r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7989fc4a69327c765a7e4e68f46c169b
1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b
b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4767
Expires: Thu, 09 Mar 2023 01:23:21 GMT
Date: Thu, 09 Mar 2023 00:03:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8f33f56c329fe0b1570d2ee3e000ce4e
b11fcecd7cc1210d3f3b4e1426a37d3cd138119e
ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7865
Expires: Thu, 09 Mar 2023 02:14:59 GMT
Date: Thu, 09 Mar 2023 00:03:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Mar 2023 23:08:53 GMT
content-type: application/json
age: 3301
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d096b44c5db01960a5d03dbb2a238c0
8e818de0e82041f2d9edeb14ddaf3916983b3729
8c69b4883e45e3e993ffdf24922c6ff7f0131f1eece0c3d0016137ca29f48d04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C69B4883E45E3E993FFDF24922C6FF7F0131F1EECE0C3D0016137CA29F48D04"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12830
Expires: Thu, 09 Mar 2023 03:37:44 GMT
Date: Thu, 09 Mar 2023 00:03:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 53eY8Gd0pS5zJ74Uw4eYgZ3yv8+jCh3yFn2FL4qRpdrmzDwQs3bd/DLLq/AdX+Jj0db/O95t1Tw=
x-amz-request-id: 4651SKZQ5HCHJVK7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Mar 2023 23:18:10 GMT
age: 2744
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
essostation.de/
92.51.134.215301 Moved Permanently 162 B IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 09 Mar 2023 00:03:54 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.essostation.de/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Mar 2023 00:03:42 GMT
age: 13
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12909
Expires: Thu, 09 Mar 2023 03:39:04 GMT
Date: Thu, 09 Mar 2023 00:03:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5b81dbeab1c469ee4d3db902f401b3cb
d0c5045c8fe088bd1caf0c7ef5a3f6d3dad37117
543857244e057e2f337534924e17b6850f4df5ff6f0b7798cd58feeee3609839
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "543857244E057E2F337534924E17B6850F4DF5FF6F0B7798CD58FEEEE3609839"
Last-Modified: Thu, 09 Mar 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Mar 2023 06:03:55 GMT
Date: Thu, 09 Mar 2023 00:03:55 GMT
Connection: keep-alive
push.services.mozilla.com/
34.209.99.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.209.99.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ScBwu7rTZj79OnJAyb3boA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7Q2vK1D7Yw6x6kFbTbB3GJJCbog=
www.essostation.de/
92.51.134.215200 OK 8.8 kB IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 162952f9cdb269f29993249d87b099fa
217c3952b9d6683179e4435b1932e88a95fe5bfd
054b6fcf73d302206cb496450010c731fd7c2700306d35acff1c696ef7dfceb1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/html; charset=UTF-8
content-length: 8774
link: <https://www.essostation.de/wp-json/>; rel="https://api.w.org/", <https://www.essostation.de/wp-json/wp/v2/pages/102>; rel="alternate"; type="application/json", <https://www.essostation.de/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.13, PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/8qolpLsIe0A
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8qolpLsIe0A
IP 142.250.74.131:0
Hash 5d58ec5f3be11aed2ad2da5291c420f9
8f21a31baf4942d175cddde03071f49d260ca66b
4731eca039ca6eedf0842bfd6bc1adb77bd85b57e762137a5e0aaf00f835fedb
POST /s/gts1d4/8qolpLsIe0A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.usercentrics.eu/latest/main.js
35.190.14.188200 OK 7.8 kB URL HTTP/2 app.usercentrics.eu/latest/main.js
IP 35.190.14.188:0
File type ASCII text, with very long lines (25232)
Hash e9448356bda96e25ac34fd6ed11b738a
5b18cc1021b78ae09c40348b248842aa3a0bca28
c62ab9c774fa99b2dd8c81c76c492d6eea48c2355dd16529250e2974bd1fa261
GET /latest/main.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt3kNiaG7cOVv6qcfyRn4Sd3KDKDTgOpXoTNx_VLr99KmRbXQbuUlB59YXhBBWhAaSTTypzlVC8624_qbtHq6f8dwsI2Xuc
x-goog-generation: 1666097577450067
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7809
x-goog-meta-version: 2.18.1
content-encoding: gzip
x-goog-hash: crc32c=VY37eA==, md5=6USDVr2pbiWsNP1u0Rtzig==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7809
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 08 Mar 2023 15:55:27 GMT
expires: Thu, 09 Mar 2023 15:55:27 GMT
cache-control: public, max-age=86400, no-transform
age: 29309
last-modified: Tue, 18 Oct 2022 12:52:57 GMT
etag: "e9448356bda96e25ac34fd6ed11b738a"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/8qolpLsIe0A
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8qolpLsIe0A
IP 142.250.74.131:0
Hash 5d58ec5f3be11aed2ad2da5291c420f9
8f21a31baf4942d175cddde03071f49d260ca66b
4731eca039ca6eedf0842bfd6bc1adb77bd85b57e762137a5e0aaf00f835fedb
POST /s/gts1d4/8qolpLsIe0A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.essostation.de/wp-includes/css/classic-themes.min.css?ver=1
92.51.134.215200 OK 189 B URL HTTP/2 www.essostation.de/wp-includes/css/classic-themes.min.css?ver=1
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
content-length: 189
x-accel-version: 0.01
last-modified: Sun, 13 Nov 2022 10:33:43 GMT
etag: "d9-5ed57a83288d2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3965
Expires: Thu, 09 Mar 2023 01:10:01 GMT
Date: Thu, 09 Mar 2023 00:03:56 GMT
Connection: keep-alive
www.essostation.de/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.4
92.51.134.215200 OK 4.1 kB URL HTTP/2 www.essostation.de/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.4
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (55156)
Hash fdfee324159bcd8fef4f0d6a2c235cb6
5c6f6c17bf091e6c2e7610314d036734d7b60e36
5a87067c5ea29f6b998509516864a10acb7e3771fd320c1c3897e90d4b946f99
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.4 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-d815"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
92.51.134.215200 OK 1.2 kB URL HTTP/2 www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Hash c23a73455fe2637b33f85a63b1da3b17
43455dabe9b85b5a18c1579d1305a7205dcebf06
1419328a242db27d67dc2399e50852ff2fcd6c25dff683017de129912ebf9391
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 15:55:58 GMT
etag: W/"6344408e-4263"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1
92.51.134.215200 OK 4.2 kB URL HTTP/2 www.essostation.de/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Hash f2b6f112e615071665e89cd95e5f7442
23b05393712be3e2dc8f555ab085bb4bf8cab25a
a8a1da4ff09c84c82d42e6c2ee97835d9b62fa42a8352524c291587c5dd9fbdc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-5970"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3965
Expires: Thu, 09 Mar 2023 01:10:01 GMT
Date: Thu, 09 Mar 2023 00:03:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4985a20c-c5c5-46f5-87f2-600b40b9691d.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4985a20c-c5c5-46f5-87f2-600b40b9691d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 193459785f7b9edc4c0407e12d61670d
69158749f88794aa299b565ff56478652adb34b9
22fc0bc65444635237b1d616240526823193e94a6ad567985c5db416deb315ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4985a20c-c5c5-46f5-87f2-600b40b9691d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6857
x-amzn-requestid: abeb0887-c368-4222-998f-5509c4e2b8ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeuEHmIAMFkqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff91-6650e7e10a8691ad059e5731;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: gI-3pcqkzcd_tCeooBLP4DTmTZYdx0QsWpzyRaIMH2r5YiCewKK3qw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "69158749f88794aa299b565ff56478652adb34b9"
content-type: image/jpeg
age: 8309
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 636ad724875a1b8f978d351d851af52d
61075cafcbfe1c763ab0b1c79540d42e7ae63942
382228b2396099885438936cd087a9bfa2d272160475859123f8a7ec7f5f34c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7206
x-amzn-requestid: bc793a8e-f967-4a1b-81d2-be45c56bd93b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BPorOF-CIAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6402ee47-3e38c6af4234bd164a429258;Sampled=0
x-amzn-remapped-date: Sat, 04 Mar 2023 07:07:51 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Xb2s4bB3o_N7MZTbTBeHvSP-1P_LdQiXcRKYiaZ-s9JAomhrUYyqUg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 20:05:39 GMT
age: 14297
etag: "61075cafcbfe1c763ab0b1c79540d42e7ae63942"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d541504b5777fedb1a4b99770ca977e0
1acb5b7a05f617c8fc7cd6fe420ab72646bfc306
34dfdf8d3d5fa6fed1a6eca3c852301dae86f3765f824d93c26980fb8ac519c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4785
x-amzn-requestid: 57be76f4-6f1b-45d2-bfc1-fc573c56489a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeJEhZIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-5e469b5f2c0adfd619e0e7b4;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: jl-Ed8eQYVXZpU-veP1wAdNiiwQe-ZlApp8BsN7vx7pLBL4FVceI8A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "1acb5b7a05f617c8fc7cd6fe420ab72646bfc306"
content-type: image/jpeg
age: 8309
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45f117a3-8f08-48f5-bd5a-f20af33b43e3.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45f117a3-8f08-48f5-bd5a-f20af33b43e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d60a939fee8b897452ed6400a88f650
f5eff640d7bb6a777066a8a8c5231219c90a60cc
36e9ace57b3456c235682876aa552e5029bf4a03a652cec7d3c94244df43dc07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45f117a3-8f08-48f5-bd5a-f20af33b43e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6987
x-amzn-requestid: e75773d9-34eb-4021-866a-965aa134ccac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO0AFj8oAMFtCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591b2-4e51692f237a9a013fbb3d45;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:38 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: npVTTxGMOW3XSI5ADg6CAHk_jM523sgdeGQnaAUnFbOCpilhf34juQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 07:25:21 GMT
age: 59915
etag: "f5eff640d7bb6a777066a8a8c5231219c90a60cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67e27efd23f4d42e2f93102e05955859
3ebc9abd817182d697acfd947000f106914b9098
5d1a4a50802f50798d120468ba28f157cbe1cf8547f66ac3d6b3a138c6d25a24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14298
x-amzn-requestid: b11be846-5ff7-442c-a0e3-7876f696d1c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BMVaDHsFoAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64019c40-6503274d0b174c1e0d7a8c6e;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 07:05:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: HlfjvVuC_eLZJ_HYVKLxy_qwnFFQJkfVm3UKa8ajIUb6alnnZd1XqA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 16:59:13 GMT
age: 25483
etag: "3ebc9abd817182d697acfd947000f106914b9098"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.essostation.de/wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.4
92.51.134.215200 OK 22 kB URL HTTP/2 www.essostation.de/wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.4
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (65317)
Hash f59a5cd3c2bdeb72173ce3568799f823
29b6ea8469176276a884d2367bfb302d1ffbb390
0615b27f6abcc311bc6b78c25a1ea9db7da64fb7e652dd20907b8c557664606a
GET /wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.4 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-1f915"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9
92.51.134.215200 OK 188 B URL HTTP/2 www.essostation.de/wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Hash 5564765b1e25a8a6d87f82acde081ace
ffd8d0eadb65a6eeb735d370855f4ccba5609fac
b0cb59621ff399cb912013cd0370ff8f91b7c088080305263527ed394bdb94fd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
content-length: 188
x-accel-version: 0.01
last-modified: Tue, 01 Nov 2022 08:10:08 GMT
etag: "14f-5ec64409aff4a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/53CmoK1yQMs
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/53CmoK1yQMs
IP 142.250.74.131:0
Hash fe5d736b14b4c6b309c39a3fece22357
c4bd277f4d29d3982728637df47990e057130b16
4ee18132d0f806ffc9ed76671ff736e3c9654e464b27af8216d77dc644cf9946
POST /s/gts1d4/53CmoK1yQMs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.usercentrics.eu/settings/h12GI7Dwh/latest/de.json
35.241.3.184200 OK 7.7 kB URL HTTP/2 api.usercentrics.eu/settings/h12GI7Dwh/latest/de.json
IP 35.241.3.184:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (23195), with no line terminators
Hash aa8772f766c8686e51dca01eb2d5f28f
30ed8a748c126c2a4de20e33752d7f2c3f3791b4
f4b818ecbdd2faaae56f2c0d4cfe143dff547f3a9464d7a92b3cd3f6e5d2f5bd
GET /settings/h12GI7Dwh/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.essostation.de/
Origin: https://www.essostation.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtWp4ULP6mVBo5y9gHamhoffhQxLqvjAL3CRlj2bw8ZsTmb84aDjJ15URkuF5tCyMGQ4jTQBCUhxBEut3OYmJRGGg
date: Thu, 09 Mar 2023 00:03:57 GMT
cache-control: public, max-age=1800, s-maxage=10
expires: Thu, 09 Mar 2023 00:04:07 GMT
last-modified: Thu, 16 Feb 2023 09:02:52 GMT
etag: "aa8772f766c8686e51dca01eb2d5f28f"
vary: Accept-Encoding
x-goog-generation: 1676538172235364
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7697
content-type: application/json
content-encoding: gzip
x-goog-hash: crc32c=9nTiyw==, md5=qody92bIaG5R3KAestXyjw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7697
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/53CmoK1yQMs
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/53CmoK1yQMs
IP 142.250.74.131:0
Hash fe5d736b14b4c6b309c39a3fece22357
c4bd277f4d29d3982728637df47990e057130b16
4ee18132d0f806ffc9ed76671ff736e3c9654e464b27af8216d77dc644cf9946
POST /s/gts1d4/53CmoK1yQMs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.essostation.de/wp-content/uploads/2020/05/Christ-Wash-Systems.jpg
92.51.134.215200 OK 94 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2020/05/Christ-Wash-Systems.jpg
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1140x855, components 3\012- data
Hash 8aa0c7c11795dcc15b1c3799e9c62d4f
7eaf810bc8ea73770f46fd1fcd4857cbb0efb1fd
08759071050bb8efeedfae6130fa62560932ba5676c00b318e776aab053af298
GET /wp-content/uploads/2020/05/Christ-Wash-Systems.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 94262
last-modified: Sat, 30 May 2020 10:28:38 GMT
etag: "5ed23556-17036"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/2019/04/VARIUS_Schaumwaesche_frontansicht_02-2-large.jpg
92.51.134.215200 OK 93 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2019/04/VARIUS_Schaumwaesche_frontansicht_02-2-large.jpg
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=4181, bps=0, compression=none, PhotometricIntepretation=RGB, manufacturer=Sinar AG, model=Sinarback 54 M, Hasselblad, orientation=upper-left, width=5440], baseline, precision 8, 480x375, components 3\012- data
Hash e9afdd98241131fc9b27f76bc3f0630a
db55e9de7aa5dcf6d2dff9d89a73ba2f51430fbc
ca72ebeff542b3497a818ac002823bfc8d9869cf17910f91c27819e832e76575
GET /wp-content/uploads/2019/04/VARIUS_Schaumwaesche_frontansicht_02-2-large.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 93302
last-modified: Sun, 14 Apr 2019 08:40:26 GMT
etag: "5cb2f1fa-16c76"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/2020/05/Esso_Station_Leushake_1-1.jpg
92.51.134.215200 OK 227 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2020/05/Esso_Station_Leushake_1-1.jpg
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1600x800, components 3\012- data
Size 227 kB (226551 bytes)
Hash 58dd87532a63b4d5a3afac10c3c0a8ad
55d36a16798f73bc00ea6a124a859c892db40738
762140b9ca89b597b179456f5eaa0f5b9409ab2755753d337bfd74c573763150
GET /wp-content/uploads/2020/05/Esso_Station_Leushake_1-1.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 226551
last-modified: Fri, 29 May 2020 14:47:42 GMT
etag: "5ed1208e-374f7"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-600.woff2?v=1665417354
92.51.134.215200 OK 32 kB URL HTTP/2 www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-600.woff2?v=1665417354
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 31544, version 1.0\012- data
Hash 55f67229ec0d330d80d94ed5a971131e
ddf443d4a288a984b0a4769825666ddc9d382952
a3b0b56f63a65241540c15abea1c3eca10edafa94f4f212e1ff526511d888298
GET /wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-600.woff2?v=1665417354 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: font/woff2
content-length: 31544
last-modified: Mon, 10 Oct 2022 15:55:55 GMT
etag: "6344408b-7b38"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-800.woff2?v=1665417354
92.51.134.215200 OK 32 kB URL HTTP/2 www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-800.woff2?v=1665417354
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 31468, version 1.0\012- data
Hash 59f26ee6f0acf6f8d1d1d1295de6a012
1e44acb72f9ca563336ae35f29008a4d208c352a
699835970bc3a29625c6e86b681d1a71a45636d2dcbb9de075520b4f8a51fb10
GET /wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-800.woff2?v=1665417354 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: font/woff2
content-length: 31468
last-modified: Mon, 10 Oct 2022 15:55:56 GMT
etag: "6344408c-7aec"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1
92.51.134.215200 OK 23 kB URL HTTP/2 www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Hash aab909c93bcfab5a09785935ad780d81
41940c8ed0ec626625285d531b026a48ad685ed8
cfbb1f4ee1b0d8875f401693a215181fffa77ee60d3df2a18f87f294d583c1f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 02:41:01 GMT
etag: W/"637c36bd-9df"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6
92.51.134.215200 OK 36 kB URL HTTP/2 www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type Generic INItialization configuration []\012- , ASCII text, with very long lines (310), with CRLF line terminators
Hash 94c8f4544f85113a01b4ee5fb86b6b49
fadfdeee4a7770e35bbf8cd86b439d01d33a2907
a82ce996d4e40710a78a85d5a537c2919184a24049cf36425395d2900fd30ced
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 02:41:01 GMT
etag: W/"637c36bd-532c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/2020/05/cropped-Logo-ESSO-STATION-LEUSHAKE-IN-HERTEN-2.gif
92.51.134.215200 OK 13 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2020/05/cropped-Logo-ESSO-STATION-LEUSHAKE-IN-HERTEN-2.gif
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type GIF image data, version 89a, 1090 x 100\012- data
Hash 144f36f7e3ea5683b59e0b544ca14751
8884171adc6374bf973defcfe6cc693536834b63
607e345d717f60cde36c8d4460338dddc15ad094a2db7650973861a0ba0f4de3
GET /wp-content/uploads/2020/05/cropped-Logo-ESSO-STATION-LEUSHAKE-IN-HERTEN-2.gif HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: image/gif
content-length: 12726
last-modified: Sat, 30 May 2020 15:07:31 GMT
etag: "5ed276b3-31b6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule.jpg
92.51.134.215200 OK 454 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule.jpg
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1600x800, components 3\012- data
Size 454 kB (454133 bytes)
Hash c3f7d6a951dd4018b9354ead3a72ff74
fb097c548211d6869f455ffbdd831e80eddab28f
caeaf4b86149f56ae96c3986b047b3426c0bb4cb6982aaf24ab881049f9eb83b
GET /wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 454133
last-modified: Sat, 30 May 2020 09:23:28 GMT
etag: "5ed22610-6edf5"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
92.51.134.215200 OK 77 kB URL HTTP/2 www.essostation.de/wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.essostation.de/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: font/woff2
content-length: 77160
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: "63df5b60-12d68"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule-Icon.jpg
92.51.134.215200 OK 310 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule-Icon.jpg
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1166x798, components 3\012- data
Size 310 kB (310051 bytes)
Hash b86805287d0dc8308d1b56866bec0de8
0cc52c98d9e211e46c01c8ce7bd0a60dd85ffe0e
917c3b87e589d677f515c340549a111c947d95248bb830bd95727c9e17df0e63
GET /wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule-Icon.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 310051
last-modified: Sat, 30 May 2020 12:44:35 GMT
etag: "5ed25533-4bb23"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/2020/05/essostation-herten-shopLeushake.jpg
92.51.134.215200 OK 649 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2020/05/essostation-herten-shopLeushake.jpg
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1600x1067, components 3\012- data
Size 649 kB (648934 bytes)
Hash 020482f12f336d43f08573de433e505d
9ffc0adffbd83dcf692da9660726016f24ca4fed
e793c938235d8cb640fef397131f0d009d21e09cd79325c269fc28fd0a6f17c2
GET /wp-content/uploads/2020/05/essostation-herten-shopLeushake.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 648934
last-modified: Sat, 30 May 2020 09:45:01 GMT
etag: "5ed22b1d-9e6e6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/open-sans-v34-latin-300italic.woff2?v=1665417354
92.51.134.215200 OK 24 kB URL HTTP/2 www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/open-sans-v34-latin-300italic.woff2?v=1665417354
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 23712, version 1.0\012- data
Hash bb4154746478a3dd008a8835506e35c0
315a1b2407c69d3a337b3a148a7dd3b53015b70c
9e055f2b91664dd7ecb10a5e20a5df82d2deca7fe00a9de0d146be0097a06ae6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/open-sans-v34-latin-300italic.woff2?v=1665417354 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: font/woff2
content-length: 23712
last-modified: Mon, 10 Oct 2022 15:55:57 GMT
etag: "6344408d-5ca0"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.essostation.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
92.51.134.215200 OK 52 kB URL HTTP/2 www.essostation.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type ASCII text, with very long lines (65447)
Hash f2c32f49621cc899ed2f7e548b9e2fde
2893d85d1b7646fc6e756ecfb3a9bc4a09a885d7
0edf089102554027c6370d56ba9427e1217d2c3acfe544bc027440efad41f78c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 10:33:42 GMT
etag: W/"6370c806-15e54"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/UbwzmJckskg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/UbwzmJckskg
IP 142.250.74.131:0
Hash a48427cfe6a47fea85c38369e713ef9f
38ac1d050ba1ce6a42577b327be0d18023b56d4c
4e46d94fc3c5c7386b91cae42b9ed1c9dd23c7951987e64475e41761cf69a2d0
POST /s/gts1d4/UbwzmJckskg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/UbwzmJckskg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/UbwzmJckskg
IP 142.250.74.131:0
Hash a48427cfe6a47fea85c38369e713ef9f
38ac1d050ba1ce6a42577b327be0d18023b56d4c
4e46d94fc3c5c7386b91cae42b9ed1c9dd23c7951987e64475e41761cf69a2d0
POST /s/gts1d4/UbwzmJckskg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
IP 142.250.74.131:0
Hash 74108c735d1c174120a6607cc1d6fd8b
52077f4a4d62c24cb2a7ce60c357fd9cd46278f4
57f8f08be0cd9b39111f0a8235211c0b72981e7a941eb43a9aff25926f6aaedb
POST /s/gts1d4/hLyX0RmlxZg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.essostation.de/wp-content/uploads/2019/04/cropped-unnamed-192x192.png
92.51.134.215200 OK 29 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2019/04/cropped-unnamed-192x192.png
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 527f5e27ba428adffa8949e791501a3c
dc8e951722a59914c3e4f113e87b83bca4ae6543
7444f6979dd88b12d83721325c1fb54894f60a16dfd8fd61b32e4db9fe59f34d
GET /wp-content/uploads/2019/04/cropped-unnamed-192x192.png HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: image/png
content-length: 28827
last-modified: Fri, 29 May 2020 14:17:36 GMT
etag: "5ed11980-709b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
IP 142.250.74.131:0
Hash 74108c735d1c174120a6607cc1d6fd8b
52077f4a4d62c24cb2a7ce60c357fd9cd46278f4
57f8f08be0cd9b39111f0a8235211c0b72981e7a941eb43a9aff25926f6aaedb
POST /s/gts1d4/hLyX0RmlxZg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.essostation.de/wp-content/uploads/2019/04/cropped-unnamed-32x32.png
92.51.134.215200 OK 2.0 kB URL HTTP/2 www.essostation.de/wp-content/uploads/2019/04/cropped-unnamed-32x32.png
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 64c6cd4e6f560f8837e87959ac867312
c1152f81412f5a0d83964a404328a065b2d67a78
eeb392c10dff2eab8d016e1ae9030a3b9816f27f7c4585985d63b004d71266c6
GET /wp-content/uploads/2019/04/cropped-unnamed-32x32.png HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: image/png
content-length: 2026
last-modified: Fri, 29 May 2020 14:17:37 GMT
etag: "5ed11981-7ea"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
graphql.usercentrics.eu/graphql
34.120.238.166204 No Content 0 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.essostation.de/
Origin: https://www.essostation.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 09 Mar 2023 00:03:57 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
IP 142.250.74.131:0
Hash 74108c735d1c174120a6607cc1d6fd8b
52077f4a4d62c24cb2a7ce60c357fd9cd46278f4
57f8f08be0cd9b39111f0a8235211c0b72981e7a941eb43a9aff25926f6aaedb
POST /s/gts1d4/hLyX0RmlxZg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
graphql.usercentrics.eu/graphql
34.120.238.166200 OK 702 B URL HTTP/2 graphql.usercentrics.eu/graphql
IP 34.120.238.166:0
Hash 68a2c82dacc01881bc04f428dbc8a832
7197301af69d02fe6da14d489cc0b6975a34a94f
e5ba9ba7bcb69e0dfb8158ef73f16856b70f7915993f6c6b733013dcc3e7b1fc
POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.essostation.de/
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 871ecfd6-cd18-481b-8cfe-9e382dff31dc
Origin: https://www.essostation.de
Content-Length: 1536
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"118-wKkDTwbbJc5qEDmrkaPz8d2gCTQ"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
uc.e-recht24.de/erecht24_logo_white.png
159.69.24.179200 2.9 kB URL HTTP/1.1 uc.e-recht24.de/erecht24_logo_white.png
IP 159.69.24.179:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 98 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ce60860fb4697564e38580a4709ec5c
9806460f6b62a69a9652f8d17afaef69c3e8c287
933400df86c19613e2f9e127e098a0a8eb9e3d9870c8bbcbb8f234629cee5b74
GET /erecht24_logo_white.png HTTP/1.1
Host: uc.e-recht24.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 09 Mar 2023 00:03:57 GMT
Content-Type: image/png
Content-Length: 2889
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 13 Feb 2023 13:36:47 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Expires: Sat, 09 Mar 2024 00:03:57 GMT
X-Frame-Options: DENY
Pragma: no-cache, public
Cache-Control: max-age=31622400, public
www.essostation.de/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
92.51.134.215200 OK 0 B URL HTTP/2 www.essostation.de/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 02:42:11 GMT
etag: W/"63744e03-172a9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
92.51.134.215200 OK 0 B URL HTTP/2 www.essostation.de/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
GET /wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-792c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/themes/onepress/style.css?ver=6.1.1
92.51.134.215200 OK 0 B URL HTTP/2 www.essostation.de/wp-content/themes/onepress/style.css?ver=6.1.1
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/onepress/style.css?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-1894d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4
92.51.134.215200 OK 0 B URL HTTP/2 www.essostation.de/wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-26476"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
92.51.134.215200 OK 0 B URL HTTP/2 www.essostation.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Fri, 16 Apr 2021 01:38:17 GMT
etag: W/"6078ea89-2bd8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1
92.51.134.215200 OK 0 B URL HTTP/2 www.essostation.de/wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-ad3b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/onepress-plus.css?ver=2.3.6
92.51.134.215200 OK 0 B URL HTTP/2 www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/onepress-plus.css?ver=2.3.6
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/onepress-plus.css?ver=2.3.6 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Tue, 22 Nov 2022 02:41:01 GMT
etag: W/"637c36bd-4d44"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.6,abGHajF1@6.0.1
34.120.28.121200 OK 0 B URL HTTP/2 aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.6,abGHajF1@6.0.1
IP 34.120.28.121:0
GET /aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.6,abGHajF1@6.0.1 HTTP/1.1
Host: aggregator.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.essostation.de/
Origin: https://www.essostation.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding, accept-encoding
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: public,max-age=604800
etag: "1qyrkn"
content-encoding: br
date: Thu, 09 Mar 2023 00:03:57 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.essostation.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
92.51.134.215200 OK 0 B URL HTTP/2 www.essostation.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 92.51.134.215:0
ASN #8972 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Sat, 11 Jun 2022 06:40:58 GMT
etag: W/"62a438fa-48b9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2