urlscan.io logo urlscan.io
SecurityTrails logo

training.phriendlyphishing.com Open in urlscan Pro
13.225.80.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://smex12-5-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2f54.252.116.154%2fDocuments%2fohs%2dlatest.pdf%3ft1%3dZk0...
Effective URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Submission: On January 10 via manual from NZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 13.225.80.20, located in United States and belongs to AMAZON-02, US. The main domain is training.phriendlyphishing.com.
TLS certificate: Issued by R3 on January 7th 2022. Valid for: 3 months.
This is the only time training.phriendlyphishing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 50.112.15.243 16509 (AMAZON-02)
1 1 54.252.116.154 16509 (AMAZON-02)
15 13.225.80.20 16509 (AMAZON-02)
2 13.225.80.45 16509 (AMAZON-02)
17 3
Apex Domain
Subdomains		 Transfer
15 phriendlyphishing.com
training.phriendlyphishing.com
2 MB
2 articulate.com
metrics.articulate.com — Cisco Umbrella Rank: 10120
498 B
1 trendmicro.com
smex12-5-en-ctp.trendmicro.com
194 B
17 3
Domain Requested by
15 training.phriendlyphishing.com training.phriendlyphishing.com
2 metrics.articulate.com training.phriendlyphishing.com
1 smex12-5-en-ctp.trendmicro.com 1 redirects
17 3

This site contains no links.

Subject Issuer Validity Valid
*.phriendlyphishing.com
R3		 2022-01-07 -
2022-04-07		 3 months crt.sh
articulate.com
Amazon		 2021-09-14 -
2022-10-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Frame ID: C60A40D538B622E4AC3947432CDE94BD
Requests: 21 HTTP requests in this frame

Frame: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/analytics-frame.html
Frame ID: F1716B3DAFCE5911253FEA4061444EE1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simulation Link Expired

Page URL History Show full URLs

  1. https://smex12-5-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2f54.252.116.154%2fDocuments%2fohs%2dl... HTTP 302
    http://54.252.116.154/Documents/ohs-latest.pdf?t1=Zk0rCBVcoRDpes9r1eMXKLmw7RDo3NfJ&t2=X9owvrsRmI3M... HTTP 302
    https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paths(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2137 kB
Transfer

2128 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://smex12-5-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2f54.252.116.154%2fDocuments%2fohs%2dlatest.pdf%3ft1%3dZk0rCBVcoRDpes9r1eMXKLmw7RDo3NfJ%26t2%3dX9owvrsRmI3Mku7kdWFK1vdSsMQt3E4L&umid=c5d7d013-45e7-46a3-ab6d-4855c3cb7f90&auth=7d2d0abb068e5711621b1d94b8fe61c48225f872-9817752f1593826a590ead72f39ad01aabc331d7 HTTP 302
    http://54.252.116.154/Documents/ohs-latest.pdf?t1=Zk0rCBVcoRDpes9r1eMXKLmw7RDo3NfJ&t2=X9owvrsRmI3Mku7kdWFK1vdSsMQt3E4L HTTP 302
    https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request story.html
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/
Redirect Chain
  • https://smex12-5-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=http%3a%2f%2f54.252.116.154%2fDocuments%2fohs%2dlatest.pdf%3ft1%3dZk0rCBVcoRDpes9r1eMXKLmw7RDo3NfJ%26t2%3dX9owvrsRmI3Mku7kdWFK1vdSs...
  • http://54.252.116.154/Documents/ohs-latest.pdf?t1=Zk0rCBVcoRDpes9r1eMXKLmw7RDo3NfJ&t2=X9owvrsRmI3Mku7kdWFK1vdSsMQt3E4L
  • https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cde2de58cf50b2affbad070c31545310d96a1b0f1653e5916287fc51e5957ebc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
6728
last-modified
Mon, 08 Feb 2021 08:10:48 GMT
x-amz-version-id
rGqPEEpgCXvxP5nfGh9L.Lfe4GdjsYUE
accept-ranges
bytes
server
AmazonS3
date
Mon, 10 Jan 2022 21:47:09 GMT
etag
"5b1ac56e51999716362b24737984a9c4"
x-cache
Hit from cloudfront
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
qvuSaiI-5xCguX5tUuTlIv9Cta84nCDpm0oJfUsJY0b4fT6Y2UG6kA==

Redirect headers

Date
Mon, 10 Jan 2022 21:47:09 GMT
Server
Apache
Cache-Control
no-cache max-age=86400, public
Vary
Origin,Host
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
X-Request-Id
f69eff0e-1545-47dd-ad78-5811e1c19f00
X-Download-Options
noopen
X-Runtime
0.033166
X-Frame-Options
sameorigin
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https:; connect-src 'self' https:; img-src data: *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; report-uri /csp_report?report_only=true
X-Powered-By
Phusion Passenger 5.3.4
Location
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Status
302 Found
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
user.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story_content/ 		67 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story_content/user.js
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f2842721eb704c5dd8810dda0221c8f4f87b5743e0e28b9dafe55f0c114c004

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 21:47:11 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:10:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"a85671704f0073177c1110ad8d5ff5ae"
x-cache
Miss from cloudfront
x-amz-version-id
BxdmGKjOo1tHrDhFMUHC5jRdOO3x_vZH
accept-ranges
bytes
content-type
application/javascript
content-length
67
x-amz-cf-id
nJ7dxTPs161JAuYKP9QXfOe2f8wa6PKZLjnQQDZEyObVjDwsVBumgw==
output.min.css
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/css/ 		120 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/css/output.min.css
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bba82822735e94c0f1e2e1765bcc4e138180ec393b8c3f556e860a000a4afb6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 21:47:11 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:11:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"a8746d777fcbdeb1c9580042c13dec7d"
x-cache
Miss from cloudfront
x-amz-version-id
IVVxz1oXiF5HbChqieITJh8nq_DUjQyd
accept-ranges
bytes
content-type
text/css
content-length
122386
x-amz-cf-id
CQlhCTcYJkljQCUKxOGNZTuw5_MKOw11ShxGTZSrj5ubUQiQXrtXjg==
ds-bootstrap.min.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ 		517 KB
518 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef14447cb740c1125960d01701ca58ad6488f92544136d6306f8ae7709ffb9be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 06:39:57 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:11:05 GMT
server
AmazonS3
age
54433
etag
"744a555eb355f5b9e0d535afef3e8d58"
x-cache
Hit from cloudfront
x-amz-version-id
DEH7kohopu0nq9OzGtFvSwEh2SwAju82
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
529359
x-amz-cf-id
kmWocggKjRAkctDDVo3tN8cMap_6FDUBghNEd8sCWWccHRQoEuFD2w==
analytics-frame.html
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/ Frame F171 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/analytics-frame.html
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3efd124f9ab9ca67e8975eaa24bda7491077f465caef02b8a0c97e9f47ad2aea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html

Response headers

content-type
text/html
content-length
4072
date
Mon, 10 Jan 2022 06:39:59 GMT
last-modified
Mon, 08 Feb 2021 08:10:46 GMT
etag
"720f8fd109feb2d463d8870da8d58c54"
x-amz-version-id
OYGuow357bxKyIp.iqPRd2StMIrM1PHv
accept-ranges
bytes
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7VJPljoT_nF06nx4RriUHsTw2IIUjb13DJYMdtdD1VkVASQR89q1_w==
age
54433
desktop.min.css
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/stylesheets/ 		75 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/stylesheets/desktop.min.css
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7decd92e1bc625a295d24fac10f7bbf55f6d784d38f993a4dec78c8fc598f9f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 21:47:13 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:10:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"80e7ebc466ec013e9dad1e5a553b5844"
x-cache
Miss from cloudfront
x-amz-version-id
TOvoSbZ4wtA0JRnXh7mpJr5coTzHkzqR
accept-ranges
bytes
content-type
text/css
content-length
76945
x-amz-cf-id
z5qWsDFH2bH73cdyzk98_XLP5356Aw6FIH8CdF98Ay-V9o-u_m7Dgw==
ds-frame.desktop.min.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ 		213 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-frame.desktop.min.js
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84ba3d25c0835f73ea41e1b3f80df50d589b895f084631c6db264e2a898dbce8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 06:39:59 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:11:06 GMT
server
AmazonS3
age
54433
etag
"a6edddaf8aeef27a453c9133045237ca"
x-cache
Hit from cloudfront
x-amz-version-id
eMtI6Au1zirkuigv54Azt8lYzrDXQBn6
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
217889
x-amz-cf-id
tEnZKjzmGnqAQOQe5ya4TUW1JDibcGS-zVkdj_Rnm4w38BI_5KPrNw==
frame.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/ 		53 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/frame.js
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a70cd8485a6fa08adbc6920af94710ed1d2f0d84792f731c1c6b0af5f05cf532

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 06:40:16 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:11:09 GMT
server
AmazonS3
age
54416
etag
"fbec9a3624cfe085fd59e59fdc40f489"
x-cache
Hit from cloudfront
x-amz-version-id
4yDnUlru3H70WB4pguwBPxD.Ur52gJdX
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
53900
x-amz-cf-id
U-CnZfhI_jAUhGmie6CO5FSRxg626PZFQ7ikzr2jdV14sspkaZcClg==
ds-slides.min.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ 		863 KB
864 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-slides.min.js
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb1bc1e47ee9d5fdeecca4ab86b5ec313e1b126ea1ffc237cb8362532c5fbe7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:22:34 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:11:00 GMT
server
AmazonS3
age
41077
etag
"6c1cf58f1c91a2174ac6507597e9e7f7"
x-cache
Hit from cloudfront
x-amz-version-id
BCS8mi_KJMi6yE.wpJdZAlsd_kdrHdcC
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
883487
x-amz-cf-id
3W3_5c7C7bSUTYIEODMnL5oOyL10TQHMJyZfqLcxV31G5iADsXAOcQ==
data.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/data.js
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25e3b1640962fbec273054a1384cc7bfc33fe070d1cb76838a4448803d7deafd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:22:38 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:11:11 GMT
server
AmazonS3
age
41074
etag
"07c6c1db5372c3a857d6c1a1967b614c"
x-cache
Hit from cloudfront
x-amz-version-id
1aQxOZDfrr6hsP.IAKcexynEU9QBsea3
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
25309
x-amz-cf-id
iCCsyhpNhz785jN8ABRcgyZDzfX1NDfRmIphJBukR1kGpEg-lVfrkw==
paths.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/paths.js
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35507b492e04eebcc13f513da7f69b99a533b4bfeaa51de448bb8b8a426a0b4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:22:38 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:11:12 GMT
server
AmazonS3
age
41074
etag
"db331562487e9c9a16e9f8bc4b631bd9"
x-cache
Hit from cloudfront
x-amz-version-id
XlN3PVSUQldi_f9O3X34REwuaEiNyiWt
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
14894
x-amz-cf-id
xDOq5UF_vSLyCx_aQUY1UMg0Akml3zHPm6n6Nr13A7PNUNpdyMBc_g==
truncated
/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
248cbf8685e89f4ef0953c5ee5200e3917fef3474d112bae108188df74802af2

Request headers

Referer
Origin
https://training.phriendlyphishing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7761a71d24554d3e9dc15ed86dce882a537a8f1a6e16fe7e850ba0b0b17f5240

Request headers

Referer
Origin
https://training.phriendlyphishing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03c53ec5e1e8fea30569e253b0edc00e45caf5a57bf25065e9eb6b93155e1d89

Request headers

Referer
Origin
https://training.phriendlyphishing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e46475d6bb122673e51cbd12492592e83932c879e9e9fd8bf655b5c06766a58

Request headers

Referer
Origin
https://training.phriendlyphishing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
897ade79aeac8aae4e1483f8b70919c3faa945e7e101629b4da801e3c5099020

Request headers

Referer
Origin
https://training.phriendlyphishing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44673e5a406a12a05e318a627e4024b7516ad8ad6e9b8ea84251587165b51de9

Request headers

Referer
Origin
https://training.phriendlyphishing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bacc7da1e56b7a7e9200466e79a17db3acd9427e916a5cdd44c4ce2890e7bf6

Request headers

Referer
Origin
https://training.phriendlyphishing.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff
6mAli7uDFFi.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/6mAli7uDFFi.js
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ds-bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eedd272a37a3a8e39e28fd3a5d9c17c7c06d181aa12d047e417250fe24f7b8de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:22:41 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:11:10 GMT
server
AmazonS3
age
41070
etag
"30c7d51825941d15e0225796f84f4336"
x-cache
Hit from cloudfront
x-amz-version-id
zrJRtkWcAt3lnv111FTLKRYzpbwZiUNm
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
11734
x-amz-cf-id
wRt3vgSTZ_IB4RBQ7DDtO7er9Y4vomEsfz7JFl7DVQIJBWiJQt-ywA==
6YZa6fLFTdd_FFFFFF_P_0_526_1920_398_DX2700_DY2700_CX1488_CY309.png
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/6YZa6fLFTdd_FFFFFF_P_0_526_1920_398_DX2700_DY2700_CX1488_CY309.png
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11398c4c899b082ffc321a86a57dddef642512c2ec29bc6739ed615d56a80b55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:22:43 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:10:54 GMT
server
AmazonS3
age
41069
etag
"be0fa3c4713ec55b7a81808bcd17eadd"
x-cache
Hit from cloudfront
x-amz-version-id
pbSt1g.yeD_Bw6yxhxSrCB1CSySVHtNb
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
75513
x-amz-cf-id
m77unBM6IhCqy9IWpc68o2liDCFsbty_CCXc6M9LuGA9YmaEzRJVlw==
6YWoKSSNnuT_DX340_DY340_CX251_CY78.png
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/6YWoKSSNnuT_DX340_DY340_CX251_CY78.png
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9893a08fe93268f65e7ed64e0f9aaf40ff5a2f7da085cc9a5b5eaf5a0f12b849

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:22:44 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:10:52 GMT
server
AmazonS3
age
41068
etag
"7326d21d17837c907057ce0424c22c06"
x-cache
Hit from cloudfront
x-amz-version-id
SR9Eg_GH5AOVt.v64XfFPhTNwSwn63Yf
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
11468
x-amz-cf-id
lmtmTjk1y4Q1TEm8QbRv3QCZAj1N5J0E2DFXTgXsocKz-M1GEBkKaQ==
6fhDxiV0YFn_DX1222_DY1222_CX916_CY723.png
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/6fhDxiV0YFn_DX1222_DY1222_CX916_CY723.png
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
936f2d659c030eac72ad6ed2b310faff255f79d4deeede1e6d9021d61dd7c3d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:22:43 GMT
via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 08:10:51 GMT
server
AmazonS3
age
41069
etag
"b7b6e270c26af4c6bff060376463b1bd"
x-cache
Hit from cloudfront
x-amz-version-id
wZ28E5VMpi7I0mL8SlnrLxesXvWKBW4b
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
72374
x-amz-cf-id
wN_gpVL6bByRXov-uZuPwmOeDycmlHDgOya38QpCXPeuMr_zE-zMEw==
import
metrics.articulate.com/v1/ Frame F171 		21 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.articulate.com/v1/import
Requested by
Host: training.phriendlyphishing.com
URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/analytics-frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-45.fra2.r.cloudfront.net
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://training.phriendlyphishing.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jan 2022 21:47:12 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
730d5265-7a81-4fde-887e-ff0cc28bfb68
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61dca960-15d59dc326ed6c9b49577099
x-cache
Miss from cloudfront
x-amz-apigw-id
Lv9nGF1hIAMFqCg=
content-length
21
x-amz-cf-id
oNJprCy-zK_qVH7x9G6mwB3wnNuyBREdXX5IAhUmJkm8yJDaNyo6SA==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
import
metrics.articulate.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://metrics.articulate.com/v1/import
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-45.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://training.phriendlyphishing.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Mon, 10 Jan 2022 21:47:12 GMT
x-amzn-requestid
01916abe-b217-4cbc-ab4d-1399b3fb6ad5
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
Lv9nCH0FoAMFYQQ=
access-control-allow-methods
OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
KUmNSWTVjfMloAT3CLZhM6-BfhkxQ9olCfL_IZ-CZ55FfkEKQUVcxQ==

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| THREE object| isMobile object| DS object| globals function| ExecuteScript object| doc object| loader object| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| globalProvideData object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin object| _gsQueue function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| CSSPlugin function| BezierPlugin function| TimelineLite object| StyleFix object| PrefixFree object| captionator function| handleBeforeUnload object| views function| GetPlayer function| SVGPathSeg function| SVGPathSegClosePath function| SVGPathSegMovetoAbs function| SVGPathSegMovetoRel function| SVGPathSegLinetoAbs function| SVGPathSegLinetoRel function| SVGPathSegCurvetoCubicAbs function| SVGPathSegCurvetoCubicRel function| SVGPathSegCurvetoQuadraticAbs function| SVGPathSegCurvetoQuadraticRel function| SVGPathSegArcAbs function| SVGPathSegArcRel function| SVGPathSegLinetoHorizontalAbs function| SVGPathSegLinetoHorizontalRel function| SVGPathSegLinetoVerticalAbs function| SVGPathSegLinetoVerticalRel function| SVGPathSegCurvetoCubicSmoothAbs function| SVGPathSegCurvetoCubicSmoothRel function| SVGPathSegCurvetoQuadraticSmoothAbs function| SVGPathSegCurvetoQuadraticSmoothRel function| SVGPathSegList

2 Cookies

Domain/Path Name / Value
54.252.116.154/ Name: XSRF-TOKEN
Value: WU4T3bwMxywwHJeLuhXGJxk3soprKO944y4Gl6D1XleiPwSHEEVeeazN7ppvJEqfff8h1KB1kJ%2B6VFVE731Atw%3D%3D
54.252.116.154/ Name: _session_id
Value: 3e68a746c8754bce6b089a5f2ce07f2e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

metrics.articulate.com
smex12-5-en-ctp.trendmicro.com
training.phriendlyphishing.com
13.225.80.20
13.225.80.45
50.112.15.243
54.252.116.154
03c53ec5e1e8fea30569e253b0edc00e45caf5a57bf25065e9eb6b93155e1d89
11398c4c899b082ffc321a86a57dddef642512c2ec29bc6739ed615d56a80b55
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1e46475d6bb122673e51cbd12492592e83932c879e9e9fd8bf655b5c06766a58
248cbf8685e89f4ef0953c5ee5200e3917fef3474d112bae108188df74802af2
25e3b1640962fbec273054a1384cc7bfc33fe070d1cb76838a4448803d7deafd
35507b492e04eebcc13f513da7f69b99a533b4bfeaa51de448bb8b8a426a0b4d
3efd124f9ab9ca67e8975eaa24bda7491077f465caef02b8a0c97e9f47ad2aea
44673e5a406a12a05e318a627e4024b7516ad8ad6e9b8ea84251587165b51de9
4bacc7da1e56b7a7e9200466e79a17db3acd9427e916a5cdd44c4ce2890e7bf6
7761a71d24554d3e9dc15ed86dce882a537a8f1a6e16fe7e850ba0b0b17f5240
7decd92e1bc625a295d24fac10f7bbf55f6d784d38f993a4dec78c8fc598f9f0
7f2842721eb704c5dd8810dda0221c8f4f87b5743e0e28b9dafe55f0c114c004
84ba3d25c0835f73ea41e1b3f80df50d589b895f084631c6db264e2a898dbce8
897ade79aeac8aae4e1483f8b70919c3faa945e7e101629b4da801e3c5099020
936f2d659c030eac72ad6ed2b310faff255f79d4deeede1e6d9021d61dd7c3d6
9893a08fe93268f65e7ed64e0f9aaf40ff5a2f7da085cc9a5b5eaf5a0f12b849
a70cd8485a6fa08adbc6920af94710ed1d2f0d84792f731c1c6b0af5f05cf532
bba82822735e94c0f1e2e1765bcc4e138180ec393b8c3f556e860a000a4afb6b
cde2de58cf50b2affbad070c31545310d96a1b0f1653e5916287fc51e5957ebc
eedd272a37a3a8e39e28fd3a5d9c17c7c06d181aa12d047e417250fe24f7b8de
ef14447cb740c1125960d01701ca58ad6488f92544136d6306f8ae7709ffb9be
fb1bc1e47ee9d5fdeecca4ab86b5ec313e1b126ea1ffc237cb8362532c5fbe7c