phishing-training.hornetsecurity.com Open in urlscan Pro
94.100.132.71  Public Scan

Submitted URL: http://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0
Effective URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Submission: On November 15 via api from US — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 24 HTTP transactions. The main IP is 94.100.132.71, located in Saarbrücken, Germany and belongs to MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE. The main domain is phishing-training.hornetsecurity.com.
TLS certificate: Issued by E5 on November 14th 2024. Valid for: 3 months.
This is the only time phishing-training.hornetsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 94.100.132.71 25394 (MK-NETZDI...)
11 94.100.132.57 25394 (MK-NETZDI...)
24 3
Domain Requested by
13 phishing-training.hornetsecurity.com phishing-training.hornetsecurity.com
11 cdn.it-seal.de phishing-training.hornetsecurity.com
cdn.it-seal.de
1 bm-gesundheit.info-login.de 1 redirects
24 3

This site contains links to these domains. Also see Links.

Domain
www.hornetsecurity.com
Subject Issuer Validity Valid
phishing-training.hornetsecurity.com
E5
2024-11-14 -
2025-02-12
3 months crt.sh
cdn.it-seal.de
E6
2024-10-17 -
2025-01-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Frame ID: A04C6EA616F011683D7E476CEB3E0DF0
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Das war knapp! Das hätte eine Phishing-E-Mail sein können. | IT-Seal

Page URL History Show full URLs

  1. http://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0 HTTP 307
    https://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0 HTTP 307
    http://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0 HTTP 301
    https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

484 kB
Transfer

1012 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0 HTTP 307
    https://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0 HTTP 307
    http://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0 HTTP 301
    https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
phishing-training.hornetsecurity.com/
Redirect Chain
  • http://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0
  • https://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0
  • http://bm-gesundheit.info-login.de/buergerzuschuss/application38b62197-ac0a-4b40-8058-c240560cd6a0
  • https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
69 KB
17 KB
Document
General
Full URL
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
5b314754b1720d3307e1f086aab41d08156c76ed0f65c856bfef0e40a48f79e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
none
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Nov 2024 23:06:06 GMT
etag
"11459-LXAc3/iF7nZrM6T5WpcLWBrSWJ0"
server
Caddy
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
383
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Nov 2024 23:06:03 GMT
Location
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Server
Caddy gunicorn
introjs.min.css
phishing-training.hornetsecurity.com/vendor/intro.js/minified/
9 KB
2 KB
Stylesheet
General
Full URL
https://phishing-training.hornetsecurity.com/vendor/intro.js/minified/introjs.min.css
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
fe867b87f2648fa01f89b37fcd35ab0a86dad0bf9084ff537ff6528326490a76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=0
content-encoding
gzip
etag
W/"23d2-192713a7730"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
text/css; charset=UTF-8
last-modified
Wed, 09 Oct 2024 12:21:50 GMT
server
Caddy
vary
Accept-Encoding
a0d2b01.js
phishing-training.hornetsecurity.com/_nuxt/
2 KB
1 KB
Script
General
Full URL
https://phishing-training.hornetsecurity.com/_nuxt/a0d2b01.js
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
4ca8b699b1a88040a4f278f237bc87d6aaa03cc5d4d5cb7bff77f8fca72458b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"950-192715da7f0"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 09 Oct 2024 13:00:16 GMT
server
Caddy
vary
Accept-Encoding
cc66057.js
phishing-training.hornetsecurity.com/_nuxt/
210 KB
70 KB
Script
General
Full URL
https://phishing-training.hornetsecurity.com/_nuxt/cc66057.js
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
fe5087d20d658ac0313d0c905fc97e359317f1e583662195695577c62cfdf24d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"348c7-192715da7f0"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 09 Oct 2024 13:00:16 GMT
server
Caddy
vary
Accept-Encoding
1644191.js
phishing-training.hornetsecurity.com/_nuxt/
185 KB
60 KB
Script
General
Full URL
https://phishing-training.hornetsecurity.com/_nuxt/1644191.js
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
13fe31dcbd8fd8565fc36b114acfc5c16ab3c100027b4cb04df035c971769483

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"2e3c2-192715da7f0"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 09 Oct 2024 13:00:16 GMT
server
Caddy
vary
Accept-Encoding
c355fc5.js
phishing-training.hornetsecurity.com/_nuxt/
134 KB
35 KB
Script
General
Full URL
https://phishing-training.hornetsecurity.com/_nuxt/c355fc5.js
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
b3b08228af15df76036f77f1da3cf4f9b05075f6ed255ccc64aade2c530e303b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"216f5-192715da7f0"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 09 Oct 2024 13:00:16 GMT
server
Caddy
vary
Accept-Encoding
2ce7311.js
phishing-training.hornetsecurity.com/_nuxt/
5 KB
2 KB
Script
General
Full URL
https://phishing-training.hornetsecurity.com/_nuxt/2ce7311.js
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
6005acbaf4b1a47b27489c958591cc5c3dc10700d015973819ead6dd75416e3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"1518-192715da7f0"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 09 Oct 2024 13:00:16 GMT
server
Caddy
vary
Accept-Encoding
open-sans.css
cdn.it-seal.de/it-seal/fonts/open-sans/
940 B
273 B
Stylesheet
General
Full URL
https://cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
9e4e6c2df64525d687f13933f2109a8cd7cb25447d87d0e199d61222f794ee19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
"s4gua3q4"
content-length
232
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
server
Caddy
vary
Accept-Encoding
courier-prime-sans.css
cdn.it-seal.de/it-seal/fonts/courier-prime-sans/
352 B
477 B
Stylesheet
General
Full URL
https://cdn.it-seal.de/it-seal/fonts/courier-prime-sans/courier-prime-sans.css
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
12b2e42645843eb7ecc36dd17c63550529d8706818c6789b5da55b6985eee613
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/

Response headers

strict-transport-security
max-age=31536000
content-length
352
etag
"s4gua39s"
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
server
Caddy
hornet.css
cdn.it-seal.de/it-seal/fonts/hornet/
1017 B
299 B
Stylesheet
General
Full URL
https://cdn.it-seal.de/it-seal/fonts/hornet/hornet.css
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
39b6bf1245e135841b8a9f43cd11126e146533c33f44b8f2e8dd35437361ca35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
"s4gua3s9"
content-length
242
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
server
Caddy
vary
Accept-Encoding
aseadmin.svg
cdn.it-seal.de/hornet/
12 KB
5 KB
Image
General
Full URL
https://cdn.it-seal.de/hornet/aseadmin.svg
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
94e7d3889fdda6dd5221cf7209f0212c084c5862d126f46ad51f0dd00c7d130c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
"s4gua39oe"
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
image/svg+xml
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
server
Caddy
vary
Accept-Encoding
made_in_germany_positiv.svg
cdn.it-seal.de/it-seal/
9 KB
4 KB
Image
General
Full URL
https://cdn.it-seal.de/it-seal/made_in_germany_positiv.svg
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
1f089281b4c420c950cf712cb84f229abfc18f4148b02fd51908c381ebdf0371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
"s4gua379c"
content-length
3884
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
image/svg+xml
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
server
Caddy
vary
Accept-Encoding
phishing-mail.d26ceac.svg
phishing-training.hornetsecurity.com/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://phishing-training.hornetsecurity.com/_nuxt/img/phishing-mail.d26ceac.svg
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
9cf7b8719552cba4dcccc672056cbbcc21caea0bd704b9dfcd888902fa72e2eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"9a5-192715da7f0"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Oct 2024 13:00:16 GMT
server
Caddy
vary
Accept-Encoding
polyfill.min.js
phishing-training.hornetsecurity.com/vendor/
0
0
Script
General
Full URL
https://phishing-training.hornetsecurity.com/vendor/polyfill.min.js
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
0
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Caddy
intro.min.js
phishing-training.hornetsecurity.com/vendor/intro.js/minified/
28 KB
7 KB
Script
General
Full URL
https://phishing-training.hornetsecurity.com/vendor/intro.js/minified/intro.min.js
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
7ce3c799a6a6aa41cfbf84181b192248a9bb3bfdc6009e39e78a505d895ea0ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=0
content-encoding
gzip
etag
W/"70fe-192713a7730"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 09 Oct 2024 12:21:50 GMT
server
Caddy
vary
Accept-Encoding
bg-underwater.dbb8074.svg
phishing-training.hornetsecurity.com/_nuxt/img/
64 KB
16 KB
Image
General
Full URL
https://phishing-training.hornetsecurity.com/_nuxt/img/bg-underwater.dbb8074.svg
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
52c9fc2e82536b304abb675e0227ece9504ae618eea70c6b4e6215bdbe27361f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"fff4-192715da7f0"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Oct 2024 13:00:16 GMT
server
Caddy
vary
Accept-Encoding
truncated
/
675 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
530c8737cdcafc7ee7cbfa3c46030c1c7ec86e8ef2e1db8691e4a5d1c26bf3b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
754 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cfc6ea265f0695d9a0a0457e23f724d9553a1b5a71af6022026d46ec095674c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
Hornet-Regular.otf
cdn.it-seal.de/it-seal/fonts/hornet/OTF/
121 KB
121 KB
Font
General
Full URL
https://cdn.it-seal.de/it-seal/fonts/hornet/OTF/Hornet-Regular.otf
Requested by
Host: cdn.it-seal.de
URL: https://cdn.it-seal.de/it-seal/fonts/hornet/hornet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
e38fd5808ad5f854d4cad357bd56d5706cc9e66ee9044949b5a35ff40a7eac0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://phishing-training.hornetsecurity.com
Referer
https://cdn.it-seal.de/it-seal/fonts/hornet/hornet.css

Response headers

strict-transport-security
max-age=31536000
etag
"s4gua32n98"
access-control-allow-origin
https://phishing-training.hornetsecurity.com
content-length
123452
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
font/otf
vary
Origin
server
Caddy
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
access-control-allow-headers
content-type, x-requested-with
OpenSans-Bold.woff2
cdn.it-seal.de/it-seal/fonts/open-sans/
45 KB
45 KB
Font
General
Full URL
https://cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Bold.woff2
Requested by
Host: cdn.it-seal.de
URL: https://cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://phishing-training.hornetsecurity.com
Referer
https://cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css

Response headers

strict-transport-security
max-age=31536000
etag
"s4gua3zuk"
access-control-allow-origin
https://phishing-training.hornetsecurity.com
content-length
46460
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
font/woff2
vary
Origin
server
Caddy
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
access-control-allow-headers
content-type, x-requested-with
OpenSans-Light.woff2
cdn.it-seal.de/it-seal/fonts/open-sans/
45 KB
45 KB
Font
General
Full URL
https://cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Light.woff2
Requested by
Host: cdn.it-seal.de
URL: https://cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
c42014995e3763f5fd8d42a07ddc4f2d12486017484f2324f3e6afb46029df82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://phishing-training.hornetsecurity.com
Referer
https://cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css

Response headers

strict-transport-security
max-age=31536000
etag
"s4gua3zck"
access-control-allow-origin
https://phishing-training.hornetsecurity.com
content-length
45812
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
font/woff2
vary
Origin
server
Caddy
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
access-control-allow-headers
content-type, x-requested-with
OpenSans-Regular.woff2
cdn.it-seal.de/it-seal/fonts/open-sans/
44 KB
44 KB
Font
General
Full URL
https://cdn.it-seal.de/it-seal/fonts/open-sans/OpenSans-Regular.woff2
Requested by
Host: cdn.it-seal.de
URL: https://cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://phishing-training.hornetsecurity.com
Referer
https://cdn.it-seal.de/it-seal/fonts/open-sans/open-sans.css

Response headers

strict-transport-security
max-age=31536000
etag
"s4gua3yg8"
access-control-allow-origin
https://phishing-training.hornetsecurity.com
content-length
44648
date
Fri, 15 Nov 2024 23:06:06 GMT
content-type
font/woff2
vary
Origin
server
Caddy
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
access-control-allow-headers
content-type, x-requested-with
tracking
phishing-training.hornetsecurity.com/api/v1/
19 B
49 B
XHR
General
Full URL
https://phishing-training.hornetsecurity.com/api/v1/tracking?token=38b62197-ac0a-4b40-8058-c240560cd6a0
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/_nuxt/cc66057.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
96aba0338162e14e64f627a91ed9b6c2bc027536b0adeabb7d0e29535ec6556e

Request headers

Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 15 Nov 2024 23:06:07 GMT
server
Caddy
favicon.ico
cdn.it-seal.de/hornet/icons/
2 KB
2 KB
Other
General
Full URL
https://cdn.it-seal.de/hornet/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
39b7aeef51f6cb3207ce016718806fbb304b943a6b3c9dd93a1671c3fab124ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/

Response headers

strict-transport-security
max-age=31536000
content-length
1591
etag
"s4gua3187"
date
Fri, 15 Nov 2024 23:06:07 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
server
Caddy
ef50635.js
phishing-training.hornetsecurity.com/_nuxt/
21 KB
5 KB
Script
General
Full URL
https://phishing-training.hornetsecurity.com/_nuxt/ef50635.js
Requested by
Host: phishing-training.hornetsecurity.com
URL: https://phishing-training.hornetsecurity.com/_nuxt/a0d2b01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.71 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
36a6b96ba82f80b91c171b21bd2372280ca28f9d6c945300e4e0bb71548f0f05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/?token=38b62197-ac0a-4b40-8058-c240560cd6a0

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
etag
W/"5206-192715da7f0"
accept-ranges
bytes
date
Fri, 15 Nov 2024 23:06:07 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 09 Oct 2024 13:00:16 GMT
server
Caddy
vary
Accept-Encoding
48.png
cdn.it-seal.de/hornet/icons/
1 KB
1 KB
Other
General
Full URL
https://cdn.it-seal.de/hornet/icons/48.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.100.132.57 Saarbrücken, Germany, ASN25394 (MK-NETZDIENSTE-AS MK Netzdienste GmbH, DE),
Reverse DNS
Software
Caddy /
Resource Hash
88f4c5fb50702a59925a6cfed48715adce26498a294f7072cf1e4c38d837858c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://phishing-training.hornetsecurity.com/

Response headers

strict-transport-security
max-age=31536000
content-length
1417
etag
"s4gua313d"
date
Fri, 15 Nov 2024 23:06:07 GMT
content-type
image/png
last-modified
Tue, 21 Nov 2023 08:58:51 GMT
server
Caddy

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __NUXT__ function| introJs object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| _ object| $nuxt

2 Cookies

Domain/Path Name / Value
phishing-training.hornetsecurity.com/ Name: i18n_redirected
Value: de
phishing-training.hornetsecurity.com/ Name: token
Value: 38b62197-ac0a-4b40-8058-c240560cd6a0

1 Console Messages

Source Level URL
Text
network error URL: https://phishing-training.hornetsecurity.com/vendor/polyfill.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bm-gesundheit.info-login.de
cdn.it-seal.de
phishing-training.hornetsecurity.com
94.100.132.57
94.100.132.71
12b2e42645843eb7ecc36dd17c63550529d8706818c6789b5da55b6985eee613
13fe31dcbd8fd8565fc36b114acfc5c16ab3c100027b4cb04df035c971769483
1f089281b4c420c950cf712cb84f229abfc18f4148b02fd51908c381ebdf0371
36a6b96ba82f80b91c171b21bd2372280ca28f9d6c945300e4e0bb71548f0f05
39b6bf1245e135841b8a9f43cd11126e146533c33f44b8f2e8dd35437361ca35
39b7aeef51f6cb3207ce016718806fbb304b943a6b3c9dd93a1671c3fab124ff
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
4ca8b699b1a88040a4f278f237bc87d6aaa03cc5d4d5cb7bff77f8fca72458b6
52c9fc2e82536b304abb675e0227ece9504ae618eea70c6b4e6215bdbe27361f
530c8737cdcafc7ee7cbfa3c46030c1c7ec86e8ef2e1db8691e4a5d1c26bf3b2
5b314754b1720d3307e1f086aab41d08156c76ed0f65c856bfef0e40a48f79e0
6005acbaf4b1a47b27489c958591cc5c3dc10700d015973819ead6dd75416e3e
7ce3c799a6a6aa41cfbf84181b192248a9bb3bfdc6009e39e78a505d895ea0ba
7cfc6ea265f0695d9a0a0457e23f724d9553a1b5a71af6022026d46ec095674c
88f4c5fb50702a59925a6cfed48715adce26498a294f7072cf1e4c38d837858c
94e7d3889fdda6dd5221cf7209f0212c084c5862d126f46ad51f0dd00c7d130c
96aba0338162e14e64f627a91ed9b6c2bc027536b0adeabb7d0e29535ec6556e
9cf7b8719552cba4dcccc672056cbbcc21caea0bd704b9dfcd888902fa72e2eb
9e4e6c2df64525d687f13933f2109a8cd7cb25447d87d0e199d61222f794ee19
b3b08228af15df76036f77f1da3cf4f9b05075f6ed255ccc64aade2c530e303b
c42014995e3763f5fd8d42a07ddc4f2d12486017484f2324f3e6afb46029df82
e38fd5808ad5f854d4cad357bd56d5706cc9e66ee9044949b5a35ff40a7eac0a
fe5087d20d658ac0313d0c905fc97e359317f1e583662195695577c62cfdf24d
fe867b87f2648fa01f89b37fcd35ab0a86dad0bf9084ff537ff6528326490a76