nobellearn.com
Open in
urlscan Pro
2606:4700:3034::6815:4e8c
Malicious Activity!
Public Scan
Submission: On August 28 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on August 17th 2023. Valid for: 3 months.
This is the only time nobellearn.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 24 | 2606:4700:303... 2606:4700:3034::6815:4e8c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:807::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:821::2003 | 15169 (GOOGLE) (GOOGLE) | |
28 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
nobellearn.com
1 redirects
nobellearn.com |
182 KB |
3 |
gstatic.com
fonts.gstatic.com |
79 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45 |
2 KB |
28 | 3 |
Domain | Requested by | |
---|---|---|
24 | nobellearn.com |
1 redirects
nobellearn.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
nobellearn.com
|
28 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nobellearn.com GTS CA 1P5 |
2023-08-17 - 2023-11-15 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nobellearn.com/blog/ap/signin/user_verification/verification-required/amazon.co.jp
Frame ID: A1D0800D9F9F2542E76BD20109D6BE90
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Error 404 - Nobellearn - BlogPage URL History Show full URLs
- https://nobellearn.com/blog/ap/signin/user_verification/verification-required/amazon.co.jp Page URL
-
https://nobellearn.com/cdn-cgi/phish-bypass?atok=euCEoGpt4_9fy9D.JhZHxHVhhn8eSgOpM8J6UeZxjGE-169323...
HTTP 301
https://nobellearn.com/blog/ap/signin/user_verification/verification-required/amazon.co.jp Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
CodeIgniter (Web Frameworks) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Slick (JavaScript Libraries) Expand
Detected patterns
- (?:/([\d.]+))?/slick(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://nobellearn.com/blog/ap/signin/user_verification/verification-required/amazon.co.jp Page URL
-
https://nobellearn.com/cdn-cgi/phish-bypass?atok=euCEoGpt4_9fy9D.JhZHxHVhhn8eSgOpM8J6UeZxjGE-1693236308-0-%2Fblog%2Fap%2Fsignin%2Fuser_verification%2Fverification-required%2Famazon.co.jp
HTTP 301
https://nobellearn.com/blog/ap/signin/user_verification/verification-required/amazon.co.jp Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
amazon.co.jp
nobellearn.com/blog/ap/signin/user_verification/verification-required/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cf.errors.css
nobellearn.com/cdn-cgi/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
nobellearn.com/cdn-cgi/images/ |
452 B 671 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
amazon.co.jp
nobellearn.com/blog/ap/signin/user_verification/verification-required/ Redirect Chain
|
30 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 880 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.min.css
nobellearn.com/blog/assets/vendor/font-icons/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
nobellearn.com/blog/assets/vendor/bootstrap/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
slick.min.css
nobellearn.com/blog/assets/vendor/slick/ |
1 KB 912 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
magnific-popup.min.css
nobellearn.com/blog/assets/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style-4.0.min.css
nobellearn.com/blog/assets/css/ |
65 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
orange.min.css
nobellearn.com/blog/assets/css/colors/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-1.12.4.min.js
nobellearn.com/blog/assets/js/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_62765aa08cf1b.png
nobellearn.com/blog/uploads/logo/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_62669ef89f14b1.png
nobellearn.com/blog/uploads/logo/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_small.png
nobellearn.com/blog/assets/img/ |
102 B 574 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
slick.min.js
nobellearn.com/blog/assets/vendor/slick/ |
42 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
nobellearn.com/blog/assets/vendor/bootstrap/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
plugins.js
nobellearn.com/blog/assets/js/ |
106 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_62765aa08cf1b.png
nobellearn.com/blog/uploads/logo/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_small.png
nobellearn.com/blog/assets/img/ |
102 B 570 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.woff2
nobellearn.com/blog/assets/vendor/font-icons/font/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_100x75_628cb66992579.jpg
nobellearn.com/blog/uploads/images/202205/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_100x75_6267a98e74b86.jpg
nobellearn.com/blog/uploads/images/202204/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_100x75_6267a50a2c1af.jpg
nobellearn.com/blog/uploads/images/202204/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery boolean| rtl string| sys_lang_id string| csfr_token_name string| csfr_cookie_name string| base_url boolean| is_recaptcha_enabled object| jQuery1124031122117154483897 object| lazySizesConfig object| lazySizes function| setImmediate function| clearImmediate function| swal function| sweetAlert function| add_reaction function| view_poll_results function| view_poll_options function| load_more_comment function| delete_comment function| show_comment_box function| hide_cookies_warning3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nobellearn.com/ | Name: __cf_mw_byp Value: euCEoGpt4_9fy9D.JhZHxHVhhn8eSgOpM8J6UeZxjGE-1693236308-0-/blog/ap/signin/user_verification/verification-required/amazon.co.jp |
|
nobellearn.com/ | Name: infinite_csrf_cookie Value: 3074bfd172471a40e70c3c24d68a55ee |
|
nobellearn.com/ | Name: ci_session Value: a4e801b9d23636061b7d70daf7ea2af4c32706ce |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
nobellearn.com
2606:4700:3034::6815:4e8c
2607:f8b0:4006:807::200a
2607:f8b0:4006:821::2003
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1849588ebd7c473c46eb277f5a627f02e49712f562f0750f3dcfe78d1707651c
1888959b5858af3cd658a6aa00118d4db9656ee9d2dec1eb0d0bc68a6c4cc670
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
27f0456b4931e29a25442e3374a66496f870c765c89fbff8fc345818a9dd005f
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3a13842a583e6e6a0fc3032fb9ca288322effc1a96dc1dfbec4698bd67b49c39
4e380668da6b9b3286006014d106240287e49968311918720be98acf4f58cf5e
55b73ad98c33304f2499eafbc83e4d093a20dae0b9c82c7cb73a5b156bdcc265
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
677f9c9e3cff680a16a11fc66bb2821862715ce4e1e6fdacdb084122864a1219
6f651adb6aaa27c9fc40ef6d616af9615ab125b7b438bc7432aa9938323b8ef9
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8698e9e67eb4934a4d7f27da21abcef5ca385d592985538cc8d450b60e368a98
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
acd33d77de0e98e9d60b71467c5d527aeea5da9b2c9e9125fe3f657896007b6c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c16d5f3c8bee6f9f3a0b065787f5996567c7247f65bbe5105e4e6282c342d6cc
c67575ab3c77b5fa00b2e77cbf575ed67ad7c893d9d9be5c2dbc1c4eb322eeac
dd244c4b60b3c99d2f48f41f5fd998e40079519ba632856b619d1e33ee0ba18f
de96b31e6907650aa35f9ac6a99c4913b115df575368a4b43a6385880e13addc
e1efe5322ac0322d5b8ca6857f2717921ab1fc54e22d705d919980fd028a01cc
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd6b744dd0414699f6895682fa2b0eb97b4fe6bf742d03d1f4d4e14cd4615b48