szkoleniesprzedazowe.user.com Open in urlscan Pro
57.128.127.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://szkoleniesprzedazowe.user.com/
Submission: On September 12 via automatic, source certstream-suspicious (September 12th 2024, 1:45:44 am UTC) — Scanned from FR

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 57.128.127.146, located in France and belongs to OVH, FR. The main domain is szkoleniesprzedazowe.user.com.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on October 3rd 2023. Valid for: a year.

This is the only time szkoleniesprzedazowe.user.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	57.128.127.146 57.128.127.146	16276 (OVH) (OVH)
1 10	172.67.38.130 172.67.38.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
13	4

1 57.128.127.146 (France)

ASN16276 (OVH, FR)
PTR: ns3035589.ip-57-128-127.eu

szkoleniesprzedazowe.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.38.130 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	user.com 1 redirects szkoleniesprzedazowe.user.com static.user.com — Cisco Umbrella Rank: 905810 media.user.com — Cisco Umbrella Rank: 339784 support.user.com widget.user.com — Cisco Umbrella Rank: 178904	3 MB
2	gstatic.com fonts.gstatic.com	60 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	990 B
13	3

	Domain	Requested by
3	widget.user.com	szkoleniesprzedazowe.user.com support.user.com
3	support.user.com	1 redirects support.user.com
2	fonts.gstatic.com	fonts.googleapis.com
2	media.user.com	szkoleniesprzedazowe.user.com
2	static.user.com	szkoleniesprzedazowe.user.com
1	fonts.googleapis.com	szkoleniesprzedazowe.user.com
1	szkoleniesprzedazowe.user.com
13	7

This site contains links to these domains. Also see Links.

Domain
www.user.com

Subject Issuer	Validity	Valid
*.user.com Certum Domain Validation CA SHA2	`2023-10-03` - `2024-10-02`	a year	crt.sh
user.com WE1	`2024-08-08` - `2024-11-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://szkoleniesprzedazowe.user.com/
Frame ID: E246F84D00FD937AED256A6C5D4E577F
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zapis na szkolenie sprzedażowe dla partnerów (18.09.2024)

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

92 %
HTTPS

50 %
IPv6

3
Domains

7
Subdomains

4
IPs

3
Countries

3510 kB
Transfer

3698 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.user.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://support.user.com/widget.js HTTP 301
https://widget.user.com/widget.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
szkoleniesprzedazowe.user.com/ 29 KB
29 KB 1226ms
1111ms Document
text/html 57.128.127.146
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://szkoleniesprzedazowe.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

57.128.127.146 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3035589.ip-57-128-127.eu

Software

Resource Hash

3b1ece1f1832e71dee66c8acdae2327b78a677d5deb34e6b7911161aa97af720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length: 29285
content-type: text/html; charset=utf-8
referrer-policy: same-origin
ue-backend: tenants
ue-node: apinode60
vary: Cookie, origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 UnlayerPublicForms.93769113fb778d0433a2.css
static.user.com/static/css/ 5 KB
2 KB 65ms
32ms Stylesheet
text/css 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.user.com/static/css/UnlayerPublicForms.93769113fb778d0433a2.css
Requested by: Host: szkoleniesprzedazowe.user.com
URL: https://szkoleniesprzedazowe.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8097acd64326112e0af1ae4fdfcf18823825114904efc414e91b330fcd0735d6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 01:45:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VDDT3G7MZBQWQHQ9
age: 54785
cf-polished: origSize=4981
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SdaELjPuaJ5dmAWrOQPxiQceP2u60bIGLkgIncTP0P9XT8LTHKSTFAAqfL0aXyjmXt1pt0NpXrxbJi796HXWrHr0bK50dgW8zPPrnDm9on4=
cf-bgj: minify
last-modified: Wed, 11 Sep 2024 08:34:47 GMT
server: cloudflare
etag: W/"bf0a126ad19b7bf0fdaf0445ad63a2a7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
cf-ray: 8c1c38248fad3d01-CDG

GET
H2 200 css
fonts.googleapis.com/ 3 KB
990 B 98ms
34ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: szkoleniesprzedazowe.user.com
URL: https://szkoleniesprzedazowe.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Sep 2024 01:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Sep 2024 01:30:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Sep 2024 01:45:39 GMT

GET
H3 200 groupe-3936_ZfcOP42.png
media.user.com/uploads/1t1nnm-user-com-support/ 118 KB
118 KB 195ms
174ms Image
image/png 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/uploads/1t1nnm-user-com-support/groupe-3936_ZfcOP42.png
Requested by: Host: szkoleniesprzedazowe.user.com
URL: https://szkoleniesprzedazowe.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f7744055af78ef8bb8161186b3a91751a890e733832b07abcd519e801027c5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 01:45:39 GMT
x-amz-version-id: sTOXdq1RoNfWB85NxiCwBMAtjJl.cfE5
cf-cache-status: MISS
x-amz-request-id: RSDC9KF3TTKB6KMW
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-disposition: attachment
alt-svc: h3=":443"; ma=86400
content-length: 120344
x-amz-id-2: ZVhVj1pOGmx2a7PlTIj+SLjhyWJa98aFIY9YJUhPfI9hWEhIvRMjwEP/Pk1rabYpAk3TBADJkH8JVWaocSJay0BaXiBhQMS7H2ldM1xsUdY=
last-modified: Wed, 11 Sep 2024 12:35:18 GMT
server: cloudflare
etag: "257962deb4c5cec378cc1350cab92d95"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8c1c38249fb53d01-CDG

GET
H3 200 formsMultiselect.js Show response
static.user.com/static/landingpage/ 4 KB
2 KB 36ms
27ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.user.com/static/landingpage/formsMultiselect.js
Requested by: Host: szkoleniesprzedazowe.user.com
URL: https://szkoleniesprzedazowe.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769f922205cb5bad4a35a17ae4377a6c9593d87f49cd65d2679e658c3c3bdc01

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 01:45:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: N70DD7GPKGAK2H4R
age: 42494
cf-polished: origSize=6321
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PY/N+yrlTZhYQEOixXVZ+qCx8H6x11qDT9C0m2LBn6WDTzTT/3LpdcV1glvAzsQdKbGEf/W215IYG2DrpPr8pA==
cf-bgj: minify
last-modified: Wed, 21 Sep 2022 06:41:23 GMT
server: cloudflare
etag: W/"893e16bbee3ee47f5254a8df2cb8eb72"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 8c1c38248fae3d01-CDG

GET
H3

200

widget.js Show response
widget.user.com/
Redirect Chain

https://support.user.com/widget.js
https://widget.user.com/widget.js

161 KB
55 KB

41ms
32ms

Script
application/javascript

172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget.js
Requested by: Host: szkoleniesprzedazowe.user.com
URL: https://szkoleniesprzedazowe.user.com/
Protocol: H3
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 840ac55fba7f8212ad4e52d68805c3884e1815e1cbba4e58195aaa9088a925ba

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 01:45:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 08:21:25 GMT
server: cloudflare
x-amz-request-id: 79EV78RGX8PDYR4Z
age: 6622
etag: W/"4917f1d7c32a608388d25e43daedef60"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8c1c3824dfc03d01-CDG
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RXQ8grMQB6/u3abCPz6O9rzeakcM9jbX4QHnbyOtme2RA4ejCig5jFErNGWnpmeS4KuqoQhjc8ZGrAD1aecq9g==

Redirect headers

date: Thu, 12 Sep 2024 01:45:39 GMT
cf-cache-status: HIT
server: cloudflare
age: 41699
vary: Accept-Encoding
location: https://widget.user.com/widget.js
cache-control: max-age=3600
cf-ray: 8c1c38249fb63d01-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 group-1000003858-2_XLKV7h1.png
media.user.com/uploads/1t1nnm-user-com-support/ 3 MB
3 MB 257ms
257ms Image
image/png 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/uploads/1t1nnm-user-com-support/group-1000003858-2_XLKV7h1.png
Requested by: Host: szkoleniesprzedazowe.user.com
URL: https://szkoleniesprzedazowe.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00114c3801c71f6d1f7aeebd96a658d7b84849204b5f8fa35bf8e50c79f3be65

Request headers

Referer: https://szkoleniesprzedazowe.user.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 01:45:39 GMT
x-amz-version-id: 5qf2s7gzfXJ3v6BRKFkH3WTVngj374Ub
cf-cache-status: MISS
x-amz-request-id: RSDDK192PP9JHB3B
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
content-disposition: attachment
alt-svc: h3=":443"; ma=86400
content-length: 3297229
x-amz-id-2: 1L0oIZN9DpjSZn3Gu7HhqHpT/WRZyVNxPRxu5sS+OsyAU62QG1ZPv8Ohzmgv0KlaUUWqLP2MCLwCHIHPQvTTCQ==
last-modified: Wed, 11 Sep 2024 12:24:38 GMT
server: cloudflare
etag: "d304fe3ae4200ef6bd899d2c34997d73"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8c1c3824ffc83d01-CDG

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 89ms
27ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://szkoleniesprzedazowe.user.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 01:38:07 GMT
x-content-type-options: nosniff
age: 432452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 01:38:07 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 27 KB
27 KB 133ms
71ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://szkoleniesprzedazowe.user.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 17:58:32 GMT
x-content-type-options: nosniff
age: 546427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27812
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Sep 2025 17:58:32 GMT

GET
H3 200 widget-app.aecdaac88026ee257ce2.js Show response
widget.user.com/ 93 KB
18 KB 48ms
48ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-app.aecdaac88026ee257ce2.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a1d9bcdb4dc088da7c38469bd4a712372664d9beb4dd6cfd4d9c9ab5da8fb7a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 01:45:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 08:21:25 GMT
server: cloudflare
x-amz-request-id: 79EKY424J5ECMS24
age: 6623
etag: W/"7b9310597111a018a2f50c04ed0f164f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8c1c3825afe93d01-CDG
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fV7uVvAG00cDYpPyJec/z3gA2jhfKXIhib3fu3O/MixIDnwOi1igEUd0XNogPX9aAKp7S+4qqvMyXxoPp5tYKkxrinUQN9Q0

OPTIONS
H3 200 /
support.user.com/api/v2/user-chatping/ 0
0 317ms
86ms Preflight
text/html 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.user.com/api/v2/user-chatping/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://szkoleniesprzedazowe.user.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://szkoleniesprzedazowe.user.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c1c3831ef696627-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 12 Sep 2024 01:45:41 GMT
server: cloudflare
ue-backend: tenants
ue-node: apinode97
vary: origin

GET
H3 200 widget-actionsStore.aecdaac88026ee257ce2.js Show response
widget.user.com/ 6 KB
2 KB 26ms
26ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-actionsStore.aecdaac88026ee257ce2.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a4b0ca81d93c59f837aebac1ac2b4dd80bd0a9aeda55456cbe033b13fa8929

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 01:45:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2024 08:21:25 GMT
server: cloudflare
x-amz-request-id: 79EG1QCSZDXXMEKH
age: 6605
etag: W/"62c80712b4ad4fd331d6d6ba0f0e727d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8c1c38306a853d01-CDG
alt-svc: h3=":443"; ma=86400
x-amz-id-2: O7FLjY3hNjfSGs9XuOlPr8TIh8qXi/8U3VpFiX+lf6h/LXD6+kjzH/Mie5ALYyfdJFJzTUnIDEI=

POST
H3 200 /
support.user.com/api/v2/user-chatping/ 0
0 176ms
175ms Fetch
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.user.com/api/v2/user-chatping/

Requested by

Host: support.user.com
URL: https://support.user.com/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Sep 2024 01:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ue-backend: tenants
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
vary: Cookie, origin
allow: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://szkoleniesprzedazowe.user.com
x-frame-options: DENY
access-control-allow-credentials: true
ue-node: apinode63
cf-ray: 8c1c38326b0f3d01-CDG

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			szkoleniesprzedazowe.user.com/	1970-01-21 09:04:25	Name: badge_cookie_iojdhd Value: a
			.user.com/	1970-01-21 09:04:25	Name: _ueuuid Value: QpSfEfFDfWt-7qf0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
media.user.com
static.user.com
support.user.com
szkoleniesprzedazowe.user.com
widget.user.com
172.67.38.130
2a00:1450:4001:800::200a
2a00:1450:4001:81d::2003
57.128.127.146
00114c3801c71f6d1f7aeebd96a658d7b84849204b5f8fa35bf8e50c79f3be65
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
3b1ece1f1832e71dee66c8acdae2327b78a677d5deb34e6b7911161aa97af720
47a4b0ca81d93c59f837aebac1ac2b4dd80bd0a9aeda55456cbe033b13fa8929
4a1d9bcdb4dc088da7c38469bd4a712372664d9beb4dd6cfd4d9c9ab5da8fb7a
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
769f922205cb5bad4a35a17ae4377a6c9593d87f49cd65d2679e658c3c3bdc01
8097acd64326112e0af1ae4fdfcf18823825114904efc414e91b330fcd0735d6
840ac55fba7f8212ad4e52d68805c3884e1815e1cbba4e58195aaa9088a925ba
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
f6f7744055af78ef8bb8161186b3a91751a890e733832b07abcd519e801027c5

szkoleniesprzedazowe.user.com Open in urlscan Pro 57.128.127.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

50 %IPv6

3 Domains

7 Subdomains

4 IPs

3 Countries

3510 kBTransfer

3698 kBSize

2 Cookies

1 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

szkoleniesprzedazowe.user.com Open in urlscan Pro
57.128.127.146 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

50 %
IPv6

3
Domains

7
Subdomains

4
IPs

3
Countries

3510 kB
Transfer

3698 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions