urlscan.io logo urlscan.io
SecurityTrails logo

prosed.ee Open in urlscan Pro
217.146.69.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://prosed.csgo.ee/
Effective URL: https://prosed.ee/
Submission Tags: phishingrod
Submission: On October 18 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 217.146.69.42, located in Tallinn, Estonia and belongs to ZONE Zone Media OU, EE. The main domain is prosed.ee.
TLS certificate: Issued by R3 on September 10th 2023. Valid for: 3 months.
This is the only time prosed.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.146.67.141 49604 (ZONE Zone...)
2 20 217.146.69.42 49604 (ZONE Zone...)
2 2603:1063:200... 8075 (MICROSOFT...)
22 4
Apex Domain
Subdomains		 Transfer
20 prosed.ee
prosed.ee
255 KB
2 live.com
view.officeapps.live.com — Cisco Umbrella Rank: 24658
pnl1-excel.officeapps.live.com — Cisco Umbrella Rank: 179100
5 KB
1 csgo.ee
prosed.csgo.ee
365 B
22 3
Domain Requested by
20 prosed.ee 2 redirects prosed.ee
1 pnl1-excel.officeapps.live.com
1 view.officeapps.live.com prosed.ee
1 prosed.csgo.ee
22 4

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.techtrot.com
Subject Issuer Validity Valid
prosed.csgo.ee
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh
prosed.ee
R3		 2023-09-10 -
2023-12-09		 3 months crt.sh
officeapps.live.com
Microsoft Azure TLS Issuing CA 02		 2023-06-20 -
2024-06-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://prosed.ee/
Frame ID: 9123CCB6AD219B83C8B232B55FEDCA62
Requests: 20 HTTP requests in this frame

Frame: https://view.officeapps.live.com/op/embed.aspx?src=https%3A%2F%2Fprosed.ee%2Fwp-content%2Fuploads%2F2023%2F10%2Fprosed-1.xlsx
Frame ID: C2A93A832D56801537686B6C15F860F3
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fprosed%252Eee%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F10%252Fprosed%252D1%252Exlsx&access_token_ttl=0&hid=c15294d0-8ee3-4393-ae58-388b1eee8526
Frame ID: 38B33B869D98570D077CA89E7CE139C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Prosed

Page URL History Show full URLs

  1. https://prosed.csgo.ee/ Page URL
  2. http://prosed.ee/ HTTP 301
    https://prosed.ee/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

22
Requests

91 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

259 kB
Transfer

644 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prosed.csgo.ee/ Page URL
  2. http://prosed.ee/ HTTP 301
    https://prosed.ee/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://prosed.ee/wp-content/themes/primepress/rotating.php?image=92 HTTP 302
  • https://prosed.ee/wp-content/themes/primepress/headers/PP-field%20of%20dreams.jpg

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
prosed.csgo.ee/ 		324 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prosed.csgo.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.146.67.141 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
kinnas.kahtlane.info
Software
nginx/1.18.0 /
Resource Hash
789d019e3e63db8671974a2d101057e7da274cb953e62f78e4890f808ac1ddd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 18 Oct 2023 00:09:50 GMT
etag
W/"5d068e7f-144"
last-modified
Sun, 16 Jun 2019 18:46:23 GMT
server
nginx/1.18.0
Primary Request /
prosed.ee/
Redirect Chain
  • http://prosed.ee/
  • https://prosed.ee/
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
000a883537b786516185b1b5bdb38e884bf471e56d387bc00ff89b8630884492

Request headers

Referer
https://prosed.csgo.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
5201
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 00:09:52 GMT
link
<https://prosed.ee/wp-json/>; rel="https://api.w.org/", <https://prosed.ee/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://prosed.ee/>; rel=shortlink
server
Apache / ZoneOS
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
294
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 18 Oct 2023 00:09:52 GMT
Keep-Alive
timeout=5, max=100
Location
https://prosed.ee/
Server
Apache / ZoneOS
style.css
prosed.ee/wp-content/themes/primepress/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-content/themes/primepress/style.css
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
432c06e59533498982ee251f068e6e80030de6e4d40612ce02c476a56bab4ce6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Sun, 16 Jun 2019 18:17:25 GMT
server
Apache / ZoneOS
etag
"332f-58b74e43edfbd-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3821
custom.css
prosed.ee/wp-content/themes/primepress/ 		58 B
127 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-content/themes/primepress/custom.css
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
b04bdff30310eedf24a6172757e5e8329a6c5f366a22213c8865db502c14f6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
last-modified
Sun, 16 Jun 2019 18:17:24 GMT
server
Apache / ZoneOS
accept-ranges
bytes
etag
"3a-58b74e4349af2"
content-length
58
content-type
text/css
style.min.css
prosed.ee/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
Apache / ZoneOS
etag
"19824-600d5209602c0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
13841
style.min.css
prosed.ee/wp-includes/css/dist/components/ 		83 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/css/dist/components/style.min.css?ver=6.3.1
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
75522ccbccd2a9bf8ed6fe6c40e563c5733eef6cb64d8146640d3dcfb306193c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
Apache / ZoneOS
etag
"14a60-600d5209602c0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
11917
style.min.css
prosed.ee/wp-includes/css/dist/block-editor/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/css/dist/block-editor/style.min.css?ver=6.3.1
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
b335af42d0dd457872c044cb33c032d945efd95afe79e23e1124f1b31045be01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 12:40:52 GMT
server
Apache / ZoneOS
etag
"1b95a-601dbdb7afd00-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
15109
style.min.css
prosed.ee/wp-includes/css/dist/reusable-blocks/ 		490 B
319 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.3.1
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
063a5d868fdbe71599268fe98a71a0b9238bc5873ec0596fd7c9427c323f19f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Tue, 27 Jun 2023 14:24:19 GMT
server
Apache / ZoneOS
etag
"1ea-5ff1d39002ac0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
243
style.min.css
prosed.ee/wp-includes/css/dist/editor/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/css/dist/editor/style.min.css?ver=6.3.1
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
463223e967a6a9d58aab0160f5f7c353e88aecabc85ee4d8663b550be323d5f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Fri, 07 Jul 2023 07:21:17 GMT
server
Apache / ZoneOS
etag
"46d1-5ffe07a875540-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3619
blocks.style.build.css
prosed.ee/wp-content/plugins/robo-gallery/includes/extensions/block/dist/ 		0
59 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-content/plugins/robo-gallery/includes/extensions/block/dist/blocks.style.build.css?ver=3.1.8
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
last-modified
Mon, 14 Feb 2022 16:29:25 GMT
server
Apache / ZoneOS
accept-ranges
bytes
etag
"0-5d7fceb761245"
content-length
0
content-type
text/css
styles.css
prosed.ee/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Sun, 16 Jun 2019 18:24:06 GMT
server
Apache / ZoneOS
etag
"695-58b74fc2ac03e-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
651
jquery.min.js
prosed.ee/wp-includes/js/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
Apache / ZoneOS
etag
"155ba-5fc971b7d21c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30343
jquery-migrate.min.js
prosed.ee/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
Apache / ZoneOS
etag
"3509-5fdabee5f2100-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4872
PP-field%20of%20dreams.jpg
prosed.ee/wp-content/themes/primepress/headers/
Redirect Chain
  • https://prosed.ee/wp-content/themes/primepress/rotating.php?image=92
  • https://prosed.ee/wp-content/themes/primepress/headers/PP-field%20of%20dreams.jpg
154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prosed.ee/wp-content/themes/primepress/headers/PP-field%20of%20dreams.jpg
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
1238d28fce0cbeb31d0bd5bdf97e17d0c02a8827652f2d91ab6351b3a9e448f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
last-modified
Sun, 16 Jun 2019 18:22:28 GMT
server
Apache / ZoneOS
accept-ranges
bytes
etag
"26893-58b74f65679f4"
content-length
157843
content-type
image/jpeg

Redirect headers

location
headers/PP-field of dreams.jpg
date
Wed, 18 Oct 2023 00:09:52 GMT
server
Apache / ZoneOS
content-type
text/html; charset=UTF-8
comment-reply.min.js
prosed.ee/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/js/comment-reply.min.js?ver=6.3.1
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
Apache / ZoneOS
etag
"ba5-5dc2a2438e980-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1351
scripts.js
prosed.ee/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Sun, 16 Jun 2019 18:24:06 GMT
server
Apache / ZoneOS
etag
"3868-58b74fc2ac426-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3993
reset.css
prosed.ee/wp-content/themes/primepress/library/ 		1015 B
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-content/themes/primepress/library/reset.css
Requested by
Host: prosed.ee
URL: https://prosed.ee/wp-content/themes/primepress/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
02199a3a74aa01644afe138e531c68a97bd44616553748399d12bd25a19d3ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/wp-content/themes/primepress/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Sun, 16 Jun 2019 18:17:27 GMT
server
Apache / ZoneOS
etag
"3f7-58b74e45983c1-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
570
layout.css
prosed.ee/wp-content/themes/primepress/library/ 		1 KB
361 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-content/themes/primepress/library/layout.css
Requested by
Host: prosed.ee
URL: https://prosed.ee/wp-content/themes/primepress/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
6727d4b404f5a158670445c170e2922a588da60ce7948cb491001a9255f5fb9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/wp-content/themes/primepress/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:52 GMT
content-encoding
gzip
last-modified
Sun, 16 Jun 2019 18:17:27 GMT
server
Apache / ZoneOS
etag
"451-58b74e4583ba4-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
307
fe7e6709-8241-4532-b7e2-011debfed78d
https://prosed.ee/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prosed.ee/fe7e6709-8241-4532-b7e2-011debfed78d
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
embed.aspx
view.officeapps.live.com/op/ Frame C2A9 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.officeapps.live.com/op/embed.aspx?src=https%3A%2F%2Fprosed.ee%2Fwp-content%2Fuploads%2F2023%2F10%2Fprosed-1.xlsx
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cea6ff0bd4c6b6a28c0e514c48008dbbaea5ef2ffb63cb16b58534381b048f56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prosed.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 00:09:53 GMT
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
c15294d0-8ee3-4393-ae58-388b1eee8526
x-msedge-features
afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest_control
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest_control
x-msedge-ref
Ref A: 47D99815178B4E1EA0D15093F3A2E886 Ref B: FRA231050412009 Ref C: 2023-10-18T00:09:53Z
x-officecluster
PNL1
x-officefd
AM4PEPF00021F04
x-officefe
AM4PEPF00010AD3
x-officeversion
16.0.17010.41001
wp-emoji-release.min.js
prosed.ee/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prosed.ee/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by
Host: prosed.ee
URL: https://prosed.ee/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.146.69.42 Tallinn, Estonia, ASN49604 (ZONE Zone Media OU, EE),
Reverse DNS
sn-69-42.tll07.zoneas.eu
Software
Apache / ZoneOS /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prosed.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 00:09:53 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
Apache / ZoneOS
etag
"4904-5f3acfe01ab40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5039
truncated
/ Frame C2A9 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
xlembed.aspx
pnl1-excel.officeapps.live.com/x/_layouts/ Frame 38B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fprosed%252Eee%253A443%252Fwp%252Dcontent%252Fuploads%252F2023%252F10%252Fprosed%252D1%252Exlsx&access_token_ttl=0&hid=c15294d0-8ee3-4393-ae58-388b1eee8526
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1063:2000:1::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy font-src data: 'self' res-1.cdn.office.net *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.officeapps.live.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.officeapps.live.com *.msftauth.net js.monitor.azure.com *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com; object-src 'self'; child-src blob: * ms-excel:; worker-src blob: 'self'; img-src * data: blob:; report-uri /x/reportcsp.ashx
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://view.officeapps.live.com
Referer
https://view.officeapps.live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
font-src data: 'self' res-1.cdn.office.net *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net *.azureedge.net fs.microsoft.com *.officeapps.live.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.officeapps.live.com *.msftauth.net js.monitor.azure.com *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net res.cdn.office.net messaging.office.com messaging.growth.office.com messaging.action.office.com messaging.engagement.office.com content.lifecycle.office.net www.microsoft.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' res-1.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com *.cdn.office.net res-cn.cdn.partner.office365.cn res-4.cdn.partner.office365.cn res-3.cdn.partner.office365.cn res-1-cdn.azureedge.microsoft.scloud res-1-cdn.azureedge.eaglex.ic.gov res-dev.cdn.officeppe.net; media-src blob: *.skype.com *.skypeassets.com *.officeapps.live.com; object-src 'self'; child-src blob: * ms-excel:; worker-src blob: 'self'; img-src * data: blob:; report-uri /x/reportcsp.ashx
content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 00:09:53 GMT
document-policy
js-profiling
expires
-1
nel
{"report_to":"network-errors","max_age":604800,"include_subdomains":true,"success_fraction":0.01,"failure_fraction":1.0}
origin-agent-cluster
?1
origin-trial
AtAgCmjF9NSDe7WG5+zXddNhpryHIhWvHG5BxTAcMRn1V9oswBhX2RSXHeDxLcwXMB/NYHr3BAXOBJJY1ita2BAAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNzAzOTgwODAwfQ==
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://excelonline.nel.measure.office.net/api/report?FrontEnd=AFD&DestinationEndpoint=Edge-Prod-FRA23r5a&DC=PNL1&FileSource="}]}
reporting-endpoints
default="https://pnl1-excel.officeapps.live.com/x/BrowserReportingHandler.ashx"
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
f786e9a0-1669-4bc6-af90-e51486b5ffca
x-msedge-features
afd_waccluster,afd_visioslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_excelslicetest
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5,5e4w=afd_excelslicetest
x-msedge-ref
Ref A: C39177924ADB447FA931A9FF083CBA47 Ref B: FRA231050412009 Ref C: 2023-10-18T00:09:53Z
x-officecluster
PNL1
x-officefd
AM4PEPF00021F13
x-officefe
AM4PEPF00027587
x-officeversion
16.0.17004.42307
x-usersessionid
f786e9a0-1669-4bc6-af90-e51486b5ffca

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings undefined| $ function| jQuery object| addComment object| wpcf7 object| twemoji object| wp

3 Cookies

Domain/Path Name / Value
pnl1-excel.officeapps.live.com/x/_layouts Name: Excel_CurrentVersion_Artifacts
Value: 161700442307
.view.officeapps.live.com/ Name: PNL1-ARRAffinity
Value: f29db90a0f916dd407efdef0b149519197ab2fa4d47d5c43cfe11c2b7b2864d3
.pnl1-excel.officeapps.live.com/ Name: PNL1-Excel-ARRAffinity
Value: 89786016f67ec020fd1ddb6125d1384fb9be77cefc5ad52b54540947d974dfb9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pnl1-excel.officeapps.live.com
prosed.csgo.ee
prosed.ee
view.officeapps.live.com
217.146.67.141
217.146.69.42
2603:1063:2000:1::12
000a883537b786516185b1b5bdb38e884bf471e56d387bc00ff89b8630884492
02199a3a74aa01644afe138e531c68a97bd44616553748399d12bd25a19d3ba3
063a5d868fdbe71599268fe98a71a0b9238bc5873ec0596fd7c9427c323f19f2
1238d28fce0cbeb31d0bd5bdf97e17d0c02a8827652f2d91ab6351b3a9e448f9
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
432c06e59533498982ee251f068e6e80030de6e4d40612ce02c476a56bab4ce6
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
463223e967a6a9d58aab0160f5f7c353e88aecabc85ee4d8663b550be323d5f9
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
6727d4b404f5a158670445c170e2922a588da60ce7948cb491001a9255f5fb9c
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
75522ccbccd2a9bf8ed6fe6c40e563c5733eef6cb64d8146640d3dcfb306193c
789d019e3e63db8671974a2d101057e7da274cb953e62f78e4890f808ac1ddd7
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
b04bdff30310eedf24a6172757e5e8329a6c5f366a22213c8865db502c14f6ab
b335af42d0dd457872c044cb33c032d945efd95afe79e23e1124f1b31045be01
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
cea6ff0bd4c6b6a28c0e514c48008dbbaea5ef2ffb63cb16b58534381b048f56
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855