www.user.noextraining.com Open in urlscan Pro
151.101.65.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.user.noextraining.com/
Submission: On March 13 via automatic, source certstream-suspicious (March 13th 2021, 10:42:19 am UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 151.101.65.195, located in United States and belongs to FASTLY, US. The main domain is www.user.noextraining.com.
TLS certificate: Issued by GTS CA 1O1 on October 21st 2020. Valid for: a year.

This is the only time www.user.noextraining.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	2a04:4e42:4b:... 2a04:4e42:4b::621	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 1	13.226.159.7 13.226.159.7	16509 (AMAZON-02) (AMAZON-02)
3	65.9.96.38 65.9.96.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
16	6

5 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

www.user.noextraining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:4b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.7 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-7.dus51.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.96.38 (United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	noextraining.com www.user.noextraining.com	390 KB
4	googleapis.com fonts.googleapis.com firestore.googleapis.com	2 KB
3	intercomcdn.com js.intercomcdn.com	111 KB
3	gstatic.com fonts.gstatic.com	57 KB
1	intercom.io 1 redirects widget.intercom.io	247 B
1	jsdelivr.net cdn.jsdelivr.net	101 KB
16	6

	Domain	Requested by
5	www.user.noextraining.com	www.user.noextraining.com
3	js.intercomcdn.com	widget.intercom.io
3	fonts.gstatic.com	fonts.googleapis.com
2	firestore.googleapis.com	www.user.noextraining.com
2	fonts.googleapis.com	www.user.noextraining.com cdn.jsdelivr.net
1	widget.intercom.io	1 redirects
1	cdn.jsdelivr.net	www.user.noextraining.com
16	7

This site contains no links.

Subject Issuer	Validity	Valid
firebaseapp.com GTS CA 1O1	`2020-10-21` - `2021-10-20`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.intercomcdn.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
edgecert.googleapis.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.user.noextraining.com/
Frame ID: 0AF3595AEAE21880D13A76BCF8E41A4E
Requests: 14 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.070cb942.js
Frame ID: C5F0507BF4F24FBCCD42E3391C5070A0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Semantic-ui (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+semantic(?:\.min)\.css"/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

16
Requests

69 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

660 kB
Transfer

2828 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://widget.intercom.io/widget/szhbubfv HTTP 302
https://js.intercomcdn.com/shim.latest.js

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.user.noextraining.com/ 3 KB
2 KB 371ms
287ms Document
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.user.noextraining.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a30e373d9cb035a17cb658381fbfc0c4ccb35d30da9c4c014da4a5b9798f4954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: www.user.noextraining.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "ca656034d3db8bd6de581fef6ee5a8d36350c7c15821458e54f7fa48032145b9-br"
last-modified: Wed, 10 Mar 2021 12:17:26 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Sat, 13 Mar 2021 10:42:01 GMT
x-served-by: cache-cdg20753-CDG
x-cache: MISS
x-cache-hits: 0
x-timer: S1615632121.194885,VS0,VE247
vary: x-fh-requested-host, accept-encoding
content-length: 1433

GET
H2 200 semantic.min.css
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/ 614 KB
101 KB 22ms
21ms Stylesheet
text/css 2a04:4e42:4b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css

Requested by

Host: www.user.noextraining.com
URL: https://www.user.noextraining.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:4b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2720566
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 103066
etag: W/"99738-xBtVnjRc5piOJZyFKbhk0QxxYOQ"
x-served-by: cache-fra19137-FRA, cache-lon4232-LON
date: Sat, 13 Mar 2021 10:42:01 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
781 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;700;900&display=swap

Requested by

Host: www.user.noextraining.com
URL: https://www.user.noextraining.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f5ad737f3eb92e1ba8f95cb4d37ac51dd6af26103140f13a338b9c2e643d671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 10:42:01 GMT
server: ESF
date: Sat, 13 Mar 2021 10:42:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Mar 2021 10:42:01 GMT

GET
H2 200 2.a866c86c.chunk.css
www.user.noextraining.com/static/css/ 9 KB
2 KB 299ms
298ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.user.noextraining.com/static/css/2.a866c86c.chunk.css

Requested by

Host: www.user.noextraining.com
URL: https://www.user.noextraining.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d06c114e75b61e4410653bbd50adc5717edc76c3030fa5202acf544d62c05c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 10 Mar 2021 12:17:26 GMT
x-timer: S1615632121.486845,VS0,VE258
etag: "5d100daf8080a697dfd5ef0913c11377ab7f4f3c76a992ccfff0bf42b4894fa0-br"
x-served-by: cache-cdg20753-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Sat, 13 Mar 2021 10:42:01 GMT
accept-ranges: bytes
content-length: 1649
x-cache-hits: 0

GET
H2 200 main.8a1345a7.chunk.css
www.user.noextraining.com/static/css/ 1 KB
580 B 320ms
319ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.user.noextraining.com/static/css/main.8a1345a7.chunk.css

Requested by

Host: www.user.noextraining.com
URL: https://www.user.noextraining.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

73beeb5945b7f9eb9a06a4846cb5490e7e6e77a299867b1f48cbb6adc182b308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 10 Mar 2021 12:17:26 GMT
x-timer: S1615632121.487106,VS0,VE281
etag: "2a5d16788f5d6bbb1a5fcb0e80529c7e6278d7e1ff0063ca7594b799613ffe89-br"
x-served-by: cache-cdg20753-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Sat, 13 Mar 2021 10:42:01 GMT
accept-ranges: bytes
content-length: 467
x-cache-hits: 0

GET
H2 200 2.c9f2a8e6.chunk.js Show response
www.user.noextraining.com/static/js/ 2 MB
378 KB 488ms
487ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.user.noextraining.com/static/js/2.c9f2a8e6.chunk.js

Requested by

Host: www.user.noextraining.com
URL: https://www.user.noextraining.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

131ba58220a0bcefd8af51133488e3e6059528cb8c1f927de456d0672352475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 10 Mar 2021 12:17:26 GMT
x-timer: S1615632121.487043,VS0,VE448
etag: "75bbf18e4108031a18268fe64dde59c52da665cf98d86cf3a1cef92f86415235-br"
x-served-by: cache-cdg20753-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Sat, 13 Mar 2021 10:42:01 GMT
accept-ranges: bytes
content-length: 386988
x-cache-hits: 0

GET
H2 200 main.1c3d7c1e.chunk.js Show response
www.user.noextraining.com/static/js/ 35 KB
8 KB 296ms
295ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.user.noextraining.com/static/js/main.1c3d7c1e.chunk.js

Requested by

Host: www.user.noextraining.com
URL: https://www.user.noextraining.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8448689a30d8a77ef0813fb68e8d4473998af384d25f7fb3a9006b81000c37a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 10 Mar 2021 12:17:26 GMT
x-timer: S1615632121.487214,VS0,VE256
etag: "12ae78d1096bc2c90afeadbd4c0d321283e1321946fb3918e79d10f2a7c5f04d-br"
x-served-by: cache-cdg20753-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Sat, 13 Mar 2021 10:42:01 GMT
accept-ranges: bytes
content-length: 8321
x-cache-hits: 0

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
660 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.jsdelivr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 10:06:53 GMT
server: ESF
date: Sat, 13 Mar 2021 10:42:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Mar 2021 10:42:01 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.user.noextraining.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:28:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 805
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Sun, 13 Mar 2022 10:28:37 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.user.noextraining.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 140437
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:25 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.user.noextraining.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 23:01:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:21 GMT
server: sffe
age: 214848
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19240
x-xss-protection: 0
expires: Thu, 10 Mar 2022 23:01:14 GMT

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/szhbubfv
https://js.intercomcdn.com/shim.latest.js

16 KB
6 KB

107ms
34ms

Script
application/javascript

65.9.96.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7a01601560b64eb4b6397596388706b32f59d83dd165dadfb552b3512e1b903

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Mar 2021 10:37:35 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 14:02:02 GMT
server: AmazonS3
age: 267
etag: "b3577651a251c65d8472b8588b05e375"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 5658
x-amz-cf-id: 2HNnM8d5SYwfZJNuTzJVhDPsxta14GHyil7imrMs9S7ACj888BtJ7A==

Redirect headers

date: Sat, 13 Mar 2021 10:40:08 GMT
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
server: AmazonS3
age: 115
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: DUS51-C1
content-length: 0
x-amz-cf-id: JUiyHngkwucH5GNhYVTi6jzli-mp8RipJ5UGXm5VKMGA4_kqt5B2eg==

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
200 B 116ms
116ms XHR
text/plain 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fconnect-web-590a1%2Fdatabases%2F(default)&VER=8&RID=5789&CVER=22&X-HTTP-Session-Id=gsessionid&%24httpHeaders=X-Goog-Api-Client%3Agl-js%2F%20fire%2F7.24.0%0D%0AContent-Type%3Atext%2Fplain%0D%0A&zx=cg39up7evslq&t=1

Requested by

Host: www.user.noextraining.com
URL: https://www.user.noextraining.com/static/js/2.c9f2a8e6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfb1bda1fb9b95a255a55a1dc2357794b1136e789c23e83f03dfd91dda430cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 13 Mar 2021 10:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.user.noextraining.com
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: 4RuH2MtkVuRifu8CsuSj20vRb-2Zwh4hQqyirJy0r3A

GET
H3-Q050 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 3 KB
0 140ms
126ms XHR
text/plain 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?database=projects%2Fconnect-web-590a1%2Fdatabases%2F(default)&gsessionid=4RuH2MtkVuRifu8CsuSj20vRb-2Zwh4hQqyirJy0r3A&VER=8&RID=rpc&SID=HDBBY5GwtVXIqJRPhK5ALQ&CI=0&AID=0&TYPE=xmlhttp&zx=qk2xs5945drt&t=1

Requested by

Host: www.user.noextraining.com
URL: https://www.user.noextraining.com/static/js/2.c9f2a8e6.chunk.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.user.noextraining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:42:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.user.noextraining.com
vary: origin
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0

GET
H2 200 frame-modern.070cb942.js Show response
js.intercomcdn.com/ Frame C5F0 247 KB
67 KB 42ms
42ms Script
application/javascript 65.9.96.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.070cb942.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/szhbubfv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53c8ac91d34d8c8874e0a2363d85422f3abdbbc8a2af51a77d6818e2f04e7989

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Mar 2021 10:02:05 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 13:57:46 GMT
server: AmazonS3
age: 2398
etag: "542d7855c642ce58b8fa91e2d878f104"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 67857
x-amz-cf-id: wheUFZZlfYeRY13nrzNN3N_Y39esSlZY_8TJNvDcaDy1EuL8TCraNA==

GET
H2 200 vendor-modern.c4b9303b.js Show response
js.intercomcdn.com/ Frame C5F0 123 KB
38 KB 42ms
42ms Script
application/javascript 65.9.96.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.c4b9303b.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/szhbubfv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08b7a2e506cea7f2808a59e807b3f3682b0555bb319379a16d1fe21cd73b1d3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Mar 2021 10:00:20 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 10:43:55 GMT
server: AmazonS3
age: 2503
etag: "aca42783513f845ac188e1caaf2b3ba8"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 38313
x-amz-cf-id: OZ_Tz9fwgw5S0DagWzbsi5N7kru0mrhlFov-fscqEoPdIgX3tB87QA==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
firestore.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
widget.intercom.io
www.user.noextraining.com
13.226.159.7
151.101.65.195
2a00:1450:4001:800::200a
2a00:1450:4001:811::2003
2a00:1450:4001:82a::200a
2a04:4e42:4b::621
65.9.96.38
08b7a2e506cea7f2808a59e807b3f3682b0555bb319379a16d1fe21cd73b1d3d
131ba58220a0bcefd8af51133488e3e6059528cb8c1f927de456d0672352475c
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124
53c8ac91d34d8c8874e0a2363d85422f3abdbbc8a2af51a77d6818e2f04e7989
5f5ad737f3eb92e1ba8f95cb4d37ac51dd6af26103140f13a338b9c2e643d671
73beeb5945b7f9eb9a06a4846cb5490e7e6e77a299867b1f48cbb6adc182b308
8448689a30d8a77ef0813fb68e8d4473998af384d25f7fb3a9006b81000c37a7
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
a30e373d9cb035a17cb658381fbfc0c4ccb35d30da9c4c014da4a5b9798f4954
bfb1bda1fb9b95a255a55a1dc2357794b1136e789c23e83f03dfd91dda430cb1
c7a01601560b64eb4b6397596388706b32f59d83dd165dadfb552b3512e1b903
d06c114e75b61e4410653bbd50adc5717edc76c3030fa5202acf544d62c05c76
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148

www.user.noextraining.com Open in urlscan Pro 151.101.65.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

69 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

660 kBTransfer

2828 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.user.noextraining.com Open in urlscan Pro
151.101.65.195 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

69 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

660 kB
Transfer

2828 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions