training.phriendlyphishing.com
Open in
urlscan Pro
65.9.57.52
Public Scan
Effective URL: https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story_html5.html
Submission Tags: falconsandbox
Submission: On October 25 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 24th 2020. Valid for: 3 months.
This is the only time training.phriendlyphishing.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.252.116.154 54.252.116.154 | 16509 (AMAZON-02) (AMAZON-02) | |
13 | 65.9.57.52 65.9.57.52 | 16509 (AMAZON-02) (AMAZON-02) | |
13 | 2 |
ASN16509 (AMAZON-02, US)
PTR: launch.phriendlyphishing.com
rms.gov.au.hzeak.in |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
phriendlyphishing.com
training.phriendlyphishing.com |
2 MB |
1 |
hzeak.in
1 redirects
rms.gov.au.hzeak.in |
1 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
13 | training.phriendlyphishing.com |
training.phriendlyphishing.com
|
1 | rms.gov.au.hzeak.in | 1 redirects |
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.launch.phriendlyphishing.com Let's Encrypt Authority X3 |
2020-10-24 - 2021-01-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story_html5.html
Frame ID: E9B027B62372BA88E5B48A618E45859B
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://rms.gov.au.hzeak.in/?t=-RXup0LhRk-HXQYkvYgYbcEmBKAYucNV&p=rvs3hujnmhij646aNT08g1TUq0bTZFyb%2Froa...
HTTP 302
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html Page URL
- https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story_html5.html Page URL
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rms.gov.au.hzeak.in/?t=-RXup0LhRk-HXQYkvYgYbcEmBKAYucNV&p=rvs3hujnmhij646aNT08g1TUq0bTZFyb%2Froads%2Fregistration%2Finspections%2Foverview.html
HTTP 302
https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html Page URL
- https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story_html5.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://rms.gov.au.hzeak.in/?t=-RXup0LhRk-HXQYkvYgYbcEmBKAYucNV&p=rvs3hujnmhij646aNT08g1TUq0bTZFyb%2Froads%2Fregistration%2Finspections%2Foverview.html HTTP 302
- https://training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story.html
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
story.html
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/ Redirect Chain
|
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
story_html5.html
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/ |
17 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/story_content/ |
30 B 373 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.css
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/stylesheets/ |
106 KB 106 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
output.min.css
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/css/ |
91 KB 91 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/lib/scripts/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
data.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/ |
42 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paths.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6KOZXKrashH.js
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/html5/data/js/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
62E5Q7ioQ4I_DX1134_DY1134_CX357_CY850.png
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/ |
82 KB 82 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6qsHYcZTC5z_DX244_DY244_CX183_CY183.png
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6JwuUmzbmH6_DX484_DY484_CX362_CY178.jpg
training.phriendlyphishing.com/landing_pages/simulated_phishing_page/mobile/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 7 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 8 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 6 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| isMobile object| globals undefined| doc undefined| loader function| requirejs function| require function| define object| CryptoJS function| TinCan function| _ function| $ function| jQuery object| StyleFix object| PrefixFree object| Backbone object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin object| _gsQueue function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| CSSPlugin function| BezierPlugin object| captionator function| TimelineLite function| SVGPathSeg function| SVGPathSegClosePath function| SVGPathSegMovetoAbs function| SVGPathSegMovetoRel function| SVGPathSegLinetoAbs function| SVGPathSegLinetoRel function| SVGPathSegCurvetoCubicAbs function| SVGPathSegCurvetoCubicRel function| SVGPathSegCurvetoQuadraticAbs function| SVGPathSegCurvetoQuadraticRel function| SVGPathSegArcAbs function| SVGPathSegArcRel function| SVGPathSegLinetoHorizontalAbs function| SVGPathSegLinetoHorizontalRel function| SVGPathSegLinetoVerticalAbs function| SVGPathSegLinetoVerticalRel function| SVGPathSegCurvetoCubicSmoothAbs function| SVGPathSegCurvetoCubicSmoothRel function| SVGPathSegCurvetoQuadraticSmoothAbs function| SVGPathSegCurvetoQuadraticSmoothRel function| SVGPathSegList function| globalProvideData function| handleBeforeUnload function| GetPlayer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rms.gov.au.hzeak.in
training.phriendlyphishing.com
54.252.116.154
65.9.57.52
1fc0f3c1076f2c4de3a7a38f8b6a80fbc0f9bb47127b6443d6163f00271e25f8
322aff956db48553f7ae59ee247e553b9d41e8c43a8d8f91f693e101def20930
37a811b016325453dca5a0b32402dcf403bddc620469ac3603ecc581dd65c154
44ea8887c8c7905945e8ca6d3e93437e460ed05f8c75d16578de1b38b7b880b9
4a1d0dc97e26a64ba0e2bcfc9d784c95c0e9e42f648d849598997869deef8bc3
5fff9f63d2ad3ebbf7ef9fda138e1b5727b9e1bea3231ffc8da08d7298aa236e
711e48016d1d010c1501a5bade576969e6c5922d6db5d9f872785ca9e71e8f81
763c34ef370091de892ce2834a04d8fbbaf1a5a9b9986e727a582d393b2e07fd
7b94cbec0ecd26a3b202e3d3542e90d383a2a94704fc55b74ccbd00cc59b2ec9
8e952172dc73a3d097086d89f4c44db412487cd7dbd79d7cc0a325b24210a0c7
937e52b70a6a3b08b33bb5cc0ab6fc136054dd0aeb1bfbad6624fe091ed8f2af
9ff317809debfcaee37f9e27bbeb2204386e9b443e5ec13109c7551d8cdc4202
a67b66729622a0f85c4c01308c2edc0c3dbe669e5543f8ed895f3910a6414257
cbdce9f99fa99e0f5071d4084a8d42d171c59f1153f3d8a3f1b0771d6bf96202
d37ffca77ee687e2564c3c7c4d860a74042f36025b30f0a34329800d33fc161e
db3f8d110de1426301ae3ee435746158db8fa65331442c023379707a5b6bacd9
dd862214be29606cbcd90fbf2976bbec326f6e0dbd0a54c40aaa2cc8fbc0d824
fbbee4fae9c79c3e5a08fe235b4f9e6b1ce17c629b0327bd5d2356da37595f2e