Report - www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen

Report Overview

Submitted URL
www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen_Versicherungskammer.docx?bV2-k3vU
IP
94.100.132.71
ASN
#25394 MK Netzdienste GmbH & Co. KG
Submitted
2022-11-22 10:46:46
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.wetransfer.safe-browsing.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	559 B	94.100.132.71
cdn.it-seal.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	152 kB	46.165.253.9
phishing-training.it-seal.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.9 kB	67 kB	94.100.132.71
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	38 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.198.114

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-22	medium	www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen_Versicherungskammer.docx?bV2-k3vU	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	phishing-training.it-seal.de/_nuxt/b0acbaf.js	2.4 kB	2023-03-07	2024-04-18
Pretty URL phishing-training.it-seal.de/_nuxt/b0acbaf.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:45:31 Last Seen2024-04-18 08:20:03 Times Seen5 Hash e31c7629d704080018fccb96e8c9c885 b0acec67289b90b310eb4b0310e9055577295ab6 a1c22231992ec3b0062248b4618e6d64b712c0ac1a1a42bb47350844e01eb0e7 Loading...

	phishing-training.it-seal.de/_nuxt/38ea98a.js	5.4 kB	2023-03-07	2024-04-18
Pretty URL phishing-training.it-seal.de/_nuxt/38ea98a.js IP 94.100.132.71 ASN #25394 MK Netzdienste GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:45:31 Last Seen2024-04-18 08:20:03 Times Seen5 Hash 5c1ea76810791a75ff0e50fa6dd29e04 b72d133cea80bd56ecc3adb0b1770675b12b9f97 4221d9fd168b19766e8ada422d145917193025090c3f66a4fadea1261f5bfdaf Loading...

	phishing-training.it-seal.de/_nuxt/1217fb2.js	215 kB	2023-03-07	2024-04-18
Pretty URL phishing-training.it-seal.de/_nuxt/1217fb2.js IP 94.100.132.71 ASN #25394 MK Netzdienste GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:45:31 Last Seen2024-04-18 08:20:03 Times Seen5 Hash 061c2ad590c1ee03bb8eb3a0f3c21ed8 bad8697923d26fd1e8eede081265b7cabefe98d7 3d1a376d916bd66b9ac3fb1d66498e18d16faf998e8ce79bbbac63f3b8e096d7 Loading...

	phishing-training.it-seal.de/_nuxt/07896ce.js	21 kB	2023-03-07	2024-04-18
Pretty URL phishing-training.it-seal.de/_nuxt/07896ce.js IP 94.100.132.71 ASN #25394 MK Netzdienste GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:45:31 Last Seen2024-04-18 08:20:03 Times Seen8 Hash 9741130d282269170d2316378477b937 8eb6a00f8580deb2375070d23cc4eee52c7e0037 51bf86ea5655401d95f2e4e9951304b836e39f02e32442f1145573e25747a5fc Loading...

	phishing-training.it-seal.de/vendor/intro.js/minified/intro.min.js	29 kB	2023-03-07	2024-04-18
Pretty URL phishing-training.it-seal.de/vendor/intro.js/minified/intro.min.js IP 94.100.132.71 ASN #25394 MK Netzdienste GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:02:24 Last Seen2024-04-18 08:20:03 Times Seen60 Hash 9ab141137c5a3184abdc009c3eb1f036 875ea1ad86494376dc05e24070fdca541012a1f9 7ce3c799a6a6aa41cfbf84181b192248a9bb3bfdc6009e39e78a505d895ea0ba Loading...

	phishing-training.it-seal.de/vendor/polyfill.min.js	79 kB	2023-03-07	2024-04-18
Pretty URL phishing-training.it-seal.de/vendor/polyfill.min.js IP 94.100.132.71 ASN #25394 MK Netzdienste GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:45:31 Last Seen2024-04-18 08:20:03 Times Seen20 Hash d78fcc33f93e44c5c5371a6d329a8da6 ba7cfe20d8a0d3131c08c8006e3afd0450f4c03c 5761a48021c0a264f22d81c2fbd81e0679e02a17ee6ade0d187c093ac2a92318 Loading...

	phishing-training.it-seal.de/en?token=bV2-k3vU	55 kB	2023-03-11	2023-03-11
Pretty URL phishing-training.it-seal.de/en?token=bV2-k3vU IP 94.100.132.71 ASN #25394 MK Netzdienste GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:40:22 Last Seen2023-03-11 15:40:22 Times Seen1 Hash e3edc2d47f00bca15a4c80e9a34f7a2e 3072c414430f1eb9673127132d99a96087574806 0c384209db06624256dc9a474e233f65a12dfd4696140f34a8129ca9328354ae Loading...

	phishing-training.it-seal.de/_nuxt/a393ceb.js	189 kB	2023-03-07	2024-04-18
Pretty URL phishing-training.it-seal.de/_nuxt/a393ceb.js IP 94.100.132.71 ASN #25394 MK Netzdienste GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:45:31 Last Seen2024-04-18 08:20:03 Times Seen5 Hash 962c9d84b0b4b191f9c1d2ecb2c98018 ec48a86122b75d24f6d2172d8f684c42248390be fa49c353b06c13b37cc7dd044f1154c7c61c1b1e4c1cb7484dca2e76d553d806 Loading...

	phishing-training.it-seal.de/_nuxt/d23f7a3.js	137 kB	2023-03-07	2024-04-18
Pretty URL phishing-training.it-seal.de/_nuxt/d23f7a3.js IP 94.100.132.71 ASN #25394 MK Netzdienste GmbH & Co. KG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:45:31 Last Seen2024-04-18 08:20:03 Times Seen5 Hash 69ee0a0dd278ea8aa1d49ccdd097c9dc 2aa16a0270b5ddb80c9742952f86daf3ea257a41 0e35ce613d8a5aa0cbae07eb5f89d19e04d49c01d76e4c1ccca5d53cc8c008cb Loading...

HTTP Transactions (40)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6577
Expires: Tue, 22 Nov 2022 12:36:12 GMT
Date: Tue, 22 Nov 2022 10:46:35 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5009
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 10:46:35 GMT
Last-Modified: Tue, 22 Nov 2022 09:23:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 10:09:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2233
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4347
Expires: Tue, 22 Nov 2022 11:59:02 GMT
Date: Tue, 22 Nov 2022 10:46:35 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 1U8u6sbx9CibGAZn3/hms7QCqdtjsBPuAhBGEuyGnCzc5EjQaSWN59e9+zjmVHsJz/ylwMLZHbwxaWLkrqP0nA==
x-amz-request-id: W2GV652N4XP2QT89
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 10:42:32 GMT
age: 243
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 10:46:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 10:08:47 GMT
cache-control: public,max-age=3600
age: 2268
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5969
Cache-Control: max-age=86388
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 10:46:35 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 10:46:23 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen_Versicherungskammer.docx?bV2-k3vU

94.100.132.71

301 Moved Permanently

309 B

URL HTTP/1.1
www.wetransfer.safe-browsing.de/file/Bewerbungsunterlagen_Versicherungskammer.docx?bV2-k3vU
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
309 B (309 bytes)
Hash
71b09e82d5e2b5953842209cf3bf6d10
0c154aeac55aef000ad5c143e1175120d7fe7636
4b59fcfc00c79accc96724d83ef473aef76dcf8e7d210ef098f1d4164aab79a9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /file/Bewerbungsunterlagen_Versicherungskammer.docx?bV2-k3vU HTTP/1.1
Host: www.wetransfer.safe-browsing.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Origin: *
Content-Length: 309
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Nov 2022 10:46:36 GMT
Location: https://phishing-training.it-seal.de?token=bV2-k3vU
Server: Caddy, gunicorn

push.services.mozilla.com/

52.38.198.114

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.198.114:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TopRkThjrAuoB5G4VlVvyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +xvEbYXLDu4voQzM+O6Rp0vaE3c=

cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css

46.165.253.9

200 OK

236 B

URL HTTP/2
cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css
IP
46.165.253.9:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
ASCII text
Size
236 B (236 bytes)
Hash
5e4bb043b759283363876ab15c299602
df39095fb31b46aeb3d357fbcdda06577ee72fe9
b5d9f71a187ee086d1422a5b20e4496cace40010f0bbd804d4641ffdae5575d3

HTTP Headers

GET /it-seal/fonts/open-sans/open-sans.css HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: W/"qxdzylq4"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 236
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2

cdn.it-seal.de/it-seal/fonts/courier-prime-sans/courier-prime-sans.css

46.165.253.9

200 OK

163 B

URL HTTP/2
cdn.it-seal.de/it-seal/fonts/courier-prime-sans/courier-prime-sans.css
IP
46.165.253.9:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
ASCII text
Size
163 B (163 bytes)
Hash
ac825df3791896cf70e4f10e70712452
e793692fc74bea3580e490635cc428cc7f9ad1a1
3ebca15ca8eaa75707fd0cc7589cbd32325290769ce2a46f47792149eeb64f3e

HTTP Headers

GET /it-seal/fonts/courier-prime-sans/courier-prime-sans.css HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css; charset=utf-8
etag: W/"qxdzyl9s"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-length: 163
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2

cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Regular.woff2

46.165.253.9

200 OK

45 kB

URL HTTP/2
cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Regular.woff2
IP
46.165.253.9:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
Web Open Font Format (Version 2), TrueType, length 44648, version 1.0\012- data
Size
45 kB (44648 bytes)
Hash
5d5735e57127db2f7a2ad879fc6056b8
1e55dbe4e381353b147bf963e97bb60a43b0f28c
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf

HTTP Headers

GET /it-seal/fonts/open-sans/OpenSans-Regular.woff2 HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://phishing-training.it-seal.de
Connection: keep-alive
Referer: https://cdn.it-seal.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: https://phishing-training.it-seal.de
content-type: font/woff2
etag: "qxdzylyg8"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Origin
content-length: 44648
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2

cdn.it-seal.de/it-seal/AATM/AATM.svg

46.165.253.9

200 OK

53 kB

URL HTTP/2
cdn.it-seal.de/it-seal/AATM/AATM.svg
IP
46.165.253.9:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
data
Size
53 kB (53075 bytes)
Hash
b245a90e024696d60172f1dd9bc7df82
35856c0b73ad199b5a5102fafdfbc07876d41a76
ac9d92db897ac34c723afca765515a2e1056d09c969ea73a9d36951aca63bc97

HTTP Headers

GET /it-seal/AATM/AATM.svg HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: W/"r5na9rgzl"
last-modified: Thu, 13 Jan 2022 10:53:51 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2

phishing-training.it-seal.de/vendor/intro.js/minified/intro.min.js

94.100.132.71

200 OK

53 kB

URL HTTP/2
phishing-training.it-seal.de/vendor/intro.js/minified/intro.min.js
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type
data
Size
53 kB (52997 bytes)
Hash
1ca6402bfdebc7651671858f3f169d7a
4e3107aac3e657775b6a56057d9d9e3773f66986
c58c150ee77224e58fd1c89c6f1e28822bfc5c4a32666945f0c0421cea2b3a45

HTTP Headers

GET /vendor/intro.js/minified/intro.min.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"70fe-17583ab8368"
last-modified: Sun, 01 Nov 2020 11:57:37 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdn.it-seal.de/it-seal/Logo_IT-Seal_2019_negativ.png

46.165.253.9

200 OK

16 kB

URL HTTP/2
cdn.it-seal.de/it-seal/Logo_IT-Seal_2019_negativ.png
IP
46.165.253.9:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
PNG image data, 1080 x 320, 8-bit colormap, non-interlaced\012- data
Size
16 kB (16040 bytes)
Hash
0ddbf95e425f416443711fc10ada7e88
ba162ac1b5f2ef37c65dc21708195479ce54763a
418f6c57f6e7817ce67804d1db74d4cddd0dd033879b724fd097c670c0eea6c9

HTTP Headers

GET /it-seal/Logo_IT-Seal_2019_negativ.png HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "qxdzylcdk"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
content-length: 16040
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5278
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 10:46:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 06:05:40 GMT
age: 16857
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

phishing-training.it-seal.de/_nuxt/38ea98a.js

94.100.132.71

200 OK

11 kB

URL HTTP/2
phishing-training.it-seal.de/_nuxt/38ea98a.js
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type
data
Size
11 kB (10695 bytes)
Hash
ea034c90934b7484b977fe4789306440
d8c2f8077dc368597179d6dd9dbfb1573232d87e
1481dba71b96b2ad1b50919dc1b1cffb58d0ef6cf17ea4ea82d3ea46096cb5be

HTTP Headers

GET /_nuxt/38ea98a.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"1518-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9862 bytes)
Hash
528d729159d8b08ed1fe05472dc65ce4
b7d570a7a095e127fd408b8272b93a52c5038b46
d6404764bcc3f2e7c4462b6b31fbc0e315c9cbf51b7424194c2bc6f4a21a33de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9862
x-amzn-requestid: 02281c2f-2a42-4891-97af-8d21a4cd0d2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrJEdYIAMFijQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee47-7c96415239d22bfc219f53f6;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s7D3KMWB4GWn_ocJfzzb71Btbh8DE--DsUnwH9PkWptl7CXfqh3CXA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:48:12 GMT
age: 46705
etag: "b7d570a7a095e127fd408b8272b93a52c5038b46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4db9b106-0a0e-4fae-92b6-a8812d365210.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8075 bytes)
Hash
7ccd43a87165914b33d3d0abf4daac17
495bc194d9cf043cad38e9aab650a3e74a542c68
3e95928493b984c636a5fa77b22c29b3245ba4bba7d730a8545145b17a5986f4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4db9b106-0a0e-4fae-92b6-a8812d365210.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8075
x-amzn-requestid: 5d8d5076-abee-484e-98e6-e2f8641133e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IqUGXnIAMF4gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee41-3c973b4d2d40cbaa2c5df221;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 72klCXzOuoI65Ga5GmG59pLPjzQwLo2Y6bj-IZIBQQU29LU7GM14Rw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:40:14 GMT
age: 43583
etag: "495bc194d9cf043cad38e9aab650a3e74a542c68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6031 bytes)
Hash
4f3fad7453f45dfa617243c8beac64e1
56414a905340e1b1478a0a40a52b25365a724524
7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VabInML1mfcQLIp29OWRNsixwfSWt0Wv9l7I-Ak7TdUHlNt2ZEVtPg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 15:21:36 GMT
age: 69901
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4639 bytes)
Hash
dafd9e17dc0023e71ae513c6025e4b80
12e2654db1f384bb04f5c5042848b25dda86b710
e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bmrDryUp_4bvIikGkppa36e9isEfvK0gjunV6xmU5ApJtxlLR_GYkA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:05:18 GMT
age: 45679
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.it-seal.de/it-seal/icons/favicon-16x16.png

46.165.253.9

200 OK

884 B

URL HTTP/2
cdn.it-seal.de/it-seal/icons/favicon-16x16.png
IP
46.165.253.9:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size
884 B (884 bytes)
Hash
af4c9d7cd828b2f49636b240809bfb83
4ff2b162029537604b6a9334fd93b348c4f60510
bb0c7ac5b45e8a51675486a9318d2dde9c447933a1f95320b951916eb0a7080d

HTTP Headers

GET /it-seal/icons/favicon-16x16.png HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "qxdzylok"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
content-length: 884
date: Tue, 22 Nov 2022 10:46:38 GMT
X-Firefox-Spdy: h2

cdn.it-seal.de/it-seal/icons/favicon-256x256.png

46.165.253.9

200 OK

35 kB

URL HTTP/2
cdn.it-seal.de/it-seal/icons/favicon-256x256.png
IP
46.165.253.9:0
ASN
#28753 Leaseweb Deutschland GmbH

File type
PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced\012- data
Size
35 kB (35038 bytes)
Hash
dcb6dab687da17991edfb820e2484129
7e41f91b1abf22e9d5e9fc9a4f07295dc2a6f8cb
181171e423a46c201e9be2f6114617092f69091dd386fe5ca1b5c17fcef901f4

HTTP Headers

GET /it-seal/icons/favicon-256x256.png HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "qxdzylr1a"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
content-length: 35038
date: Tue, 22 Nov 2022 10:46:38 GMT
X-Firefox-Spdy: h2

phishing-training.it-seal.de/_nuxt/07896ce.js

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/_nuxt/07896ce.js
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/07896ce.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"5207-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

phishing-training.it-seal.de/api/v1/tracking?token=bV2-k3vU

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/api/v1/tracking?token=bV2-k3vU
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v1/tracking?token=bV2-k3vU HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 46
Origin: https://phishing-training.it-seal.de
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 10:46:38 GMT
server: Caddy
X-Firefox-Spdy: h2

phishing-training.it-seal.de/vendor/intro.js/minified/introjs.min.css

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/vendor/intro.js/minified/introjs.min.css
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /vendor/intro.js/minified/introjs.min.css HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: text/css; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"23d2-17583ab8368"
last-modified: Sun, 01 Nov 2020 11:57:37 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

phishing-training.it-seal.de/_nuxt/d23f7a3.js

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/_nuxt/d23f7a3.js
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/d23f7a3.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"21687-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

phishing-training.it-seal.de/_nuxt/img/phishing-mail.3825c8d.svg

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/_nuxt/img/phishing-mail.3825c8d.svg
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/img/phishing-mail.3825c8d.svg HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: image/svg+xml
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"997-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

cdn.it-seal.de/teachable-moment/angelschnur_haken_login.svg

46.165.253.9

200 OK

0 B

URL HTTP/2
cdn.it-seal.de/teachable-moment/angelschnur_haken_login.svg
IP
46.165.253.9:0
ASN
#28753 Leaseweb Deutschland GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /teachable-moment/angelschnur_haken_login.svg HTTP/1.1
Host: cdn.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: W/"qxdzylcai"
last-modified: Thu, 05 Aug 2021 22:03:57 GMT
server: Caddy
strict-transport-security: max-age=31536000
vary: Accept-Encoding
date: Tue, 22 Nov 2022 10:46:37 GMT
X-Firefox-Spdy: h2

phishing-training.it-seal.de/vendor/polyfill.min.js

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/vendor/polyfill.min.js
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /vendor/polyfill.min.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=0
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"1333a-181cf16f448"
last-modified: Tue, 05 Jul 2022 15:59:57 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

phishing-training.it-seal.de/?token=bV2-k3vU

94.100.132.71

302 Found

0 B

URL HTTP/2
phishing-training.it-seal.de/?token=bV2-k3vU
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?token=bV2-k3vU HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 22 Nov 2022 10:46:36 GMT
location: /en?token=bV2-k3vU
server: Caddy
set-cookie: i18n_redirected=en; Path=/; Expires=Wed, 22 Nov 2023 10:46:36 GMT; SameSite=Lax
X-Firefox-Spdy: h2

phishing-training.it-seal.de/en?token=bV2-k3vU

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/en?token=bV2-k3vU
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /en?token=bV2-k3vU HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: i18n_redirected=en
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: "2336d-MwbbzafcWqEB+z96MhHzrqw2VGw"
server: Caddy
set-cookie: i18n_redirected=en; Path=/; Expires=Wed, 22 Nov 2023 10:46:36 GMT; SameSite=Lax
token=bV2-k3vU; Max-Age=172800; Path=/
vary: Accept-Encoding
X-Firefox-Spdy: h2

phishing-training.it-seal.de/_nuxt/1217fb2.js

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/_nuxt/1217fb2.js
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/1217fb2.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"348c7-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

phishing-training.it-seal.de/_nuxt/a393ceb.js

94.100.132.71

200 OK

0 B

URL HTTP/2
phishing-training.it-seal.de/_nuxt/a393ceb.js
IP
94.100.132.71:0
ASN
#25394 MK Netzdienste GmbH & Co. KG

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/a393ceb.js HTTP/1.1
Host: phishing-training.it-seal.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://phishing-training.it-seal.de/en?token=bV2-k3vU
Cookie: i18n_redirected=en; token=bV2-k3vU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 10:46:37 GMT
etag: W/"2e3c2-1837be3628f"
last-modified: Mon, 26 Sep 2022 22:20:43 GMT
server: Caddy
vary: Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations