urlscan.io logo urlscan.io
SecurityTrails logo

portal.betraining.com Open in urlscan Pro
2606:4700:10::6816:45e4  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.betraining.com/login/bankmobile
Submission: On April 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:10::6816:45e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is portal.betraining.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 26th 2020. Valid for: 6 months.
This is the only time portal.betraining.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
2 162.247.242.19 23467 (NEWRELIC-...)
17 5
Domain Requested by
12 portal.betraining.com portal.betraining.com
2 bam.nr-data.net js-agent.newrelic.com
2 www.google-analytics.com portal.betraining.com
1 js-agent.newrelic.com portal.betraining.com
17 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-26 -
2020-10-09		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-03 -
2021-03-18		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://portal.betraining.com/login/bankmobile
Frame ID: EA89D7BB86CDA009C91E2A9B03ECD5AF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /ext-base\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

436 kB
Transfer

1661 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bankmobile
portal.betraining.com/login/ 		114 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ceb779d977cbc61c77dba2afcf420d6360679eab03e216e10ace190e90b1f51b

Request headers

:method
GET
:authority
portal.betraining.com
:scheme
https
:path
/login/bankmobile
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 17 Apr 2020 11:53:02 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dc549cdbf39a693d7bdf2bd01a620371b1587124381; expires=Sun, 17-May-20 11:53:01 GMT; path=/; domain=.betraining.com; HttpOnly; SameSite=Lax; Secure Symphony.Auth=D5109DE7D312ED00185CCED006C0A4E2FC10FC83EDAB641855E092FED0EB8E908FFBD5D0473CD5368B9451C92F4B97CF22DA4D20454F44F770716FEB9DEB6075B6ACCB44F95498CCA49C7A43BA362A2543A8C49153C8F7302D8E28991E9D8EAA18EDDF93463A1CB7B85CFFE1BC4561F574E72E464FF1F09DD7F6DC2BA6A73F4A44F9C6275A7D6361CEA5B2450130495A52F659AAD5A571D183935B4F8DBC7E5C; path=/; secure; HttpOnly Symphony.User=; path=/; secure; HttpOnly Symphony.User=bankmobile--8586144825031537049; path=/; secure; SameSite=None NSC_Tznqipoz_CF_MCWT=ffffffff0952db2945525d5f4f58455e445a4a42378b;expires=Fri, 17-Apr-2020 11:55:01 GMT;path=/;secure;httponly
cache-control
private
x-aspnet-version
4.0.30319
p3p
CP="POTATO"
x-powered-by
ASP.NET
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5855f17abf91dfdb-FRA
content-encoding
gzip
cf-request-id
02299540b10000dfdb6483e200000001
ext-theme-ocd-all.css
portal.betraining.com/scripts/extjs-4.2.1.883/resources/ext-theme-ocd/ 		70 B
194 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/scripts/extjs-4.2.1.883/resources/ext-theme-ocd/ext-theme-ocd-all.css
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
35ba53778df68fe75688e6489b8e90f0964da057be8aab40e5161d0bab81fff3

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:02 GMT
content-encoding
gzip
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
cf-request-id
02299542cc0000dfdb64884200000001
last-modified
Fri, 10 Apr 2020 02:08:38 GMT
server
cloudflare
etag
W/"0579df2dced61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
cf-ray
5855f17e1910dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
_unauthenticated.css
portal.betraining.com/skins/symphony_login/ 		1 KB
594 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/skins/symphony_login/_unauthenticated.css
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3d757fcff0b8aaffd068a1c8a1108b45f145b5b856539b184cc25af9c9567c4c

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:02 GMT
content-encoding
gzip
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
cf-request-id
02299542cc0000dfdb64885200000001
last-modified
Fri, 10 Apr 2020 02:08:40 GMT
server
cloudflare
etag
W/"084cef3dced61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
cf-ray
5855f17e1912dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
ext-base.js
portal.betraining.com/scripts/extjs3/adapter/ext/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/scripts/extjs3/adapter/ext/ext-base.js
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4b91a935ffd74d5cb494d26bb87a67d90c62db5ba319d1cd1a18a7313c58391f

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:02 GMT
content-encoding
gzip
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
content-length
12503
cf-request-id
02299542cc0000dfdb64886200000001
last-modified
Fri, 10 Apr 2020 02:09:52 GMT
server
cloudflare
etag
"0d8b81edded61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
5855f17e1915dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
ext-all.js
portal.betraining.com/scripts/extjs3/ 		662 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/scripts/extjs3/ext-all.js
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e406e65ef59cc99975e241bd0df9a32019db06b7d7dc1aeff2d51ae8e3cca225

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:02 GMT
content-encoding
gzip
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
content-length
186294
cf-request-id
02299542cc0000dfdb64887200000001
last-modified
Fri, 10 Apr 2020 02:10:00 GMT
server
cloudflare
etag
"08c7d23dded61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
5855f17e1919dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
jquery-1.10.2.js
portal.betraining.com/scripts/ 		350 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/scripts/jquery-1.10.2.js
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a6540f8e3490595d7b6d306c7c9625042814652aa4b70623220d8da1b421a708

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:02 GMT
content-encoding
gzip
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
content-length
86661
cf-request-id
02299542cc0000dfdb64888200000001
last-modified
Fri, 10 Apr 2020 02:09:36 GMT
server
cloudflare
etag
"0702f15dded61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
5855f17e191bdfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
login.css
portal.betraining.com/skins/symphony_login/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/skins/symphony_login/css/login.css
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd124da071e3c15101bcd0a4ed6e33fa9437e85a08187d7b4f15673662a7d3ec

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:03 GMT
content-encoding
gzip
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
content-length
3230
cf-request-id
02299543a30000dfdb648bb200000001
last-modified
Fri, 10 Apr 2020 02:08:40 GMT
server
cloudflare
etag
"084cef3dced61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
5855f17f6cc7dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
WebResource.axd
portal.betraining.com/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZNFxsqSn26bkevQ1Nqip1NZnfpYQ_zhe6J9ogfTRiK4AQ9Jlf3H_65ZoRw3my2Xt6g2&t=637103130965614113
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
cf-request-id
02299543a40000dfdb648bc200000001
last-modified
Tue, 26 Nov 2019 03:11:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
https://stage.compliancekeeper-qa.com
cache-control
public
access-control-allow-credentials
true
cf-ray
5855f17f6cd4dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
expires
Sat, 17 Apr 2021 09:29:11 GMT
WebResource.axd
portal.betraining.com/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/WebResource.axd?d=x2nkrMJGXkMELz33nwnakNbxXLCwDm4NmMcfsr2E3jLUGBGAFiV0olNkfA3aHXTrivZGtuscWe_fq3acrn3ImrsRwDpxDdVjC0QGjfOqq801&t=637103130965614113
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:03 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
cf-request-id
02299543a40000dfdb648bd200000001
last-modified
Tue, 26 Nov 2019 03:11:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
https://stage.compliancekeeper-qa.com
cache-control
public
access-control-allow-credentials
true
cf-ray
5855f17f6cd7dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
expires
Sat, 17 Apr 2021 09:29:11 GMT
ajax-loader.gif
portal.betraining.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.betraining.com/images/ajax-loader.gif
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4dc14fe5df68d2ae899e237faf9264d6df02605dd655368cb856cd6ce75c7573

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:03 GMT
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
content-length
4176
cf-request-id
022995466b0000dfdb64902200000001
last-modified
Fri, 10 Apr 2020 02:08:38 GMT
server
cloudflare
etag
"0579df2dced61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
5855f183d9f5dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
ext-theme-ocd-all_01.css
portal.betraining.com/scripts/extjs-4.2.1.883/resources/ext-theme-ocd/ 		308 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/scripts/extjs-4.2.1.883/resources/ext-theme-ocd/ext-theme-ocd-all_01.css
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2eade02dcdc68ce8be3da145218290f8fcde5d1a081aaf687337be449fa8328a

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:03 GMT
content-encoding
gzip
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
content-length
32376
cf-request-id
02299544b20000dfdb648d3200000001
last-modified
Fri, 10 Apr 2020 02:08:38 GMT
server
cloudflare
etag
"0579df2dced61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
5855f18119c1dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
ext-theme-ocd-all_02.css
portal.betraining.com/scripts/extjs-4.2.1.883/resources/ext-theme-ocd/ 		32 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.betraining.com/scripts/extjs-4.2.1.883/resources/ext-theme-ocd/ext-theme-ocd-all_02.css
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:45e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2214035289e5474491ffb0eb2c3c268e3c2edc5742f32679d12ad2a8e4e7815e

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:03 GMT
content-encoding
gzip
cf-cache-status
BYPASS
x-powered-by
ASP.NET
p3p
CP="POTATO"
status
200
content-length
3732
cf-request-id
02299544b30000dfdb648d4200000001
last-modified
Fri, 10 Apr 2020 02:08:38 GMT
server
cloudflare
etag
"0579df2dced61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
https://stage.compliancekeeper-qa.com
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
5855f18119c6dfdb-FRA
access-control-allow-headers
Content-Type,Content-Range,Content-Disposition,Content-Description,X-Custom-Header,X-Requested-With
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
869
date
Fri, 17 Apr 2020 11:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Fri, 17 Apr 2020 13:38:34 GMT
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d55db494bc5f0dda23089acb040d9ceb6e93e832afb753c15b2e07f24b782fea

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2028372979&t=pageview&_s=1&dl=https%3A%2F%2Fportal.betraining.com%2Flogin%2Fbankmobile&ul=en-us&de=UTF-8&dt=OnCourse%20Direct%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=39757504&gjid=1703343166&cid=736542851.1587124384&tid=UA-71691403-1&_gid=689361552.1587124384&_r=1&z=738465107
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Apr 2020 11:53:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1167.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1167.min.js
Requested by
Host: portal.betraining.com
URL: https://portal.betraining.com/login/bankmobile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 Apr 2020 11:53:03 GMT
content-encoding
gzip
x-amz-request-id
9F168BA697B778D0
x-cache
HIT
status
200
content-length
10178
x-amz-id-2
yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ=
x-served-by
cache-hhn4077-HHN
last-modified
Fri, 07 Feb 2020 23:39:55 GMT
server
AmazonS3
x-timer
S1587124384.800575,VS0,VE0
etag
"8155781ab74e51eee2ead2c1d5902e63"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11429
33e265768c
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/33e265768c?a=26104554&v=1167.2a4546b&to=MQRaYhRVCEFQVhBeWwhOeWU2GwpdVlwKGVUVEUA%3D&rst=1987&ref=https://portal.betraining.com/login/bankmobile&ap=31&be=1730&fe=1963&dc=1752&perf=%7B%22timing%22:%7B%22of%22:1587124381829,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:22,%22c%22:22,%22s%22:28,%22ce%22:46,%22rq%22:46,%22rp%22:580,%22rpe%22:893,%22dl%22:582,%22di%22:1748,%22ds%22:1748,%22de%22:1752,%22dc%22:1962,%22l%22:1962,%22le%22:1963%7D,%22navigation%22:%7B%7D%7D&fp=1772&fcp=1772&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
33e265768c
bam.nr-data.net/events/1/ 		24 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/33e265768c?a=26104554&v=1167.2a4546b&to=MQRaYhRVCEFQVhBeWwhOeWU2GwpdVlwKGVUVEUA%3D&rst=11988&ref=https://portal.betraining.com/login/bankmobile
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://portal.betraining.com/login/bankmobile
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://portal.betraining.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Ext object| swfobject string| id function| $ function| jQuery object| NREUM object| newrelic function| __nr_require object| weiredLogoUrls object| Symphony function| LoadFacil object| lc boolean| janrainLogin number| ssoLoginUiType string| ssoTimeoutRedirect string| loginHelp object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_OnSubmit object| Page_Validators object| Body_login_UserNameRequired object| Body_login_PasswordRequired boolean| Page_ValidationActive function| ValidatorOnSubmit string| GoogleAnalyticsObject function| ga object| Page_ValidationSummaries object| google_tag_data object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
.betraining.com/ Name: _gid
Value: GA1.2.689361552.1587124384
.betraining.com/ Name: _gat
Value: 1
.betraining.com/ Name: _ga
Value: GA1.2.736542851.1587124384
portal.betraining.com/ Name: NSC_Tznqipoz_CF_MCWT
Value: ffffffff0952db2945525d5f4f58455e445a4a42378b
portal.betraining.com/ Name: Symphony.User
Value: bankmobile--8586144825031537049
portal.betraining.com/ Name: Symphony.Auth
Value: D5109DE7D312ED00185CCED006C0A4E2FC10FC83EDAB641855E092FED0EB8E908FFBD5D0473CD5368B9451C92F4B97CF22DA4D20454F44F770716FEB9DEB6075B6ACCB44F95498CCA49C7A43BA362A2543A8C49153C8F7302D8E28991E9D8EAA18EDDF93463A1CB7B85CFFE1BC4561F574E72E464FF1F09DD7F6DC2BA6A73F4A44F9C6275A7D6361CEA5B2450130495A52F659AAD5A571D183935B4F8DBC7E5C
.betraining.com/ Name: __cfduid
Value: dc549cdbf39a693d7bdf2bd01a620371b1587124381

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
js-agent.newrelic.com
portal.betraining.com
www.google-analytics.com
151.101.114.110
162.247.242.19
2606:4700:10::6816:45e4
2a00:1450:4001:819::200e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
2214035289e5474491ffb0eb2c3c268e3c2edc5742f32679d12ad2a8e4e7815e
2eade02dcdc68ce8be3da145218290f8fcde5d1a081aaf687337be449fa8328a
35ba53778df68fe75688e6489b8e90f0964da057be8aab40e5161d0bab81fff3
3d757fcff0b8aaffd068a1c8a1108b45f145b5b856539b184cc25af9c9567c4c
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4b91a935ffd74d5cb494d26bb87a67d90c62db5ba319d1cd1a18a7313c58391f
4dc14fe5df68d2ae899e237faf9264d6df02605dd655368cb856cd6ce75c7573
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a6540f8e3490595d7b6d306c7c9625042814652aa4b70623220d8da1b421a708
ceb779d977cbc61c77dba2afcf420d6360679eab03e216e10ace190e90b1f51b
d55db494bc5f0dda23089acb040d9ceb6e93e832afb753c15b2e07f24b782fea
dd124da071e3c15101bcd0a4ed6e33fa9437e85a08187d7b4f15673662a7d3ec
e406e65ef59cc99975e241bd0df9a32019db06b7d7dc1aeff2d51ae8e3cca225
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23