![](/screenshots/94fb48b5-ee04-4e2a-9620-55be58dca525.png)
sth-community.sans.org
Open in
urlscan Pro
35.165.247.157
Public Scan
Effective URL: https://sth-community.sans.org/login
Submission Tags: phishingrod
Submission: On May 28 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.
This is the only time sth-community.sans.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 35.165.247.157 35.165.247.157 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:16::215:1484 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 216.58.212.132 216.58.212.132 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.92.148.0 52.92.148.0 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
23 | 8 |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-247-157.us-west-2.compute.amazonaws.com
sth-community.sans.org |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
sans.org
1 redirects
sth-community.sans.org |
283 KB |
4 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 565 |
41 KB |
2 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
257 KB |
1 |
amazonaws.com
s3-us-west-2.amazonaws.com |
11 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
949 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
2 KB |
23 | 6 |
Domain | Requested by | |
---|---|---|
15 | sth-community.sans.org |
1 redirects
sth-community.sans.org
|
3 | use.typekit.net |
sth-community.sans.org
|
1 | p.typekit.net | |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.gstatic.com |
www.google.com
|
1 | s3-us-west-2.amazonaws.com |
sth-community.sans.org
|
1 | www.google.com |
sth-community.sans.org
|
1 | fonts.googleapis.com |
sth-community.sans.org
|
23 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
community.forumbee.com |
forumbee.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sth-community.sans.org R3 |
2024-03-29 - 2024-06-27 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-01 - 2025-03-03 |
a year | crt.sh |
*.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01 |
2024-05-15 - 2025-05-13 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sth-community.sans.org/login
Frame ID: 1E071B27EB83B57814D7556964D39613
Requests: 23 HTTP requests in this frame
Screenshot
![](/screenshots/94fb48b5-ee04-4e2a-9620-55be58dca525.png)
Page Title
Login - SANS Security Awareness CommunityPage URL History Show full URLs
-
https://sth-community.sans.org/
HTTP 302
https://sth-community.sans.org/login Page URL
Detected technologies
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/reCAPTCHA.png)
Detected patterns
- /recaptcha/api\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: How to enable browser cookies
Search URL Search Domain Scan URL
Title: Powered by Forumbee
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sth-community.sans.org/
HTTP 302
https://sth-community.sans.org/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
sth-community.sans.org/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gnj8quf.js
use.typekit.net/ |
16 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ertaiflasnyhivaoz4eannnszvhiklpx.css
sth-community.sans.org/content/csx/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.css
sth-community.sans.org/content/fontawesome-pro-5.1.0-web/css/ |
55 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5cf6sff3mf2v5owr5apjmml6iaergxsq.css
sth-community.sans.org/content/themes/forums/air/csx/ |
52 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f.css
sth-community.sans.org/css/f/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 949 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
900.png
s3-us-west-2.amazonaws.com/media.forumbee.com/logos/85dd404f-1a9a-487f-bb57-19d83f1545fa/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4r2pul7xz2lh6dcbma5sz7gpwa6xi5eh.js
sth-community.sans.org/content/jsx/ |
486 KB 116 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c3ej2h4uvrbffueadraj5vqc4xscnw7l.js
sth-community.sans.org/content/jsx/ |
229 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kkwvxr4ibahgrbot2b5sokm2u5i4ow5e.js
sth-community.sans.org/content/jsx/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vuu2suekds6iebjggm3twkff4d6cvlsx.js
sth-community.sans.org/content/jsx/ |
220 B 611 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nx3xabcx736xxmr2r3a2j5lnlgfnyahl.js
sth-community.sans.org/content/jsx/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/ |
526 KB 209 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/27e9f9/000000000000000077359b98/30/ |
17 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
localize
sth-community.sans.org/ |
4 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tz.js
sth-community.sans.org/content/js/fw/tz/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/9c0b69/000000000000000077359b90/30/ |
16 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 206 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
sth-community.sans.org/ |
34 KB 35 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
set
sth-community.sans.org/z/ |
0 790 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Typekit object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| pagestate function| Intercom function| throttle function| debounce function| throttle2 function| blockEvent function| HtmlEncode function| $ function| jQuery function| Class function| moment function| autosize boolean| isHD function| codePrint object| blockEventMap function| Retina function| RetinaImage object| angular object| angularRootApp function| bootAngularElement function| custom function| makeValidateLookupOptions function| Frm function| Req function| Max function| Reg function| Val object| fLogin object| btnLogin object| btnClose object| frm boolean| busy object| inputs boolean| render object| re object| el function| showWait function| hideWait object| tz object| recaptcha object| platform object| jstz3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sth-community.sans.org/ | Name: sid9 Value: 34y39vbwzyljowkixc6pd3z5zq3flggdkt44rqm6 |
|
sth-community.sans.org/ | Name: csrf Value: jgr2ksj752i800oj83cuqd3phc |
|
sth-community.sans.org/ | Name: cli9 Value: OWMwMWE4MDA4OWJlZmNmMmE3ZmYxNDAzY2UzODdiYzdhYTA5NDEyYjZmNTg2ZGVmYTdlYTQ4ZDM0Nzc0ZDBhZCxmQT09 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | deny |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
p.typekit.net
s3-us-west-2.amazonaws.com
sth-community.sans.org
use.typekit.net
www.google.com
www.gstatic.com
216.58.212.132
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a02:26f0:3500:16::215:1484
2a02:26f0:3500:16::215:148b
35.165.247.157
52.92.148.0
0a867c996d35277a85a35f5d41e9890bd2f8092ae791362776c0e56f6e494325
0dd7c05cb0f60c72fa56ba0ad83ae3f1b1cb783136441f72cda313802faa4563
28a4ab333eb4de75150526e7edc2c2d2f761ce3515cc39a5c34bb6ea294c8296
28c4f405f05390622e94b3cec982a8b28ffddcd6db79edc2fc22088b38ed2e09
2f71e6bb4ae85132d7ad184ce4eaa6928cc47d7caab584be378b92c7e5900831
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40b4a7842b68d92d10a22bc08141ba45c2ce366a9302a3f28b516b1de4d4f27d
445b3c4b519e32ebbe88ef4f743e970640480e38a2a52a59d140031adfe21d22
4689d94dc41ea32f15bc7f216bf276e4cc0dd5125057ecd3d793b4d1daee8a4f
4b03ff73b48c813197e1783d5d05339a52b1294f145104c977b9c9af4a4bee6c
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0
66d5dfc672102c0b84d2307b9c720fb7b5334ac2fd5132dd13dedbcc6a221a67
8567891b932b11034822f4ea0a6f1eb3ad488f628d529b1701bc1c23c91edced
864725540481dab6f4e70991ba600c7d64245fc5549deee6da0084c33f4cc89a
8be96c7239a98d0742edb36de5ca3c324421652b8dd0672acee1293449ce9ad7
9658efdf6732f45eebd785779e50d1775ff410fb41da600f0d1bffb281a5f616
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a4097508c465c54143c22b0ea0d72ddb7eb241c1f2b8135352b832057e9ecff5
a4454f508d0610b3ac5233a00e64cc529c7e84fc784eb41d6135865340ccb39f
d627349d976b6889d6a2da8cc4bc911f4fcc67cab7818d37dd40c9af47149051
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f09ac3c3108b5c4e7fba6f090f66b25d97624587392896231d254b10e46f76fb
f50dbe90f4d78d2a924b1f8ba709cac118c1d3cedb5c718c9342e2ff07e48598