urlscan.io logo urlscan.io
SecurityTrails logo

learning.betterphish.com Open in urlscan Pro
2a00:1450:4001:828::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://authentication.autheticate.com/yfq/pPyueXslZfz5A3IhUGUj?wp=false
Effective URL: https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
Submission: On December 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2a00:1450:4001:828::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is learning.betterphish.com. The Cisco Umbrella rank of the primary domain is 712022.
TLS certificate: Issued by WR3 on November 21st 2024. Valid for: 3 months.
This is the only time learning.betterphish.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.49.23.145 53831 (SQUARESPACE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.250.185.67 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.64.147.160 13335 (CLOUDFLAR...)
1 185.233.184.14 57043 (HOSTKEY-A...)
18 7
1    198.49.23.145 (United States)

ASN53831 (SQUARESPACE, US)
authentication.autheticate.com
9    2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
learning.betterphish.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
1    2a00:1450:4001:810::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    172.64.147.160 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixabay.com
1    185.233.184.14 (Naaldwijk, Netherlands)

ASN57043 (HOSTKEY-AS HOSTKEY B.V., NL)
www.insofta.com
Apex Domain
Subdomains		 Transfer
9 betterphish.com
learning.betterphish.com — Cisco Umbrella Rank: 712022
1 MB
3 gstatic.com
fonts.gstatic.com
54 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
storage.googleapis.com — Cisco Umbrella Rank: 314
95 KB
1 insofta.com
www.insofta.com
570 KB
1 pixabay.com
cdn.pixabay.com — Cisco Umbrella Rank: 35933
21 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1331
14 KB
1 autheticate.com
authentication.autheticate.com
186 B
18 7
Domain Requested by
9 learning.betterphish.com learning.betterphish.com
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com learning.betterphish.com
1 www.insofta.com
1 cdn.pixabay.com
1 storage.googleapis.com
1 use.fontawesome.com learning.betterphish.com
1 authentication.autheticate.com 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
learning.betterphish.com
WR3		 2024-11-21 -
2025-02-19		 3 months crt.sh
use.fontawesome.com
WE1		 2024-11-07 -
2025-02-06		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
storage.googleapis.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
pixabay.com
WE1		 2024-11-30 -
2025-03-01		 3 months crt.sh
insofta.com
R10		 2024-12-14 -
2025-03-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
Frame ID: B89A698D289DC6383872CDB821E2B64F
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Learning

Page URL History Show full URLs

  1. https://authentication.autheticate.com/yfq/pPyueXslZfz5A3IhUGUj?wp=false HTTP 302
    https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

2259 kB
Transfer

2313 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://authentication.autheticate.com/yfq/pPyueXslZfz5A3IhUGUj?wp=false HTTP 302
    https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pPyueXslZfz5A3IhUGUj
learning.betterphish.com/yfq/
Redirect Chain
  • https://authentication.autheticate.com/yfq/pPyueXslZfz5A3IhUGUj?wp=false
  • https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
55e0a20c209197e1d2bf59e9309b9c6f36f5d575f17cffab9a5a9287394bd848

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=0
content-length
1028
content-type
text/html; charset=UTF-8
date
Wed, 25 Dec 2024 07:05:21 GMT
etag
W/"404-193506ad170"
last-modified
Thu, 21 Nov 2024 20:29:58 GMT
server
Google Frontend
x-cloud-trace-context
aa5f0f2fd0c33a0478fe06d187889040
x-ratelimit-limit
2000
x-ratelimit-remaining
1998
x-ratelimit-reset
1735110343

Redirect headers

age
0
content-length
0
date
Wed, 25 Dec 2024 07:05:20 GMT
location
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
server
Squarespace
x-contextid
xMpokTCZ/XiMF6lJi
all.css
use.fontawesome.com/releases/v5.15.1/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.1/css/all.css
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"b227b1617a1763c8bc056772f05482b4"
age
1816380
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvU4OePppEMoKruusMaSqBHbj7Dd%2Flu5gekawhnZbtgwBQPUZDv8zp9PxGeyFyofacmBU3agb%2Bj8LFUiTQDxLQYDlOMIRkN5fe%2B%2BtJUamlWWFD9NyLMiXiSYdY6CoaRFLE6F1T0MZPorSZbrnxMVqj1a"}],"group":"cf-nel","max_age":604800}
cf-ray
8f76fb732fa48fd6-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=5959&min_rtt=5907&rtt_var=1010&sent=6&recv=11&lost=0&retrans=0&sent_bytes=4009&recv_bytes=2213&delivery_rate=637137&cwnd=247&unsent_bytes=0&cid=4571160e1e21ec56&ts=21&x=0"
date
Wed, 25 Dec 2024 07:05:21 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:18 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 07:05:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 07:05:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 25 Dec 2024 05:19:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		10 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Alegreya:ital,wght@0,400;0,500;0,700;1,800&display=swap
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0a506b1a9b56cfba931e44dadb54f1912547e8c60312d1fac3e944a87758ae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 07:05:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 07:05:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 25 Dec 2024 07:05:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.1ca91e84.js
learning.betterphish.com/static/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/static/js/main.1ca91e84.js
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
a2f9b209f0df30127bd16c392c6c124de65740774bee537e210d0d34e36cd4df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj

Response headers

cache-control
public, max-age=0
etag
W/"127bca-193506ad170"
accept-ranges
bytes
access-control-allow-origin
*
content-length
1211338
date
Wed, 25 Dec 2024 07:05:21 GMT
last-modified
Thu, 21 Nov 2024 20:29:58 GMT
content-type
application/javascript; charset=UTF-8
server
Google Frontend
x-cloud-trace-context
858b8c7281c635b489e6851618d49307
main.c1243b73.css
learning.betterphish.com/static/css/ 		275 KB
276 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/static/css/main.c1243b73.css
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
1cef23cdb09dd003e752903612d2960657f63999a454af8cc26b4a6a6e2be29e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj

Response headers

cache-control
public, max-age=0
etag
W/"44c23-193506ad170"
accept-ranges
bytes
access-control-allow-origin
*
content-length
281635
date
Wed, 25 Dec 2024 07:05:21 GMT
last-modified
Thu, 21 Nov 2024 20:29:58 GMT
content-type
text/css; charset=UTF-8
server
Google Frontend
x-cloud-trace-context
569d1c59084fe46619869dc7f3bc2621
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://learning.betterphish.com
Referer
https://fonts.googleapis.com/

Response headers

age
329113
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
logo
learning.betterphish.com/api/ 		98 B
246 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/api/logo?token=pPyueXslZfz5A3IhUGUj
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/static/js/main.1ca91e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
96acd8def9a907ac5f8fee96656faf329017010919c9f9debbdea29539626b3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj

Response headers

etag
W/"62-AR+bLB5fBCgsJjk3mNY940Lrjqw"
x-ratelimit-reset
1735110343
x-ratelimit-remaining
1997
access-control-allow-origin
*
content-length
98
date
Wed, 25 Dec 2024 07:05:22 GMT
x-ratelimit-limit
2000
content-type
application/json; charset=utf-8
x-cloud-trace-context
9bcb968d2a6c67275316ce9aef521cb1
server
Google Frontend
learning-moment
learning.betterphish.com/api/ 		32 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/api/learning-moment?token=pPyueXslZfz5A3IhUGUj
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/static/js/main.1ca91e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
1b9a4232ec4eab7e22ce3cd38cdbf11b000e79c06b6fb5f6360b526450d6b113

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj

Response headers

etag
W/"800e-D10k2nwoCZm9Flzqv5NqbhR9e9I"
x-ratelimit-reset
1735110343
x-ratelimit-remaining
1996
access-control-allow-origin
*
content-length
32782
date
Wed, 25 Dec 2024 07:05:22 GMT
x-ratelimit-limit
2000
content-type
application/json; charset=utf-8
x-cloud-trace-context
b85fcb135586ae1906bb146bba24d1ee
server
Google Frontend
user
learning.betterphish.com/api/ 		130 B
255 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/api/user?token=pPyueXslZfz5A3IhUGUj
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/static/js/main.1ca91e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fdd951977b7567d5db9381090884cd7d28c0ba09f78aa752ada3df037377506a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj

Response headers

etag
W/"82-wEGn4ZFqvP6jU6el3b9VWBlu4Kc"
x-ratelimit-reset
1735110343
x-ratelimit-remaining
1995
access-control-allow-origin
*
content-length
130
date
Wed, 25 Dec 2024 07:05:22 GMT
x-ratelimit-limit
2000
content-type
application/json; charset=utf-8
x-cloud-trace-context
9598948ce9dee89c04cb1bb3e0adca8e
server
Google Frontend
favicon.ico
learning.betterphish.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
377ecfa1f0fea0c4256122bacac7da1b673e58f6dc35220df905d7a2e7290c4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj

Response headers

cache-control
public, max-age=0
etag
W/"1cdc-1935069df40"
accept-ranges
bytes
access-control-allow-origin
*
content-length
7388
date
Wed, 25 Dec 2024 07:05:22 GMT
last-modified
Thu, 21 Nov 2024 20:28:56 GMT
content-type
image/x-icon
server
Google Frontend
x-cloud-trace-context
601eda2814d8840638ca2df4d94086f4
logo.png
storage.googleapis.com/company-logo-image-prod/5ybcOppsqRnq2y9tAhkv/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/company-logo-image-prod/5ybcOppsqRnq2y9tAhkv/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bea959fa592afacaa98708b3ef35fab4df3d897d4f0bb3102ab5a239c4ba468e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=pmojQA==, md5=J3F7ryagFEbJIOhfDIj3/Q==
etag
"27717baf26a01446c920e85f0c88f7fd"
age
0
x-goog-stored-content-encoding
identity
expires
Wed, 25 Dec 2024 08:05:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
94953
date
Wed, 25 Dec 2024 07:05:22 GMT
last-modified
Tue, 24 Oct 2023 11:12:38 GMT
content-type
image/png
x-guploader-uploadid
AFiumC4rtMuLtTAEjSwKO2BRLJozDiva41rwUfya2P7RcbkIrKOPiEL-xk8hKX-zAeloaOs
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1698145958839131
content-length
94953
server
UploadServer
ip
learning.betterphish.com/api/ 		24 B
148 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/api/ip
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/static/js/main.1ca91e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d0e2f906e5b9af56e8f771717704a83a90f71dcb5a5520631447f78cdfdb5d9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj

Response headers

etag
W/"18-ep87YfOXfPxkMKMsyrtlYl51nKM"
x-ratelimit-reset
1735110343
x-ratelimit-remaining
1994
access-control-allow-origin
*
content-length
24
date
Wed, 25 Dec 2024 07:05:22 GMT
x-ratelimit-limit
2000
content-type
application/json; charset=utf-8
x-cloud-trace-context
ac714b01d31d96ab19b92396eea4c30d
server
Google Frontend
imac-1999636_960_720.png
cdn.pixabay.com/photo/2017/01/22/12/07/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixabay.com/photo/2017/01/22/12/07/imac-1999636_960_720.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1066de97cc39d223d43e94d2526fe8f56881c243180fbdc2a1672dddb16c2d85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/

Response headers

cf-cache-status
HIT
etag
"462586e031defa9e488fb81df5eb5e7b"
age
390616
cf-bgj
imgq:85,h2pri
x-amz-version-id
hCNyzWEiENwhtPcyDs83D2YicO7a0o8f
expires
Thu, 25 Dec 2025 07:05:22 GMT
cf-polished
origFmt=png, origSize=36512
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 25 Dec 2024 07:05:22 GMT
content-type
image/webp
content-disposition
inline; filename="imac-1999636_960_720.webp"
vary
Accept, Accept-Encoding
last-modified
Thu, 28 Feb 2019 02:12:32 GMT
x-amz-id-2
Ws4aPSwLvuQKSnBXD/p6J/hD2hw4nDfsD3071VY4qlDaSGxDIxhdyRO9OWju23lib6Smv1C6M1c=
priority
u=1,i
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000, s-maxage=31536000
cf-ray
8f76fb7a397cdc86-FRA
x-amz-request-id
GTQYG9YCEKNN1DNY
accept-ranges
bytes
access-control-allow-origin
*
content-length
21058
server
cloudflare
sample-3d-text-animation-2.gif
www.insofta.com/img12/3d-text-commander/ 		570 KB
570 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.insofta.com/img12/3d-text-commander/sample-3d-text-animation-2.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.233.184.14 Naaldwijk, Netherlands, ASN57043 (HOSTKEY-AS HOSTKEY B.V., NL),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
7dea4e73153e937ca22b0ad617c6841813ecfa2cd4dab1d07a28bd657bf6c269

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://learning.betterphish.com/

Response headers

cache-control
max-age=604800
etag
"5994628c-8e6bb"
expires
Wed, 01 Jan 2025 07:05:25 GMT
accept-ranges
bytes
content-length
583355
date
Wed, 25 Dec 2024 07:05:25 GMT
content-type
image/gif
last-modified
Wed, 16 Aug 2017 15:19:40 GMT
server
nginx/1.26.1
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://learning.betterphish.com
Referer
https://fonts.googleapis.com/

Response headers

age
573286
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:50:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:50:36 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://learning.betterphish.com
Referer
https://fonts.googleapis.com/

Response headers

age
105757
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
open-lm
learning.betterphish.com/api/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://learning.betterphish.com/api/open-lm?token=pPyueXslZfz5A3IhUGUj
Requested by
Host: learning.betterphish.com
URL: https://learning.betterphish.com/static/js/main.1ca91e84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://learning.betterphish.com/yfq/pPyueXslZfz5A3IhUGUj

Response headers

x-ratelimit-reset
1735110343
x-ratelimit-remaining
1993
access-control-allow-origin
*
content-length
0
date
Wed, 25 Dec 2024 07:05:22 GMT
x-ratelimit-limit
2000
x-cloud-trace-context
19ae9759823e44edba5412950b321ac7
content-type
text/html
server
Google Frontend

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Scorm12API function| Scorm2004API function| AICC object| API object| __SENTRY__

2 Cookies

Domain/Path Name / Value
authentication.autheticate.com/ Name: crumb
Value: BbRlmqbnE/KQNDFkYmU1MWU1MmNlMTBmNGRjM2Q5ZmU2MTE4Mjc1
.pixabay.com/ Name: __cf_bm
Value: k.Vn4lDveSHI0Ym_pKqoShXMbpOSyfO.EVh85goNan0-1735110322-1.0.1.1-UZz9MykofAANqXemx6m9XTg.vFLzU9wmTYJcZMbcAl5CSFkTtSxh5Omq1PXR65cZTcwecnbgUpHAVO7FoILkEA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authentication.autheticate.com
cdn.pixabay.com
fonts.googleapis.com
fonts.gstatic.com
learning.betterphish.com
storage.googleapis.com
use.fontawesome.com
www.insofta.com
142.250.185.67
172.64.147.160
185.233.184.14
198.49.23.145
2606:4700:3037::ac43:8ef5
2a00:1450:4001:810::201b
2a00:1450:4001:828::2013
2a00:1450:4001:82f::200a
1066de97cc39d223d43e94d2526fe8f56881c243180fbdc2a1672dddb16c2d85
1b9a4232ec4eab7e22ce3cd38cdbf11b000e79c06b6fb5f6360b526450d6b113
1cef23cdb09dd003e752903612d2960657f63999a454af8cc26b4a6a6e2be29e
377ecfa1f0fea0c4256122bacac7da1b673e58f6dc35220df905d7a2e7290c4e
55e0a20c209197e1d2bf59e9309b9c6f36f5d575f17cffab9a5a9287394bd848
7dea4e73153e937ca22b0ad617c6841813ecfa2cd4dab1d07a28bd657bf6c269
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
96acd8def9a907ac5f8fee96656faf329017010919c9f9debbdea29539626b3a
a2f9b209f0df30127bd16c392c6c124de65740774bee537e210d0d34e36cd4df
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
bea959fa592afacaa98708b3ef35fab4df3d897d4f0bb3102ab5a239c4ba468e
d0e2f906e5b9af56e8f771717704a83a90f71dcb5a5520631447f78cdfdb5d9d
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
f0a506b1a9b56cfba931e44dadb54f1912547e8c60312d1fac3e944a87758ae3
fdd951977b7567d5db9381090884cd7d28c0ba09f78aa752ada3df037377506a