Report - essostation.de/

Report Overview

Submitted URL
essostation.de/
IP
92.51.134.215
ASN
#8972 Host Europe GmbH
Submitted
2023-03-09 00:04:06
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
app.usercentrics.eu	12624	2018-08-08T11:42:22Z	2023-03-25T08:18:27Z	372 B	8.8 kB	35.190.14.188
api.usercentrics.eu	11845	2018-04-17T10:09:01Z	2023-03-25T06:05:47Z	423 B	8.7 kB	35.241.3.184
essostation.de	unknown	2019-04-14T10:13:38Z	2023-03-16T03:04:42Z	346 B	355 B	92.51.134.215
www.essostation.de	unknown	2017-02-04T19:02:07Z	2023-03-09T01:03:54Z	15 kB	2.2 MB	92.51.134.215
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-25T05:09:34Z	3.2 kB	6.4 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-24T16:33:49Z	2.7 kB	45 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T05:09:02Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-24T18:20:20Z	413 B	5.9 kB	34.160.144.191
aggregator.service.usercentrics.eu	14703	2020-07-29T15:16:57Z	2023-03-25T18:48:46Z	481 B	366 B	34.120.28.121
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-24T18:14:23Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-25T05:09:25Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-24T18:17:07Z	606 B	127 B	34.209.99.129
graphql.usercentrics.eu	14191	2018-08-08T11:42:38Z	2023-03-25T11:07:47Z	1.1 kB	1.5 kB	34.120.238.166
uc.e-recht24.de	386358	2021-02-25T10:55:23Z	2023-03-25T17:06:22Z	398 B	3.4 kB	159.69.24.179

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-09	medium	essostation.de/	Phishing
2023-03-09	medium	www.essostation.de/	Phishing
2023-03-09	medium	www.essostation.de/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2023-03-09	medium	www.essostation.de/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.4	Phishing
2023-03-09	medium	www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358	Phishing
2023-03-09	medium	www.essostation.de/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1	Phishing
2023-03-09	medium	www.essostation.de/wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9	Phishing
2023-03-09	medium	www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1	Phishing
2023-03-09	medium	www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6	Phishing
2023-03-09	medium	www.essostation.de/wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0	Phishing
2023-03-09	medium	www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/open-sans-v34-latin-300italic.woff2?v=1665417354	Phishing
2023-03-09	medium	www.essostation.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2023-03-09	medium	www.essostation.de/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2023-03-09	medium	www.essostation.de/wp-content/themes/onepress/style.css?ver=6.1.1	Phishing
2023-03-09	medium	www.essostation.de/wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4	Phishing
2023-03-09	medium	www.essostation.de/wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1	Phishing
2023-03-09	medium	www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/onepress-plus.css?ver=2.3.6	Phishing
2023-03-09	medium	www.essostation.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1	2.5 kB	2023-03-07	2024-02-26
Pretty URL www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1 IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:46 Last Seen2024-02-26 17:23:24 Times Seen46 Hash 73fb81e193c5e667dc6e7389e37d67b5 bb5698d5f643c74678a4da7c674f6cdb2b4173b9 b141da8911457cd595d68ee6b6a924cc3fa8b0124b877cef0c92bf62de254933 Loading...

	www.essostation.de/	2.2 kB	2023-03-11	2023-03-26
Pretty URL www.essostation.de/ IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:36:01 Last Seen2023-03-26 00:04:06 Times Seen2 Hash 45ba02287f174dca285d6bdaa741a591 51520317f27855b65022399d4b50f9760591dad3 55bed8a8089ca6a686bc83901af0410b79d842798456ab814f63e0a32208d676 Loading...

	app.usercentrics.eu/latest/main.js	25 kB	2023-03-07	2024-04-18
Pretty URL app.usercentrics.eu/latest/main.js IP 35.190.14.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:06 Last Seen2024-04-18 15:22:55 Times Seen360 Hash 2f6ee33ec707f2be99eab89a14bf538d f2164827c88ba17ef1488c6c976b27cc1376f2a3 c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b Loading...

	app.usercentrics.eu/latest/bundle.js	1.2 MB	2023-03-08	2024-04-18
Pretty URL app.usercentrics.eu/latest/bundle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:03:34 Last Seen2024-04-18 15:22:53 Times Seen276 Hash 6cfb75735980ceeeb2cb1b0ec5c47499 63e1ef864831ed7c2a73058472b8c94c4bbb77ef 39e0136306d0dfd62d513db4eb0d2ea1a831ff00edf00446de67b031e6a6b9b1 Loading...

	www.essostation.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-19
Pretty URL www.essostation.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 20:39:52 Times Seen37996 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.essostation.de/	388 B	2023-03-14	2024-04-18
Pretty URL www.essostation.de/ IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 14:55:31 Last Seen2024-04-18 13:14:13 Times Seen38 Hash e003d164270ba93621b004aec8fc7b88 b4ce249e80eef3abac43de123bdc3d3bb7c66b29 14abf569b9522c0c31f14d43436bf3043dd4590fa33453d3b19a1cefa7ab5525 Loading...

	www.essostation.de/wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9	335 B	2023-03-07	2023-08-14
Pretty URL www.essostation.de/wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9 IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:51:24 Last Seen2023-08-14 15:53:29 Times Seen8 Hash 99946d36fe76c0279fe8a56956fbc58d 41982acbd90e8c419cf18b9473f7977cdccfe166 1429f04e175a24c339971253b98b2d9b09f3060bf058bb29a0de624737a2be73 Loading...

	www.essostation.de/	220 B	2023-03-07	2023-03-26
Pretty URL www.essostation.de/ IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:16 Last Seen2023-03-26 00:04:06 Times Seen2 Hash 46ec95af27bfd5e89040911b11be82bf 8482f339775c4051e609c80f9e2808a200da06fb 82d5bff8d6159d38c6f68f3dc7e6875a284759c2c644f46b29b272fab37bca3d Loading...

	www.essostation.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-19
Pretty URL www.essostation.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 20:39:51 Times Seen31782 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	www.essostation.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL www.essostation.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:21 Times Seen68500 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.essostation.de/wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4	157 kB	2023-03-14	2024-04-18
Pretty URL www.essostation.de/wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4 IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 18:35:25 Last Seen2024-04-18 13:14:13 Times Seen179 Hash 9aaeb46af63ee8d4d45082dd8d810512 9a65eb8d2466f32ecd02ed57146101aadca593cd 998ee801593bda96deb363ae0e760aae04f26f1f6dafd0b5f7d4debbd804f4c7 Loading...

	www.essostation.de/wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1	44 kB	2023-03-07	2024-04-05
Pretty URL www.essostation.de/wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1 IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:46 Last Seen2024-04-05 13:28:14 Times Seen112 Hash 2f81c8e306ab721a8bc7037b418cb403 c4ee8df80214724dcca2d44342deeb9d606fd219 ef52ead07fdb220ecd63baa9d08c80142239de79e4e1e4a1b15298f9d075950b Loading...

	www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6	21 kB	2023-03-10	2024-02-26
Pretty URL www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6 IP 92.51.134.215 ASN #8972 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:44:21 Last Seen2024-02-26 17:23:25 Times Seen14 Hash 0cec8a56c400d09ce30636240780b375 c3378dca28ee0078454c0ce2454a8a2073458b9b 9887a1a0ec7758ad1f68cdf617a8bc8e4516cdad1f4d178f900764d32348ba48 Loading...

HTTP Transactions (64)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7989fc4a69327c765a7e4e68f46c169b
1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b
b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4767
Expires: Thu, 09 Mar 2023 01:23:21 GMT
Date: Thu, 09 Mar 2023 00:03:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8f33f56c329fe0b1570d2ee3e000ce4e
b11fcecd7cc1210d3f3b4e1426a37d3cd138119e
ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7865
Expires: Thu, 09 Mar 2023 02:14:59 GMT
Date: Thu, 09 Mar 2023 00:03:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Mar 2023 23:08:53 GMT
content-type: application/json
age: 3301
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d096b44c5db01960a5d03dbb2a238c0
8e818de0e82041f2d9edeb14ddaf3916983b3729
8c69b4883e45e3e993ffdf24922c6ff7f0131f1eece0c3d0016137ca29f48d04

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C69B4883E45E3E993FFDF24922C6FF7F0131F1EECE0C3D0016137CA29F48D04"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12830
Expires: Thu, 09 Mar 2023 03:37:44 GMT
Date: Thu, 09 Mar 2023 00:03:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 53eY8Gd0pS5zJ74Uw4eYgZ3yv8+jCh3yFn2FL4qRpdrmzDwQs3bd/DLLq/AdX+Jj0db/O95t1Tw=
x-amz-request-id: 4651SKZQ5HCHJVK7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Mar 2023 23:18:10 GMT
age: 2744
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

essostation.de/

92.51.134.215

301 Moved Permanently

162 B

URL HTTP/1.1
essostation.de/
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 09 Mar 2023 00:03:54 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.essostation.de/

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Mar 2023 00:03:42 GMT
age: 13
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12909
Expires: Thu, 09 Mar 2023 03:39:04 GMT
Date: Thu, 09 Mar 2023 00:03:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b81dbeab1c469ee4d3db902f401b3cb
d0c5045c8fe088bd1caf0c7ef5a3f6d3dad37117
543857244e057e2f337534924e17b6850f4df5ff6f0b7798cd58feeee3609839

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "543857244E057E2F337534924E17B6850F4DF5FF6F0B7798CD58FEEEE3609839"
Last-Modified: Thu, 09 Mar 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Mar 2023 06:03:55 GMT
Date: Thu, 09 Mar 2023 00:03:55 GMT
Connection: keep-alive

push.services.mozilla.com/

34.209.99.129

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.209.99.129:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ScBwu7rTZj79OnJAyb3boA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7Q2vK1D7Yw6x6kFbTbB3GJJCbog=

www.essostation.de/

92.51.134.215

200 OK

8.8 kB

URL HTTP/2
www.essostation.de/
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size
8.8 kB (8774 bytes)
Hash
162952f9cdb269f29993249d87b099fa
217c3952b9d6683179e4435b1932e88a95fe5bfd
054b6fcf73d302206cb496450010c731fd7c2700306d35acff1c696ef7dfceb1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/html; charset=UTF-8
content-length: 8774
link: <https://www.essostation.de/wp-json/>; rel="https://api.w.org/", <https://www.essostation.de/wp-json/wp/v2/pages/102>; rel="alternate"; type="application/json", <https://www.essostation.de/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.13, PleskLin
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/8qolpLsIe0A

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/8qolpLsIe0A
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d58ec5f3be11aed2ad2da5291c420f9
8f21a31baf4942d175cddde03071f49d260ca66b
4731eca039ca6eedf0842bfd6bc1adb77bd85b57e762137a5e0aaf00f835fedb

HTTP Headers

POST /s/gts1d4/8qolpLsIe0A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.usercentrics.eu/latest/main.js

35.190.14.188

200 OK

7.8 kB

URL HTTP/2
app.usercentrics.eu/latest/main.js
IP
35.190.14.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (25232)
Size
7.8 kB (7809 bytes)
Hash
e9448356bda96e25ac34fd6ed11b738a
5b18cc1021b78ae09c40348b248842aa3a0bca28
c62ab9c774fa99b2dd8c81c76c492d6eea48c2355dd16529250e2974bd1fa261

HTTP Headers

GET /latest/main.js HTTP/1.1
Host: app.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdt3kNiaG7cOVv6qcfyRn4Sd3KDKDTgOpXoTNx_VLr99KmRbXQbuUlB59YXhBBWhAaSTTypzlVC8624_qbtHq6f8dwsI2Xuc
x-goog-generation: 1666097577450067
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7809
x-goog-meta-version: 2.18.1
content-encoding: gzip
x-goog-hash: crc32c=VY37eA==, md5=6USDVr2pbiWsNP1u0Rtzig==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7809
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 08 Mar 2023 15:55:27 GMT
expires: Thu, 09 Mar 2023 15:55:27 GMT
cache-control: public, max-age=86400, no-transform
age: 29309
last-modified: Tue, 18 Oct 2022 12:52:57 GMT
etag: "e9448356bda96e25ac34fd6ed11b738a"
content-type: application/javascript
strict-transport-security: max-age=7776000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/8qolpLsIe0A

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/8qolpLsIe0A
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d58ec5f3be11aed2ad2da5291c420f9
8f21a31baf4942d175cddde03071f49d260ca66b
4731eca039ca6eedf0842bfd6bc1adb77bd85b57e762137a5e0aaf00f835fedb

HTTP Headers

POST /s/gts1d4/8qolpLsIe0A HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.essostation.de/wp-includes/css/classic-themes.min.css?ver=1

92.51.134.215

200 OK

189 B

URL HTTP/2
www.essostation.de/wp-includes/css/classic-themes.min.css?ver=1
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
content-length: 189
x-accel-version: 0.01
last-modified: Sun, 13 Nov 2022 10:33:43 GMT
etag: "d9-5ed57a83288d2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3965
Expires: Thu, 09 Mar 2023 01:10:01 GMT
Date: Thu, 09 Mar 2023 00:03:56 GMT
Connection: keep-alive

www.essostation.de/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.4

92.51.134.215

200 OK

4.1 kB

URL HTTP/2
www.essostation.de/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.4
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
ASCII text, with very long lines (55156)
Size
4.1 kB (4084 bytes)
Hash
fdfee324159bcd8fef4f0d6a2c235cb6
5c6f6c17bf091e6c2e7610314d036734d7b60e36
5a87067c5ea29f6b998509516864a10acb7e3771fd320c1c3897e90d4b946f99

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.4 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-d815"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358

92.51.134.215

200 OK

1.2 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
ASCII text
Size
1.2 kB (1183 bytes)
Hash
c23a73455fe2637b33f85a63b1da3b17
43455dabe9b85b5a18c1579d1305a7205dcebf06
1419328a242db27d67dc2399e50852ff2fcd6c25dff683017de129912ebf9391

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 15:55:58 GMT
etag: W/"6344408e-4263"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1

92.51.134.215

200 OK

4.2 kB

URL HTTP/2
www.essostation.de/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
ASCII text
Size
4.2 kB (4227 bytes)
Hash
f2b6f112e615071665e89cd95e5f7442
23b05393712be3e2dc8f555ab085bb4bf8cab25a
a8a1da4ff09c84c82d42e6c2ee97835d9b62fa42a8352524c291587c5dd9fbdc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-5970"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3965
Expires: Thu, 09 Mar 2023 01:10:01 GMT
Date: Thu, 09 Mar 2023 00:03:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4985a20c-c5c5-46f5-87f2-600b40b9691d.jpeg

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4985a20c-c5c5-46f5-87f2-600b40b9691d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6857 bytes)
Hash
193459785f7b9edc4c0407e12d61670d
69158749f88794aa299b565ff56478652adb34b9
22fc0bc65444635237b1d616240526823193e94a6ad567985c5db416deb315ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4985a20c-c5c5-46f5-87f2-600b40b9691d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6857
x-amzn-requestid: abeb0887-c368-4222-998f-5509c4e2b8ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeuEHmIAMFkqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff91-6650e7e10a8691ad059e5731;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: gI-3pcqkzcd_tCeooBLP4DTmTZYdx0QsWpzyRaIMH2r5YiCewKK3qw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "69158749f88794aa299b565ff56478652adb34b9"
content-type: image/jpeg
age: 8309
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7206 bytes)
Hash
636ad724875a1b8f978d351d851af52d
61075cafcbfe1c763ab0b1c79540d42e7ae63942
382228b2396099885438936cd087a9bfa2d272160475859123f8a7ec7f5f34c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e099794-4e7d-4d03-a39a-3ce385884bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7206
x-amzn-requestid: bc793a8e-f967-4a1b-81d2-be45c56bd93b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BPorOF-CIAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6402ee47-3e38c6af4234bd164a429258;Sampled=0
x-amzn-remapped-date: Sat, 04 Mar 2023 07:07:51 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Xb2s4bB3o_N7MZTbTBeHvSP-1P_LdQiXcRKYiaZ-s9JAomhrUYyqUg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 20:05:39 GMT
age: 14297
etag: "61075cafcbfe1c763ab0b1c79540d42e7ae63942"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4785 bytes)
Hash
d541504b5777fedb1a4b99770ca977e0
1acb5b7a05f617c8fc7cd6fe420ab72646bfc306
34dfdf8d3d5fa6fed1a6eca3c852301dae86f3765f824d93c26980fb8ac519c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9da3492d-91de-45e4-82a1-51dec7e4ba28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4785
x-amzn-requestid: 57be76f4-6f1b-45d2-bfc1-fc573c56489a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BezeJEhZIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6408ff8d-5e469b5f2c0adfd619e0e7b4;Sampled=0
x-amzn-remapped-date: Wed, 08 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: jl-Ed8eQYVXZpU-veP1wAdNiiwQe-ZlApp8BsN7vx7pLBL4FVceI8A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 21:45:27 GMT
etag: "1acb5b7a05f617c8fc7cd6fe420ab72646bfc306"
content-type: image/jpeg
age: 8309
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45f117a3-8f08-48f5-bd5a-f20af33b43e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6987 bytes)
Hash
2d60a939fee8b897452ed6400a88f650
f5eff640d7bb6a777066a8a8c5231219c90a60cc
36e9ace57b3456c235682876aa552e5029bf4a03a652cec7d3c94244df43dc07

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45f117a3-8f08-48f5-bd5a-f20af33b43e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6987
x-amzn-requestid: e75773d9-34eb-4021-866a-965aa134ccac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO0AFj8oAMFtCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591b2-4e51692f237a9a013fbb3d45;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:38 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: npVTTxGMOW3XSI5ADg6CAHk_jM523sgdeGQnaAUnFbOCpilhf34juQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 07:25:21 GMT
age: 59915
etag: "f5eff640d7bb6a777066a8a8c5231219c90a60cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14298 bytes)
Hash
67e27efd23f4d42e2f93102e05955859
3ebc9abd817182d697acfd947000f106914b9098
5d1a4a50802f50798d120468ba28f157cbe1cf8547f66ac3d6b3a138c6d25a24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F960ff4d1-e33e-41a5-aaa4-f54039dbc85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14298
x-amzn-requestid: b11be846-5ff7-442c-a0e3-7876f696d1c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BMVaDHsFoAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64019c40-6503274d0b174c1e0d7a8c6e;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 07:05:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: HlfjvVuC_eLZJ_HYVKLxy_qwnFFQJkfVm3UKa8ajIUb6alnnZd1XqA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Mar 2023 16:59:13 GMT
age: 25483
etag: "3ebc9abd817182d697acfd947000f106914b9098"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.essostation.de/wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.4

92.51.134.215

200 OK

22 kB

URL HTTP/2
www.essostation.de/wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.4
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
ASCII text, with very long lines (65317)
Size
22 kB (21731 bytes)
Hash
f59a5cd3c2bdeb72173ce3568799f823
29b6ea8469176276a884d2367bfb302d1ffbb390
0615b27f6abcc311bc6b78c25a1ea9db7da64fb7e652dd20907b8c557664606a

HTTP Headers

GET /wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.4 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-1f915"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9

92.51.134.215

200 OK

188 B

URL HTTP/2
www.essostation.de/wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
ASCII text
Size
188 B (188 bytes)
Hash
5564765b1e25a8a6d87f82acde081ace
ffd8d0eadb65a6eeb735d370855f4ccba5609fac
b0cb59621ff399cb912013cd0370ff8f91b7c088080305263527ed394bdb94fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/usercentrics-consent-management-platform/public/js/usercentrics-public.js?ver=1.0.9 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
content-length: 188
x-accel-version: 0.01
last-modified: Tue, 01 Nov 2022 08:10:08 GMT
etag: "14f-5ec64409aff4a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/53CmoK1yQMs

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/53CmoK1yQMs
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fe5d736b14b4c6b309c39a3fece22357
c4bd277f4d29d3982728637df47990e057130b16
4ee18132d0f806ffc9ed76671ff736e3c9654e464b27af8216d77dc644cf9946

HTTP Headers

POST /s/gts1d4/53CmoK1yQMs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.usercentrics.eu/settings/h12GI7Dwh/latest/de.json

35.241.3.184

200 OK

7.7 kB

URL HTTP/2
api.usercentrics.eu/settings/h12GI7Dwh/latest/de.json
IP
35.241.3.184:0
ASN
#15169 GOOGLE

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (23195), with no line terminators
Size
7.7 kB (7697 bytes)
Hash
aa8772f766c8686e51dca01eb2d5f28f
30ed8a748c126c2a4de20e33752d7f2c3f3791b4
f4b818ecbdd2faaae56f2c0d4cfe143dff547f3a9464d7a92b3cd3f6e5d2f5bd

HTTP Headers

GET /settings/h12GI7Dwh/latest/de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.essostation.de/
Origin: https://www.essostation.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtWp4ULP6mVBo5y9gHamhoffhQxLqvjAL3CRlj2bw8ZsTmb84aDjJ15URkuF5tCyMGQ4jTQBCUhxBEut3OYmJRGGg
date: Thu, 09 Mar 2023 00:03:57 GMT
cache-control: public, max-age=1800, s-maxage=10
expires: Thu, 09 Mar 2023 00:04:07 GMT
last-modified: Thu, 16 Feb 2023 09:02:52 GMT
etag: "aa8772f766c8686e51dca01eb2d5f28f"
vary: Accept-Encoding
x-goog-generation: 1676538172235364
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7697
content-type: application/json
content-encoding: gzip
x-goog-hash: crc32c=9nTiyw==, md5=qody92bIaG5R3KAestXyjw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7697
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/53CmoK1yQMs

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/53CmoK1yQMs
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fe5d736b14b4c6b309c39a3fece22357
c4bd277f4d29d3982728637df47990e057130b16
4ee18132d0f806ffc9ed76671ff736e3c9654e464b27af8216d77dc644cf9946

HTTP Headers

POST /s/gts1d4/53CmoK1yQMs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.essostation.de/wp-content/uploads/2020/05/Christ-Wash-Systems.jpg

92.51.134.215

200 OK

94 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2020/05/Christ-Wash-Systems.jpg
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1140x855, components 3\012- data
Size
94 kB (94262 bytes)
Hash
8aa0c7c11795dcc15b1c3799e9c62d4f
7eaf810bc8ea73770f46fd1fcd4857cbb0efb1fd
08759071050bb8efeedfae6130fa62560932ba5676c00b318e776aab053af298

HTTP Headers

GET /wp-content/uploads/2020/05/Christ-Wash-Systems.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 94262
last-modified: Sat, 30 May 2020 10:28:38 GMT
etag: "5ed23556-17036"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/2019/04/VARIUS_Schaumwaesche_frontansicht_02-2-large.jpg

92.51.134.215

200 OK

93 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2019/04/VARIUS_Schaumwaesche_frontansicht_02-2-large.jpg
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17, height=4181, bps=0, compression=none, PhotometricIntepretation=RGB, manufacturer=Sinar AG, model=Sinarback 54 M, Hasselblad, orientation=upper-left, width=5440], baseline, precision 8, 480x375, components 3\012- data
Size
93 kB (93302 bytes)
Hash
e9afdd98241131fc9b27f76bc3f0630a
db55e9de7aa5dcf6d2dff9d89a73ba2f51430fbc
ca72ebeff542b3497a818ac002823bfc8d9869cf17910f91c27819e832e76575

HTTP Headers

GET /wp-content/uploads/2019/04/VARIUS_Schaumwaesche_frontansicht_02-2-large.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 93302
last-modified: Sun, 14 Apr 2019 08:40:26 GMT
etag: "5cb2f1fa-16c76"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/2020/05/Esso_Station_Leushake_1-1.jpg

92.51.134.215

200 OK

227 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2020/05/Esso_Station_Leushake_1-1.jpg
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1600x800, components 3\012- data
Size
227 kB (226551 bytes)
Hash
58dd87532a63b4d5a3afac10c3c0a8ad
55d36a16798f73bc00ea6a124a859c892db40738
762140b9ca89b597b179456f5eaa0f5b9409ab2755753d337bfd74c573763150

HTTP Headers

GET /wp-content/uploads/2020/05/Esso_Station_Leushake_1-1.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 226551
last-modified: Fri, 29 May 2020 14:47:42 GMT
etag: "5ed1208e-374f7"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-600.woff2?v=1665417354

92.51.134.215

200 OK

32 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-600.woff2?v=1665417354
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 31544, version 1.0\012- data
Size
32 kB (31544 bytes)
Hash
55f67229ec0d330d80d94ed5a971131e
ddf443d4a288a984b0a4769825666ddc9d382952
a3b0b56f63a65241540c15abea1c3eca10edafa94f4f212e1ff526511d888298

HTTP Headers

GET /wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-600.woff2?v=1665417354 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: font/woff2
content-length: 31544
last-modified: Mon, 10 Oct 2022 15:55:55 GMT
etag: "6344408b-7b38"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-800.woff2?v=1665417354

92.51.134.215

200 OK

32 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-800.woff2?v=1665417354
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 31468, version 1.0\012- data
Size
32 kB (31468 bytes)
Hash
59f26ee6f0acf6f8d1d1d1295de6a012
1e44acb72f9ca563336ae35f29008a4d208c352a
699835970bc3a29625c6e86b681d1a71a45636d2dcbb9de075520b4f8a51fb10

HTTP Headers

GET /wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/raleway-v28-latin-800.woff2?v=1665417354 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: font/woff2
content-length: 31468
last-modified: Mon, 10 Oct 2022 15:55:56 GMT
etag: "6344408c-7aec"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1

92.51.134.215

200 OK

23 kB

URL HTTP/2
www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
ASCII text
Size
23 kB (22772 bytes)
Hash
aab909c93bcfab5a09785935ad780d81
41940c8ed0ec626625285d531b026a48ad685ed8
cfbb1f4ee1b0d8875f401693a215181fffa77ee60d3df2a18f87f294d583c1f2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/slider.js?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 02:41:01 GMT
etag: W/"637c36bd-9df"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6

92.51.134.215

200 OK

36 kB

URL HTTP/2
www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
Generic INItialization configuration []\012- , ASCII text, with very long lines (310), with CRLF line terminators
Size
36 kB (36163 bytes)
Hash
94c8f4544f85113a01b4ee5fb86b6b49
fadfdeee4a7770e35bbf8cd86b439d01d33a2907
a82ce996d4e40710a78a85d5a537c2919184a24049cf36425395d2900fd30ced

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/assets/js/onepress-plus.js?ver=2.3.6 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 02:41:01 GMT
etag: W/"637c36bd-532c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/2020/05/cropped-Logo-ESSO-STATION-LEUSHAKE-IN-HERTEN-2.gif

92.51.134.215

200 OK

13 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2020/05/cropped-Logo-ESSO-STATION-LEUSHAKE-IN-HERTEN-2.gif
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
GIF image data, version 89a, 1090 x 100\012- data
Size
13 kB (12726 bytes)
Hash
144f36f7e3ea5683b59e0b544ca14751
8884171adc6374bf973defcfe6cc693536834b63
607e345d717f60cde36c8d4460338dddc15ad094a2db7650973861a0ba0f4de3

HTTP Headers

GET /wp-content/uploads/2020/05/cropped-Logo-ESSO-STATION-LEUSHAKE-IN-HERTEN-2.gif HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: image/gif
content-length: 12726
last-modified: Sat, 30 May 2020 15:07:31 GMT
etag: "5ed276b3-31b6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule.jpg

92.51.134.215

200 OK

454 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule.jpg
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1600x800, components 3\012- data
Size
454 kB (454133 bytes)
Hash
c3f7d6a951dd4018b9354ead3a72ff74
fb097c548211d6869f455ffbdd831e80eddab28f
caeaf4b86149f56ae96c3986b047b3426c0bb4cb6982aaf24ab881049f9eb83b

HTTP Headers

GET /wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 454133
last-modified: Sat, 30 May 2020 09:23:28 GMT
etag: "5ed22610-6edf5"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

92.51.134.215

200 OK

77 kB

URL HTTP/2
www.essostation.de/wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/onepress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.essostation.de/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: font/woff2
content-length: 77160
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: "63df5b60-12d68"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule-Icon.jpg

92.51.134.215

200 OK

310 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule-Icon.jpg
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1166x798, components 3\012- data
Size
310 kB (310051 bytes)
Hash
b86805287d0dc8308d1b56866bec0de8
0cc52c98d9e211e46c01c8ce7bd0a60dd85ffe0e
917c3b87e589d677f515c340549a111c947d95248bb830bd95727c9e17df0e63

HTTP Headers

GET /wp-content/uploads/2020/05/Esso-Leushake-Zapfs%C3%A4ule-Icon.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 310051
last-modified: Sat, 30 May 2020 12:44:35 GMT
etag: "5ed25533-4bb23"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/2020/05/essostation-herten-shopLeushake.jpg

92.51.134.215

200 OK

649 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2020/05/essostation-herten-shopLeushake.jpg
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1600x1067, components 3\012- data
Size
649 kB (648934 bytes)
Hash
020482f12f336d43f08573de433e505d
9ffc0adffbd83dcf692da9660726016f24ca4fed
e793c938235d8cb640fef397131f0d009d21e09cd79325c269fc28fd0a6f17c2

HTTP Headers

GET /wp-content/uploads/2020/05/essostation-herten-shopLeushake.jpg HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: image/jpeg
content-length: 648934
last-modified: Sat, 30 May 2020 09:45:01 GMT
etag: "5ed22b1d-9e6e6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/open-sans-v34-latin-300italic.woff2?v=1665417354

92.51.134.215

200 OK

24 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/open-sans-v34-latin-300italic.woff2?v=1665417354
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 23712, version 1.0\012- data
Size
24 kB (23712 bytes)
Hash
bb4154746478a3dd008a8835506e35c0
315a1b2407c69d3a337b3a148a7dd3b53015b70c
9e055f2b91664dd7ecb10a5e20a5df82d2deca7fe00a9de0d146be0097a06ae6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/open-sans-v34-latin-300italic.woff2?v=1665417354 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.essostation.de/wp-content/uploads/fonts/5e02d77c4c1339dcbeb6a95be34def3f/font.css?v=1665417358
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: font/woff2
content-length: 23712
last-modified: Mon, 10 Oct 2022 15:55:57 GMT
etag: "6344408d-5ca0"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

www.essostation.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

92.51.134.215

200 OK

52 kB

URL HTTP/2
www.essostation.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
ASCII text, with very long lines (65447)
Size
52 kB (52389 bytes)
Hash
f2c32f49621cc899ed2f7e548b9e2fde
2893d85d1b7646fc6e756ecfb3a9bc4a09a885d7
0edf089102554027c6370d56ba9427e1217d2c3acfe544bc027440efad41f78c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Sun, 13 Nov 2022 10:33:42 GMT
etag: W/"6370c806-15e54"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/UbwzmJckskg

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/UbwzmJckskg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a48427cfe6a47fea85c38369e713ef9f
38ac1d050ba1ce6a42577b327be0d18023b56d4c
4e46d94fc3c5c7386b91cae42b9ed1c9dd23c7951987e64475e41761cf69a2d0

HTTP Headers

POST /s/gts1d4/UbwzmJckskg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/UbwzmJckskg

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/UbwzmJckskg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a48427cfe6a47fea85c38369e713ef9f
38ac1d050ba1ce6a42577b327be0d18023b56d4c
4e46d94fc3c5c7386b91cae42b9ed1c9dd23c7951987e64475e41761cf69a2d0

HTTP Headers

POST /s/gts1d4/UbwzmJckskg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
74108c735d1c174120a6607cc1d6fd8b
52077f4a4d62c24cb2a7ce60c357fd9cd46278f4
57f8f08be0cd9b39111f0a8235211c0b72981e7a941eb43a9aff25926f6aaedb

HTTP Headers

POST /s/gts1d4/hLyX0RmlxZg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.essostation.de/wp-content/uploads/2019/04/cropped-unnamed-192x192.png

92.51.134.215

200 OK

29 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2019/04/cropped-unnamed-192x192.png
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28827 bytes)
Hash
527f5e27ba428adffa8949e791501a3c
dc8e951722a59914c3e4f113e87b83bca4ae6543
7444f6979dd88b12d83721325c1fb54894f60a16dfd8fd61b32e4db9fe59f34d

HTTP Headers

GET /wp-content/uploads/2019/04/cropped-unnamed-192x192.png HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: image/png
content-length: 28827
last-modified: Fri, 29 May 2020 14:17:36 GMT
etag: "5ed11980-709b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
74108c735d1c174120a6607cc1d6fd8b
52077f4a4d62c24cb2a7ce60c357fd9cd46278f4
57f8f08be0cd9b39111f0a8235211c0b72981e7a941eb43a9aff25926f6aaedb

HTTP Headers

POST /s/gts1d4/hLyX0RmlxZg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.essostation.de/wp-content/uploads/2019/04/cropped-unnamed-32x32.png

92.51.134.215

200 OK

2.0 kB

URL HTTP/2
www.essostation.de/wp-content/uploads/2019/04/cropped-unnamed-32x32.png
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2026 bytes)
Hash
64c6cd4e6f560f8837e87959ac867312
c1152f81412f5a0d83964a404328a065b2d67a78
eeb392c10dff2eab8d016e1ae9030a3b9816f27f7c4585985d63b004d71266c6

HTTP Headers

GET /wp-content/uploads/2019/04/cropped-unnamed-32x32.png HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: image/png
content-length: 2026
last-modified: Fri, 29 May 2020 14:17:37 GMT
etag: "5ed11981-7ea"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

graphql.usercentrics.eu/graphql

34.120.238.166

204 No Content

0 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Referer: https://www.essostation.de/
Origin: https://www.essostation.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 09 Mar 2023 00:03:57 GMT
content-length: 0
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/hLyX0RmlxZg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
74108c735d1c174120a6607cc1d6fd8b
52077f4a4d62c24cb2a7ce60c357fd9cd46278f4
57f8f08be0cd9b39111f0a8235211c0b72981e7a941eb43a9aff25926f6aaedb

HTTP Headers

POST /s/gts1d4/hLyX0RmlxZg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Mar 2023 00:03:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

graphql.usercentrics.eu/graphql

34.120.238.166

200 OK

702 B

URL HTTP/2
graphql.usercentrics.eu/graphql
IP
34.120.238.166:0
ASN
#15169 GOOGLE

File type
data
Size
702 B (702 bytes)
Hash
68a2c82dacc01881bc04f428dbc8a832
7197301af69d02fe6da14d489cc0b6975a34a94f
e5ba9ba7bcb69e0dfb8158ef73f16856b70f7915993f6c6b733013dcc3e7b1fc

HTTP Headers

POST /graphql HTTP/1.1
Host: graphql.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.essostation.de/
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Request-ID: 871ecfd6-cd18-481b-8cfe-9e382dff31dc
Origin: https://www.essostation.de
Content-Length: 1536
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Mar 2023 00:03:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
etag: W/"118-wKkDTwbbJc5qEDmrkaPz8d2gCTQ"
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

uc.e-recht24.de/erecht24_logo_white.png

159.69.24.179

200

2.9 kB

URL HTTP/1.1
uc.e-recht24.de/erecht24_logo_white.png
IP
159.69.24.179:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 98 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2889 bytes)
Hash
6ce60860fb4697564e38580a4709ec5c
9806460f6b62a69a9652f8d17afaef69c3e8c287
933400df86c19613e2f9e127e098a0a8eb9e3d9870c8bbcbb8f234629cee5b74

HTTP Headers

GET /erecht24_logo_white.png HTTP/1.1
Host: uc.e-recht24.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 09 Mar 2023 00:03:57 GMT
Content-Type: image/png
Content-Length: 2889
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Mon, 13 Feb 2023 13:36:47 GMT
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Expires: Sat, 09 Mar 2024 00:03:57 GMT
X-Frame-Options: DENY
Pragma: no-cache, public
Cache-Control: max-age=31622400, public

www.essostation.de/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

92.51.134.215

200 OK

0 B

URL HTTP/2
www.essostation.de/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 02:42:11 GMT
etag: W/"63744e03-172a9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0

92.51.134.215

200 OK

0 B

URL HTTP/2
www.essostation.de/wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/onepress/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-792c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/themes/onepress/style.css?ver=6.1.1

92.51.134.215

200 OK

0 B

URL HTTP/2
www.essostation.de/wp-content/themes/onepress/style.css?ver=6.1.1
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/onepress/style.css?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-1894d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4

92.51.134.215

200 OK

0 B

URL HTTP/2
www.essostation.de/wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.4 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-26476"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

92.51.134.215

200 OK

0 B

URL HTTP/2
www.essostation.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Fri, 16 Apr 2021 01:38:17 GMT
etag: W/"6078ea89-2bd8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1

92.51.134.215

200 OK

0 B

URL HTTP/2
www.essostation.de/wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/onepress/assets/js/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Sun, 05 Feb 2023 07:31:44 GMT
etag: W/"63df5b60-ad3b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/onepress-plus.css?ver=2.3.6

92.51.134.215

200 OK

0 B

URL HTTP/2
www.essostation.de/wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/onepress-plus.css?ver=2.3.6
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/FameThemes-onepress-plus-ed925f79431f98b274c81bac0804916733c07794/onepress-plus.css?ver=2.3.6 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: text/css
last-modified: Tue, 22 Nov 2022 02:41:01 GMT
etag: W/"637c36bd-4d44"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.6,abGHajF1@6.0.1

34.120.28.121

200 OK

0 B

URL HTTP/2
aggregator.service.usercentrics.eu/aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.6,abGHajF1@6.0.1
IP
34.120.28.121:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /aggregate/de?templates=H1Vl5NidjWX@40.17.39,S1pcEj_jZX@21.9.6,abGHajF1@6.0.1 HTTP/1.1
Host: aggregator.service.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.essostation.de/
Origin: https://www.essostation.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding, accept-encoding
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: public,max-age=604800
etag: "1qyrkn"
content-encoding: br
date: Thu, 09 Mar 2023 00:03:57 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.essostation.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

92.51.134.215

200 OK

0 B

URL HTTP/2
www.essostation.de/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
92.51.134.215:0
ASN
#8972 Host Europe GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.essostation.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.essostation.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 09 Mar 2023 00:03:56 GMT
content-type: application/javascript
last-modified: Sat, 11 Jun 2022 06:40:58 GMT
etag: W/"62a438fa-48b9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML