AB79D4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nomad Internet | Create New Ticket --

Page URL History Show full URLs

https://nomadsupport.com/ HTTP 301
https://help.nomadinternet.com/guest/ticket/add Page URL

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+
/alpine(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

16
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

505 kB
Transfer

3820 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nomadsupport.com/ HTTP 301
https://help.nomadinternet.com/guest/ticket/add Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request add Show response
help.nomadinternet.com/guest/ticket/
Redirect Chain

https://nomadsupport.com/
https://help.nomadinternet.com/guest/ticket/add

24 KB
7 KB

200ms
82ms

Document
text/html

82.221.130.82
THORDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://help.nomadinternet.com/guest/ticket/add
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 82.221.130.82 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: fd198973f96b92f040b9342fe7a519a9bdd84158a4566c5d487f9e2b5239e49c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Aug 2024 17:30:43 GMT
ETag: W/"5fa4-vv2gFcF8ylFdwXLWoK6vTASsgcU"
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express

Redirect headers

Connection: close
Content-Length: 82
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Aug 2024 17:30:42 GMT
Location: https://help.nomadinternet.com/guest/ticket/add
Server: ip-10-123-125-130.ec2.internal
Vary: Accept-Encoding
X-Request-Id: 05f692ce-f1ae-4fbb-aef1-cf0458577bfb

GET
H3 200 tailwind.min.css
cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.2.19/ 3 MB
72 KB 42ms
30ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.2.19/tailwind.min.css

Requested by

Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://help.nomadinternet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 17:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 329606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 72803
last-modified: Fri, 29 Oct 2021 15:08:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "617c0e65-11c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARZoHOCnzRoecTmV8wNzjTZpqLR2Iol40yS2SGJGPajtmP8F0wpzinz3I%2FJvxxJ8MewfmGQ7nasgck3WMHIs1l4v%2FNtiRYdEne4SPz%2Bgx5mtZd6KwuCREooFupE4jZI%2Beh2iNmsjD2n4HyTByYJk5TBA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b958d23d8c12c1a-FRA
expires: Sat, 16 Aug 2025 17:30:43 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
959 B 37ms
20ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee18fa1ada74c5d3261424bcc1c4f077510c31a06bee0ff6742f180ed14c57d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.nomadinternet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 17:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 26 Aug 2024 17:30:43 GMT

GET
H2 200 alpine.min.js Show response
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/ 26 KB
8 KB 8ms
7ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/alpine.min.js

Requested by

Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help.nomadinternet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Aug 2024 17:30:43 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2539068
x-jsd-version: 2.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8349
x-served-by: cache-fra-eddf8230034-FRA
x-jsd-version-type: version
etag: W/"6964-M33llwtEtRbUwMPPG0SKpWL3vX8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios/dist/ 52 KB
18 KB 28ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js

Requested by

Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b0478cd8c58a855bcf2289c517972a70cfb47c0e7c73e752603b702a42ceb274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://help.nomadinternet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Aug 2024 17:30:43 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13892
x-jsd-version: 1.7.5
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18339
x-served-by: cache-fra-eddf8230034-FRA
x-jsd-version-type: version
etag: W/"d121-mRdtCDXwK8+qooVLUg/nfWVkNNw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.2/ 57 KB
17 KB 35ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.2/moment.min.js

Requested by

Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87c242de506efe4c3f71de5ce044e2c71ee285c885afe6675ed36a5c8284b3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://help.nomadinternet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 17:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1434046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16779
last-modified: Sun, 03 Apr 2022 16:03:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6249c56c-418b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcRGqct8CMnu2hJRISV2EzRHdHK0kPYz9VV2bT0Eifi2qu%2FTQ4ZtxP94SEixkmRUb3FRo1b9G0%2B0rFZr77G4kfepRywOBpRAsUJZM1Vi1S8Avkysy%2F5EG47iYwf%2F8B%2FV0o6fpkZdr4%2FWtlnO0aRpSoKr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b958d23d8c32c1a-FRA
expires: Sat, 16 Aug 2025 17:30:43 GMT

GET
H/1.1 200
OK / Show response
api.bitrix24.com/api/v1/dev/ 26 KB
9 KB 180ms
128ms Script
application/javascript 178.248.238.120
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bitrix24.com/api/v1/dev/

Requested by

Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.238.120 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

78f124ae1e7c4245856462144524da83f2f020a6bc1a64abe250e7fe4185f992

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob:; connect-src https: wss: blob:; font-src https: data:; frame-src https:; frame-ancestors 'self'; img-src https: blob: data:; media-src https: blob:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://help.nomadinternet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 17:30:43 GMT
Content-Security-Policy: default-src https: blob:; connect-src https: wss: blob:; font-src https: data:; frame-src https:; frame-ancestors 'self'; img-src https: blob: data:; media-src https: blob:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:;
Content-Encoding: gzip
Last-Modified: Tue, 29 Jun 2021 12:19:33 GMT
Server: QRATOR
ETag: W/"60db0fd5-696c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Keep-Alive: timeout=15

GET
H3 200 datepicker.min.js Show response
cdnjs.cloudflare.com/ajax/libs/flowbite/2.3.0/ 42 KB
11 KB 57ms
45ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flowbite/2.3.0/datepicker.min.js

Requested by

Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443144f5a8b74f1124d73cc9415b7f44db3851597cc1a27d45a30b61a4c0e151

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://help.nomadinternet.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 17:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 324608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11020
last-modified: Wed, 14 Feb 2024 15:31:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65ccdcb4-2b0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWxtry%2FzLIBCaOhbt%2Fc0iIGUKpZLZx%2BcvQxPaN7P%2B3cgFSDokow%2FwAItjK%2BCjhthXqptytnfRmrcgiYUTTDWGIIWIZtqsncCpWIKqzWiAasIO6olcNMvSLjGuazubis0H%2B1swEOvdEnt7QRAW9c%2Bolkx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b958d23d8c42c1a-FRA
expires: Sat, 16 Aug 2025 17:30:43 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
12 KB 237ms
219ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by: Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

Referer: https://help.nomadinternet.com/
Origin: https://help.nomadinternet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 17:30:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b8085bf2c839791244bd95f56fb93c01"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sYlTNKtm270zOg9E1H%2Fgjw6J6dGMk%2FwZgi72%2FjTK1pcqkBXHMi%2BwQwYC%2FBkVnKEaGPr2u0SDeirD17i01vSfVOIVnlSq0RHjo8xA1dAJvK1pDlB37ytBqOMfC5ENhsFu9iUXSoGKZzb%2BbDYoAsJioxd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8b958d23e9a39253-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 538 KB
213 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1425b3dc4e809e5488aae10e2eb2511f652c6a9c3845c98c3fe69f07fe0c9e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://help.nomadinternet.com/
Origin: https://help.nomadinternet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 17:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217366
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 04:00:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Aug 2025 17:03:31 GMT

GET
H/1.1 200
OK Graphie-Regular.otf
help.nomadinternet.com/fonts/ 58 KB
58 KB 108ms
108ms Font
font/otf 82.221.130.82
THORDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://help.nomadinternet.com/fonts/Graphie-Regular.otf
Requested by: Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 82.221.130.82 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 5c2dfe2569f9d71d78a953bd31741b87a3d7ef63074abb856699f2a8c87a254f

Request headers

Referer: https://help.nomadinternet.com/guest/ticket/add
Origin: https://help.nomadinternet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 17:30:43 GMT
Last-Modified: Mon, 26 Aug 2024 10:05:29 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"e72c-1918e25d2b1"
Content-Type: font/otf
Cache-Control: public, max-age=0, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59180

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.1/webfonts/ 77 KB
78 KB 227ms
227ms Font
font/woff2 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Origin: https://help.nomadinternet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 17:30:43 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "59ea9019c9b9bc4d83ab9783e830735c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rU%2FyS3ZT8fznRht1tOp9mfO19ADufjyoTDDKTLPtePB4uEBIztNTNObLnIAC9jD3238RqlQR6Q7UFmIZCgSHY4p0%2FCUT1F2BqATLwWkBakFLqetQOQIeC7pCrAS1V3CxOm7EfRiigAui1oApL7NScaJb"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8b958d257bdd9253-FRA
alt-svc: h3=":443"; ma=86400
content-length: 79072

POST
H/1.1 200
OK getGroups Show response
help.nomadinternet.com/guest/ 211 B
409 B 1897ms
1797ms Fetch 82.221.130.82
THORDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://help.nomadinternet.com/guest/getGroups
Requested by: Host: help.nomadinternet.com
URL: https://help.nomadinternet.com/guest/ticket/add
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 82.221.130.82 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 5a3e0c6f6a33db61c8178d2c9e6ec8254143509caa2b100d1d5944a8353de9ac

Request headers

Referer: https://help.nomadinternet.com/guest/ticket/add
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 17:30:45 GMT
Cache-Control: no-cache
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Transfer-Encoding: chunked

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 5EB2 0
0 63ms
36ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld48ioqAAAAAI2yuM3mVgflIaMEVO5Ae-ujbBI3&co=aHR0cHM6Ly9oZWxwLm5vbWFkaW50ZXJuZXQuY29tOjQ0Mw..&hl=en&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=normal&cb=cxea2js6alr3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QaPa6ixauP_KVr7_Nuly7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.nomadinternet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QaPa6ixauP_KVr7_Nuly7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 17:30:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK faviconV2.png
help.nomadinternet.com/ 309 B
643 B 54ms
54ms Other
image/png 82.221.130.82
THORDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://help.nomadinternet.com/faviconV2.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 82.221.130.82 Reykjavik, Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 8323bd8783c21a69befaf06f68cd740eb74bc067da0d41f3bbc164f68b348808

Request headers

Referer: https://help.nomadinternet.com/guest/ticket/add
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 17:30:43 GMT
Last-Modified: Thu, 22 Aug 2024 07:51:59 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"135-19179122c5f"
Content-Type: image/png
Cache-Control: public, max-age=0, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 309

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 859C 0
0 21ms
21ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=i7X0JrnYWy9Y_5EYdoFM79kV&k=6Ld48ioqAAAAAI2yuM3mVgflIaMEVO5Ae-ujbBI3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6-fcuBkfY78yQWsK0d7KzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://help.nomadinternet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6-fcuBkfY78yQWsK0d7KzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 17:30:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			help.nomadinternet.com/	1970-01-20 23:05:53	Name: connect.sid Value: s%3AFbYafifc7-HMJJu8oyy1eaWDTcj0dC1S.lwIZgWYDiZPFZ88%2BCXJgtD%2FAT0kRK5UPr8O3%2F6xiGys

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bitrix24.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
help.nomadinternet.com
nomadsupport.com
use.fontawesome.com
www.google.com
www.gstatic.com
178.248.238.120
2606:4700:3037::ac43:8ef5
2606:4700::6811:190e
2a00:1450:4001:82a::2004
2a00:1450:4001:831::2003
2a04:4e42:600::485
3.33.251.168
82.221.130.82
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11
1425b3dc4e809e5488aae10e2eb2511f652c6a9c3845c98c3fe69f07fe0c9e2b
443144f5a8b74f1124d73cc9415b7f44db3851597cc1a27d45a30b61a4c0e151
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
5a3e0c6f6a33db61c8178d2c9e6ec8254143509caa2b100d1d5944a8353de9ac
5c2dfe2569f9d71d78a953bd31741b87a3d7ef63074abb856699f2a8c87a254f
78f124ae1e7c4245856462144524da83f2f020a6bc1a64abe250e7fe4185f992
8323bd8783c21a69befaf06f68cd740eb74bc067da0d41f3bbc164f68b348808
87c242de506efe4c3f71de5ce044e2c71ee285c885afe6675ed36a5c8284b3e9
b0478cd8c58a855bcf2289c517972a70cfb47c0e7c73e752603b702a42ceb274
b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932
de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74
ee18fa1ada74c5d3261424bcc1c4f077510c31a06bee0ff6742f180ed14c57d8
fd198973f96b92f040b9342fe7a519a9bdd84158a4566c5d487f9e2b5239e49c

help.nomadinternet.com Open in urlscan Pro 82.221.130.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

7 IPs

4 Countries

505 kBTransfer

3820 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

Indicators

help.nomadinternet.com Open in urlscan Pro
82.221.130.82 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

505 kB
Transfer

3820 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions