urlscan.io logo urlscan.io
SecurityTrails logo

pyphish.perseus.de Open in urlscan Pro
2600:9000:214f:b400:16:2f9a:e740:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://emailclient-forward.com-00.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Effective URL: https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Submission: On August 26 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 13 HTTP transactions. The main IP is 2600:9000:214f:b400:16:2f9a:e740:93a1, located in United States and belongs to AMAZON-02, US. The main domain is pyphish.perseus.de.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 14th 2023. Valid for: a year.
This is the only time pyphish.perseus.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:2670:800:a:d8b1:4100:93a1 (United States)

ASN16509 (AMAZON-02, US)
emailclient-forward.com-00.de
3    2600:9000:214f:b400:16:2f9a:e740:93a1 (United States)

ASN16509 (AMAZON-02, US)
pyphish.perseus.de
snowplow.perseus.de
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
2    3.5.137.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
dev-pyphish-assets.s3.eu-central-1.amazonaws.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.33.187.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-109.fra60.r.cloudfront.net
script.hotjar.com
1    3.5.134.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
snowplow-public-perseus.s3.eu-central-1.amazonaws.com
1    2600:9000:214f:e200:16:2f9a:e740:93a1 (United States)

ASN16509 (AMAZON-02, US)
snowplow.perseus.de
Apex Domain
Subdomains		 Transfer
4 perseus.de
pyphish.perseus.de
snowplow.perseus.de
14 KB
3 amazonaws.com
dev-pyphish-assets.s3.eu-central-1.amazonaws.com
snowplow-public-perseus.s3.eu-central-1.amazonaws.com
386 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
62 KB
1 gstatic.com
fonts.gstatic.com
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
85 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
795 B
1 com-00.de
emailclient-forward.com-00.de
542 B
13 8
Domain Requested by
2 snowplow.perseus.de snowplow-public-perseus.s3.eu-central-1.amazonaws.com
2 dev-pyphish-assets.s3.eu-central-1.amazonaws.com pyphish.perseus.de
2 pyphish.perseus.de 1 redirects emailclient-forward.com-00.de
1 snowplow-public-perseus.s3.eu-central-1.amazonaws.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com pyphish.perseus.de
1 www.googletagmanager.com pyphish.perseus.de
1 code.jquery.com pyphish.perseus.de
1 fonts.googleapis.com pyphish.perseus.de
1 emailclient-forward.com-00.de
13 11

This site contains no links.

Subject Issuer Validity Valid
*.com-00.de
Amazon RSA 2048 M03		 2024-01-10 -
2025-02-07		 a year crt.sh
perseus.de
Amazon RSA 2048 M02		 2023-11-14 -
2024-12-13		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2024-08-02 -
2025-07-30		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Frame ID: FA4C756C317586D536E84EF9860D3068
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Perseus

Page URL History Show full URLs

  1. https://emailclient-forward.com-00.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-... Page URL
  2. http://pyphish.perseus.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-... HTTP 307
    https://pyphish.perseus.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-... HTTP 308
    http://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5... HTTP 307
    https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

64 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

587 kB
Transfer

1142 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://emailclient-forward.com-00.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008 Page URL
  2. http://pyphish.perseus.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008 HTTP 307
    https://pyphish.perseus.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008 HTTP 308
    http://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008 HTTP 307
    https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
43
emailclient-forward.com-00.de/de/ 		152 B
542 B 		Document
General
Check archive.org
Download Go to
Full URL
https://emailclient-forward.com-00.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:800:a:d8b1:4100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b0ec68cd862b2bd19e6cce2330c211f2644442b091ad26bd00e61c50609f49e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length
152
content-type
text/html
date
Mon, 26 Aug 2024 07:42:30 GMT
etag
"64bec446cbc8a152bdcded920cb03b0f"
last-modified
Mon, 13 Dec 2021 11:16:52 GMT
server
AmazonS3
via
1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-id
2iSm4ZZLsOmMvJBbTzFBp6vu8ktiyyiBK-AqlF0JV9H-3EAkBw8xqg==
x-amz-cf-pop
FRA56-P9
x-amz-error-code
NoSuchKey
x-amz-error-detail-key
de/43
x-amz-error-message
The specified key does not exist.
x-cache
Error from cloudfront
Primary Request /
pyphish.perseus.de/de/43/
Redirect Chain
  • http://pyphish.perseus.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
  • https://pyphish.perseus.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
  • http://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
  • https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
37 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Requested by
Host: emailclient-forward.com-00.de
URL: https://emailclient-forward.com-00.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b400:16:2f9a:e740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
35cd902cf08f55d63c67ba2372dc6b54b5376ba4e975a0a0fe45c9f56dc417fa

Request headers

Referer
https://emailclient-forward.com-00.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 26 Aug 2024 07:42:31 GMT
vary
Accept-Encoding
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-id
6pEjkzsZTINstBoQFfy683ZZzb40h7XwWQzIpPqcV7mmgPlClYdr-A==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront

Redirect headers

Location
https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		781 B
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins&display=swap
Requested by
Host: pyphish.perseus.de
URL: https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pyphish.perseus.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 26 Aug 2024 07:42:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 06:55:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Aug 2024 07:42:31 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: pyphish.perseus.de
URL: https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://pyphish.perseus.de/
Origin
https://pyphish.perseus.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:42:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2494860
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
30879
x-served-by
cache-lga21981-LGA, cache-mxp6965-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724658151.343980,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
23560, 268052
gtm.js
www.googletagmanager.com/ 		334 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXBTCVN
Requested by
Host: pyphish.perseus.de
URL: https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5bfb7e5ba327f335495bf35065682e31cd4c4ad680e6d66c9ae262d0f7e1718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://pyphish.perseus.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:42:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86507
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Aug 2024 07:42:31 GMT
hotjar-931669.js
static.hotjar.com/c/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-931669.js?sv=6
Requested by
Host: pyphish.perseus.de
URL: https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
92868166a54052968a5991d1d999e9ab0c002b52c774594fb7ec30e356607450
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pyphish.perseus.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 26 Aug 2024 07:41:33 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
58
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/c370d9917e5ed763e54280a953fc86d9
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
3yqrd_nW54opui8By4Vm0UoZaLN7rMUlXQG16t67D2NmZ9U9Co_ETA==
activation_landing_page_background.png
dev-pyphish-assets.s3.eu-central-1.amazonaws.com/ 		358 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev-pyphish-assets.s3.eu-central-1.amazonaws.com/activation_landing_page_background.png
Requested by
Host: pyphish.perseus.de
URL: https://pyphish.perseus.de/de/43/?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.137.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fcde9b898e2b34d30a083e76e51e85a0313d85ab69e22d3571640747005f40f9

Request headers

Referer
https://pyphish.perseus.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 07:42:32 GMT
Last-Modified
Mon, 11 Oct 2021 12:36:45 GMT
Server
AmazonS3
x-amz-request-id
ZYAYBSHPT615X9R3
ETag
"f4c80216e846039fc989462571a0f670"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
366608
x-amz-id-2
3psLilMZ/kc8TqKk9AKU8v6RB8Rs5F9G0COwy2dIawbPih+45lThgIoFV1TBAhgui2zh7VGMHncaVttU7IQMrA==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pyphish.perseus.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 07:37:16 GMT
x-content-type-options
nosniff
age
315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 07:37:16 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-931669.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-109.fra60.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://pyphish.perseus.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
2308765
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
tqKiRK1Yg2VoFHRxGYqcFE1Wh2O-Sh_GakpMO4hEigmG2SZzZhdAYQ==
HJ2Cch.js
snowplow-public-perseus.s3.eu-central-1.amazonaws.com/2.18.0/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow-public-perseus.s3.eu-central-1.amazonaws.com/2.18.0/HJ2Cch.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXBTCVN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.134.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0039e1283a0696bd65b17c519a21155018d7b6286e0c7d42e3baf72241f906b3

Request headers

Referer
https://pyphish.perseus.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 07:42:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Jun 2021 13:17:59 GMT
Server
AmazonS3
x-amz-request-id
ZYAPBDAXZEFG3K39
ETag
"c14280d22822359c9d36c5d90170e5ff"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Content-Length
26987
x-amz-id-2
KQqVv8Drw5eDtxWjSd29m7JMWopk9cXZ7izkAR78p82N1WPOBywsfB1Ac/z+TIyf0Qw5gdb+/7QZxrMktBuKbcqVR/lgB6eo
tp2
snowplow.perseus.de/com.snowplowanalytics.snowplow/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://snowplow.perseus.de/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e200:16:2f9a:e740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pyphish.perseus.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://pyphish.perseus.de
access-control-max-age
5
content-length
0
date
Mon, 26 Aug 2024 07:42:31 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id
jbr7Bmh0QZcl_v6JNgoMw4GQWg3qSXnSflp2oosM5CLepKhYurGgGA==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
tp2
snowplow.perseus.de/com.snowplowanalytics.snowplow/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://snowplow.perseus.de/com.snowplowanalytics.snowplow/tp2
Requested by
Host: snowplow-public-perseus.s3.eu-central-1.amazonaws.com
URL: https://snowplow-public-perseus.s3.eu-central-1.amazonaws.com/2.18.0/HJ2Cch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b400:16:2f9a:e740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://pyphish.perseus.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 26 Aug 2024 07:42:32 GMT
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pyphish.perseus.de
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
content-length
2
x-amz-cf-id
-6qN19dMVEWkPdQ815UNkZkSDGG1wY_w6crhEeENztWFBk5kiz6m1w==
PLogo_Color.svg
dev-pyphish-assets.s3.eu-central-1.amazonaws.com/ 		595 B
967 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dev-pyphish-assets.s3.eu-central-1.amazonaws.com/PLogo_Color.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.137.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
68ee59f58cf67b1fd36aee2f5f22949e541e5eb81ae9b60e3e250f557ec70109

Request headers

Referer
https://pyphish.perseus.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 26 Aug 2024 07:42:32 GMT
Last-Modified
Fri, 04 Dec 2020 10:40:34 GMT
Server
AmazonS3
x-amz-request-id
ZYAG4TVAGH9NTZK0
ETag
"78bc3ae9a8d71bc70a4411bdb25902c5"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
595
x-amz-id-2
9MFcnwu5waUSzT4f21mCq3JU7tHXxD9mhROZxWk+opJiJe0na+stf5YYPEVaI/FoduUXhFrFBQRomWd+j4mofg==

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| hj object| _hjSettings function| $ function| jQuery object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager object| google_tag_data object| _snowplow_trackers object| GlobalSnowplowNamespace function| snowplow object| Snowplow

4 Cookies

Domain/Path Name / Value
.perseus.de/ Name: _hjSessionUser_931669
Value: eyJpZCI6IjBkN2Y0OTFkLWJmZTYtNTQ5MC04ZmRjLTcwMTQxYWMxMjcxZSIsImNyZWF0ZWQiOjE3MjQ2NTgxNTE3MTksImV4aXN0aW5nIjpmYWxzZX0=
.perseus.de/ Name: _hjSession_931669
Value: eyJpZCI6ImVkODA0MTI4LTZlMGQtNGVmMy1hMzQ5LWYzZmQ2MmE1YTNlYyIsImMiOjE3MjQ2NTgxNTE3MTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.perseus.de/ Name: spses.31e2
Value: *
.perseus.de/ Name: spid.31e2
Value: 5b7c398c-bf6c-4e45-ab63-623185583ee0.1724658152.1.1724658152.1724658152.9a50f36e-b548-4a50-a35e-9e4cf1ffa960

1 Console Messages

Source Level URL
Text
network error URL: https://emailclient-forward.com-00.de/de/43?tu_rid=4b519967-3a68-4ca7-921f-b0a702b881d5&pm_rid=038bcf4e-8443-48f5-9ca2-decd70944008
Message:
Failed to load resource: the server responded with a status of 404 ()