r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11752
Expires: Thu, 27 Oct 2022 05:31:04 GMT
Date: Thu, 27 Oct 2022 02:15:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6052
Cache-Control: max-age=118602
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:12 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:11:54 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6052
Cache-Control: max-age=118602
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:12 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:11:54 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6138
Expires: Thu, 27 Oct 2022 03:57:30 GMT
Date: Thu, 27 Oct 2022 02:15:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gUsqHLzlrG4S5Bhg7y1UsBFwABa78smiadovbMHJVI1yAUcbgQCrQH0z4lJ42byKmZyGqmDXC7c=
x-amz-request-id: 77N0P8APCJXN7SXJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 01:39:25 GMT
age: 2147
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 02:15:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
energieberater-nordrhein-westfalen.de/
83.169.41.94301 Moved Permanently 0 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 27 Oct 2022 02:15:12 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://energieberater-nordrhein-westfalen.de/
X-Powered-By: PHP/7.4.16, PleskLin
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8dd27c270597b01e62b7dd7ae212e080
5b1740e9db283e4550d3a7d6495ea415443629e9
9e4150b9c6e2e8da1c902e32e3e40c603cdc5840e585e2bc60f7c050b9da86f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E4150B9C6E2E8DA1C902E32E3E40C603CDC5840E585E2BC60F7C050B9DA86F7"
Last-Modified: Thu, 27 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 27 Oct 2022 08:15:13 GMT
Date: Thu, 27 Oct 2022 02:15:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5517
Cache-Control: max-age=113011
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:13 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:38:44 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vPeiiAPQVx10B8aoLq6Xgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ORUUBXBZ4ScixuGQi5ZzaZj/I3o=
energieberater-nordrhein-westfalen.de/
83.169.41.94200 OK 29 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41860), with CRLF, LF line terminators
Hash 98876a5fbd4b4788c564e6f3af269084
1765fd341b874c8db390764b950ef6b11a1715b9
9daf79ca34fbec0ff4c78db376e41232a717ffedca91664a8fe4e49b63d1d767
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:13 GMT
Server: Apache
Link: <https://energieberater-nordrhein-westfalen.de/wp-json/>; rel="https://api.w.org/", <https://energieberater-nordrhein-westfalen.de/wp-json/wp/v2/pages/23>; rel="alternate"; type="application/json", <https://energieberater-nordrhein-westfalen.de/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.4.16, PleskLin
Content-Length: 29347
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
energieberater-nordrhein-westfalen.de/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.2
83.169.41.94200 OK 12 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (63070), with CRLF line terminators
Hash aab8da333613933cc37485d8a7ba13be
29762b20907f8feda444d83de5e1b08b07351713
02762812ff8f9094fca15e4e5361fcffbb7b9be75acfb46ed6e87f43acdcbbdc
GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 17:20:25 GMT
ETag: "11449-5e81987523d71-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11733
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/astra-google-fonts.css?ver=1659959053
83.169.41.94200 OK 436 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/astra-google-fonts.css?ver=1659959053
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash ac09566400c947134913b9552ba34609
4f44a738b5331f48c4c2b3d63905b4265bb587e1
e52ce40ecd2fde817b685ee8307bb1213800f0d07c56c810d280e911eeed4d0e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/astra-google-fonts/astra-google-fonts.css?ver=1659959053 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:59:31 GMT
ETag: "6f4-5e5ba6305103c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 436
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
83.169.41.94200 OK 5.0 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "48b9-5dfcf4214c7a9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5009
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
83.169.41.94200 OK 12 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 19:20:25 GMT
ETag: "15b64-5e3a08f7c1419-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11681
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8
83.169.41.94200 OK 856 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (13766)
Hash c0c9d4069ee37cee67131ed802c6f83a
1dfda5b6247b1d0d45a0a91d68342959c90c6a55
e3bd3669e57c68511ec5972c55281f6de292d9d8346b3c3273866fd12f729d5f
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.8 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "35ed-5ea0f9b2fe688-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 856
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.4
83.169.41.94200 OK 713 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.4
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (2723), with no line terminators
Hash 7e67979bdd7b91ff88c5113cd3db186e
1ef16fddac63946359c3d47b46d1985c3961ea26
10f99207a897bca4be545b3a4a330907e90e0dc49326c774946393ed4adcd83c
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.4 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 14 Oct 2022 16:18:57 GMT
ETag: "aa3-5eb00fb982deb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 713
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8
83.169.41.94200 OK 20 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65497)
Hash 3ec4cec0224ecb4e607832d0eb21c3d0
5063f1c2afa88465a8898c373415429404eaa03f
a408cdfe48ed889f8f6cee2692c74d920421936cfa8613898a6c03b1eae55b39
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.8 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "28726-5ea0f9b2fdeb8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 20221
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-527.css?ver=1646070080
83.169.41.94200 OK 411 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-527.css?ver=1646070080
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (1140), with no line terminators
Hash 560d7cac4d110c4af78c35f4cc5c6f39
51768edf3effb387533226729b20591a65f48323
603fdf23a051e4c54a56901dde0e1c312f1e2e6454c3cccebabe4c86bdb3f92b
GET /wp-content/uploads/elementor/css/post-527.css?ver=1646070080 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 17:41:20 GMT
ETag: "474-5d9178e665205-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 411
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
83.169.41.94200 OK 4.0 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (19233)
Hash 24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "4b4f-5ea0f9b30f412-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3961
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/uploads/astra-addon/astra-addon-6318d2dcda04c6-84036519.css?ver=3.6.0
83.169.41.94200 OK 6.4 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/astra-addon/astra-addon-6318d2dcda04c6-84036519.css?ver=3.6.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (59148), with no line terminators
Hash b38c74612448bc01418df0f8082d83ba
85d7c409508b588bdee34c9f4895719af91b1179
f3ba60839a4868dcbb21f2d88fe94c62036def30770954f44e4d5285068399ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/astra-addon/astra-addon-6318d2dcda04c6-84036519.css?ver=3.6.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 17:20:28 GMT
ETag: "e70c-5e819878311c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6442
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/lib/nicons/css/nicons.css?ver=2.2.51
83.169.41.94200 OK 1.3 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/lib/nicons/css/nicons.css?ver=2.2.51
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash a63b8d085e6f0b551b44deb75f5b57c8
26aeacf3d5799da7ff92698de64e658f09e830a2
9e205d074c92f86e85d995a1982ce9c98b8ec9d8446f4fd647960c2ab4c2474e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-extras/assets/lib/nicons/css/nicons.css?ver=2.2.51 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "175f-5cd761409cfdc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1278
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-23.css?ver=1646070080
83.169.41.94200 OK 1.5 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-23.css?ver=1646070080
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (11240), with no line terminators
Hash 4ebd233bfa293f78969f82c05c4ad9a2
78c1f988a659a556708f852f4f02e2232dc6e4e7
408353691f2a526861dff9a20abee6b41ec12d8055daef08340e3e8dcf56ff29
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-23.css?ver=1646070080 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 17:41:20 GMT
ETag: "2be8-5d9178e6af19e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1506
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.7
83.169.41.94200 OK 41 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65493)
Hash 0f96fcabd409b41b5856861df80db999
5b306dde023f7dc771c40b4db0e2f3b0534d7e51
4e35df015ada698444e32130938fc8d9dee84572fe7ff78c5a3c9061853fd86f
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.7 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 16:13:00 GMT
ETag: "75771-5e95a73b1ca09-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 41398
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-104.css?ver=1646070080
83.169.41.94200 OK 951 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-104.css?ver=1646070080
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (2008)
Hash 9736dda2daa899f49aafc815ed2392eb
f006da723698547a0a1572ed763b4fdf14a393ed
0d20ee7b34b774cec469ad88a3c40349859ee5aa48770e6b5b2fe70bcf086b70
GET /wp-content/uploads/elementor/css/post-104.css?ver=1646070080 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 17:41:20 GMT
ETag: "162d-5d9178e6b3bd6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 951
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/sticky-header-effects-for-elementor/assets/css/she-header-style.css?ver=1.5.5
83.169.41.94200 OK 673 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/sticky-header-effects-for-elementor/assets/css/she-header-style.css?ver=1.5.5
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash c543523094e2ad488fc47c055b670657
7d5040d1603f79afd68bd84338975eadd29179f2
6eb6125fb3b47bb5d84aeb495cc0a76ff7e9cc887961bf37bed9f171cfe92326
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sticky-header-effects-for-elementor/assets/css/she-header-style.css?ver=1.5.5 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 05:25:39 GMT
ETag: "1339-5ebe9414d7f82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 673
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-157.css?ver=1646070080
83.169.41.94200 OK 1.6 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-157.css?ver=1646070080
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (12138), with no line terminators
Hash 681a29f53654abd2a1bb136e9bf50617
73ac61ffe5d4cb61df0273ec66aa3a8ae0d83ff6
12ebfa7c238e8d9e02825eb5932c3cb50ca0ea34231c72eb263ea3a056553623
GET /wp-content/uploads/elementor/css/post-157.css?ver=1646070080 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 17:41:20 GMT
ETag: "2f6a-5d9178e6c030e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1629
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/css/frontend.min.css?ver=2.2.51
83.169.41.94200 OK 25 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/css/frontend.min.css?ver=2.2.51
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5b4af266d88a77e8b32c96b0111b3e43
17ed7865c6fd383c94e25f24e0f0d593124434d9
f1d555a3c0b35ee370353457235dcd504759c91c72cf30de46076e02b6f55f44
GET /wp-content/plugins/elementor-extras/assets/css/frontend.min.css?ver=2.2.51 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "322e9-5cd7614088f8c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 24813
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.12
83.169.41.94200 OK 68 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.12
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 60e6d82ebb0b25b081eef93820fd2eb3
3dd9fd38753a4298be9dc2480730219fbc57db97
2af4af6f846f898af2007aa1f57535d9b4b1e443818e8fc3cb3ed0faf9c14935
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.12 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 21 Oct 2022 16:22:31 GMT
ETag: "993f1-5eb8dd93c16dc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
83.169.41.94200 OK 13 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (57726)
Hash 991d00cd7cb62d50a29295522d554f1f
e128a5238f141e9c4da1979716108d858340fe03
b8fcb61816168fc6a7ee01bb09fa4378398838dc6e4f49dc411872876355d113
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "e238-5ea0f9b30d4d2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 12582
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/google-fonts-1/google-fonts-1.css?ver=1659959053
83.169.41.94200 OK 711 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/google-fonts-1/google-fonts-1.css?ver=1659959053
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 629a93d1ff87bd58e4a399f5c41cd9d9
ca85d16917754efdb7e0b04caf272181b7f8be41
b84965548475012b41e11e83a65e644d8c30c879bb4684ea2f554acb232b390c
GET /wp-content/uploads/omgf/google-fonts-1/google-fonts-1.css?ver=1659959053 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:59:33 GMT
ETag: "44b4-5e5ba6326405d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 711
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
83.169.41.94200 OK 308 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "2a3-5ea0f9b30dca2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 308
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
83.169.41.94200 OK 309 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "29d-5ea0f9b30e08a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 309
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
83.169.41.94200 OK 308 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (491)
Hash 851fd514d412b7e854365f20a4227c8a
08bf47072f70af1816450cc85a5efb3b8f9114d2
a9449e3cc7c003e5ed6b93bae7b0bba3e4f1713c52214f41d3591692a759b9d7
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "2a5-5ea0f9b30dca2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 308
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.5.5
83.169.41.94200 OK 1.4 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.5.5
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 27965421b550758c506dc312efec6f33
09be1efbd98c43af5d861c07b54d655b65769625
e829d14ca1a828029a44b85a11fda768716732ab2b5a098b631bdd2c579c73e5
GET /wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.5.5 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2022 05:25:39 GMT
ETag: "15ef-5ebe9414d77b2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1419
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.2
83.169.41.94200 OK 2.7 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (10398), with no line terminators
Hash 97cea445c7c0cec6df1760fc0cf5fefb
69aef0529522fab7eb0a6807897ade7eb0f4e90c
19f00f952b91cd466ae2dceee052773304dcc4a7f103d9b87d0ea62f9c0d0f4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 17:20:25 GMT
ETag: "289e-5e8198751f720-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2744
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/uploads/astra-addon/astra-addon-6318d2dcda5f55-75895018.js?ver=3.6.0
83.169.41.94200 OK 8.1 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/astra-addon/astra-addon-6318d2dcda5f55-75895018.js?ver=3.6.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (42748), with no line terminators
Hash b0c8455f0e77fe9706f14e5e8eadb445
afafe31864b4d7702f0f5e745fd67cf03787415d
06f3db3eda76fff9b2587afdba8ec3a17d44f99e2a0effe1b879f889484def4e
GET /wp-content/uploads/astra-addon/astra-addon-6318d2dcda5f55-75895018.js?ver=3.6.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 17:20:28 GMT
ETag: "a6fc-5e819878315af-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 8057
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 02:15:14 GMT
Connection: keep-alive
energieberater-nordrhein-westfalen.de/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.4
83.169.41.94200 OK 11 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.4
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type C source textAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (48592), with no line terminators
Hash 13cd0ad0665e304568a86b0cb88e599e
c744ede694d0d135619aaa4368ac60c255dae71f
927156d852a86a7be4347e8b4eee9207c534ee6ff9c7b8f8c3ac670fd946d1de
GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.4 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 14 Oct 2022 16:18:57 GMT
ETag: "bdd0-5eb00fb9ffdf9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11184
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
83.169.41.94200 OK 7.2 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (25115)
Hash de752486ae6f3549ee513c4f7bd89b1c
7e415888c930d6952efce6ae601c37427ac2345e
d74a2945742950cd22705aa87f266a7eccc3a7949861da7e04cab475765206d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 16:13:00 GMT
ETag: "6272-5e95a73b28d5a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7157
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/isotope/isotope.min.js?ver=1.36.12
83.169.41.94200 OK 10 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/isotope/isotope.min.js?ver=1.36.12
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (11345)
Hash 8b7b22723ec414f667dc15fedf122571
fd3ce6f4be7b2855041d8190822c887edc6ed450
1d7bbfd85bd8f3ca5b85aa68078b023d4c9e58d8c538894613c07e4a5110df4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-elementor/assets/lib/isotope/isotope.min.js?ver=1.36.12 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 21 Oct 2022 16:22:21 GMT
ETag: "9341-5eb8dd8acab07-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10115
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb430e5efbc6c8c306fce87e26faf734
b05b7299a7e473e873510671a6abdd5227a53f46
c49d64e87ec8243a1ee7f214f21988b6f6a33ba93814ec31262d80e4a22b8504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe98a4c03-5fa3-4445-a037-d229b86c94a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8936
x-amzn-requestid: d0698fc0-e4c9-4633-9b64-df09be35b450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGBlIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7c78a1fc43552b934e6b8708;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gus8UKo03dRkfqPRhxnW6zzqx7o-2tZbbv-DsBSW7UREHPOA1uqdUw==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "b05b7299a7e473e873510671a6abdd5227a53f46"
content-type: image/jpeg
age: 16057
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e307787eef6193fe4988367feb5e07d9
f50d8270aeb43fb15457d961f925cf2b38060240
d69ba1c958614a831462b81a046bb6a59e353db0b63d23b060b84df124057452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabc32527-e3a5-4250-9792-7b6bceea4bac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9256
x-amzn-requestid: 25249b1e-6ef4-432c-b370-a645259c0727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aoeDVHAyIAMFo9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359aa15-73f252de0cc8d8246183f658;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:43:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V7UFjzwuVqIZJiJg_Q3BWuSd8B_aghBauo7NYg2EYT3MDme-jggsYA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 22:11:54 GMT
age: 14600
etag: "f50d8270aeb43fb15457d961f925cf2b38060240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d71555b55dd7d34a53b9e8252902da1
551ceee96287d4d5fa8c8f286baebd382c8aff67
ff2040a25f467fc41873bdb2c7ed9f28ab508e8096b54152607bd0b40580567f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4670
x-amzn-requestid: bd7ccf26-ed98-4252-82df-a8f17108fc2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvtEoYoAMFrCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fd-51c97f553b02f4750e78023a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:53 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AANmFqkisteLJO0nLhaNgo6NTfYSkLPEGf5zewefdRtPZbEziAPz3Q==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:45 GMT
etag: "551ceee96287d4d5fa8c8f286baebd382c8aff67"
content-type: image/jpeg
age: 16049
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
energieberater-nordrhein-westfalen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
83.169.41.94200 OK 4.2 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 09 Dec 2020 05:30:27 GMT
ETag: "2bd8-5b6015b59447d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4169
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4
83.169.41.94200 OK 1.8 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 12 Aug 2020 13:07:45 GMT
ETag: "15fd-5acaddfa79959-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1834
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
83.169.41.94200 OK 2.6 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.8 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "4824-5ea0f9b314deb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2592
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/slick/slick.min.js?ver=1.36.12
83.169.41.94200 OK 11 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/slick/slick.min.js?ver=1.36.12
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (42862)
Hash 36f4de3a1f9cbec36a382dca5e8d6e9c
42758ab254ef2cfdc7ba1485bd02bf39979d7378
1eef360b93bde2802d29aa3bc7c6c6a9c1db9796c926816c22132bec539936d6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-elementor/assets/lib/slick/slick.min.js?ver=1.36.12 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 21 Oct 2022 16:22:21 GMT
ETag: "a93e-5eb8dd8ac8bc7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10670
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
83.169.41.94200 OK 31 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Tue, 20 Jul 2021 17:31:00 GMT
ETag: "15db1-5c7916ae25248-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 30908
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8240214ef7bc82b09de023cde217beb9
0f432e521fc4392f528042c711139dc0becc5598
2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 16045
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/jquery-element-resize/jquery_resize.min.js?ver=1.36.12
83.169.41.94200 OK 1.4 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/jquery-element-resize/jquery_resize.min.js?ver=1.36.12
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (995)
Hash a12ed231f19efe3a084cb8694b7720c2
7b12cefbe5ecf7ba9f2ee18ca660cff9667cde27
9ff353804ac854f429127cf588317de7e78e42988fc5add5d2ed2c83fc65a72a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-elementor/assets/lib/jquery-element-resize/jquery_resize.min.js?ver=1.36.12 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 21 Oct 2022 16:22:21 GMT
ETag: "d5e-5eb8dd8ac87df-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1369
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:47:37 GMT
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
age: 16057
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c55f86a-4d60-4a05-9aad-db2291ea7aa9.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c55f86a-4d60-4a05-9aad-db2291ea7aa9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c83fbfade063f679745970f0023084a
5ad6d8f3b09a2caa826e58de4ea3f958515a32c8
b4bf608f8b9f43c797da337c674371d1b7b8ae3b206f8fedf5666f79df69541c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c55f86a-4d60-4a05-9aad-db2291ea7aa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3012
x-amzn-requestid: 7c09d99b-ec8e-4924-aa26-d89c0938d16c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aSsaUGhwoAMF7rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6350f441-4e13a3e832f9d75b404e9a41;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 07:09:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DJmtannQAGAH3BWXnODKoGnLjPxhRX24VARIPD9d4veAN89w1j9IBw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 12:31:05 GMT
age: 49449
etag: "5ad6d8f3b09a2caa826e58de4ea3f958515a32c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.7
83.169.41.94200 OK 2.4 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (5141)
Hash e186b0d6fdc598cefc74bbefe66d986a
c7500f9dd31b0bbd51aaef0b60ce919197dcd44e
259469986f91cf79e604c9c703aa0e50c177d8363a68620e39fff3ed1d39410f
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.7 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 16:13:00 GMT
ETag: "1440-5e95a73b13598-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2364
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.12
83.169.41.94200 OK 9.1 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.12
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (33716), with no line terminators
Hash a1738dc5527e5b40290219f75dfcebde
63e42a304fac5bca9de4e46cbde76c77a7926636
4bf77e879002ceb090ad1f2df2d13974f053aa9c8fb311e34fa0b8d13ff9fb01
GET /wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.12 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 21 Oct 2022 16:22:21 GMT
ETag: "83b4-5eb8dd8ab89f5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 9071
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/justifiedgallery/justifiedgallery.min.js?ver=1.36.12
83.169.41.94200 OK 5.0 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/justifiedgallery/justifiedgallery.min.js?ver=1.36.12
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (18351)
Hash 8eab2bddbfa60f879cad15f4997ee7cb
774781376ebf2090ee21b1dc9cc2f7e5d86f25ed
a86c9ca0813ece4c6b64721d91d2b9b525e9c72f44448888806d4cd6bba1aad1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-elementor/assets/lib/justifiedgallery/justifiedgallery.min.js?ver=1.36.12 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 21 Oct 2022 16:22:21 GMT
ETag: "484e-5eb8dd8aca337-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5020
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
83.169.41.94200 OK 2.5 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "194b-5dfcf42147d71-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2457
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
83.169.41.94200 OK 1.7 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (4875)
Hash 320b86bb1a9ce650a5e3553b2bb1c430
c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "132e-5dfcf4212ef01-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1661
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
83.169.41.94200 OK 7.1 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "4ac6-5dfcf421471b9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7095
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/fancybox/jquery_fancybox.min.js?ver=1.36.12
83.169.41.94200 OK 20 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor/assets/lib/fancybox/jquery_fancybox.min.js?ver=1.36.12
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (60980)
Hash e2c676e07a2c8d6fc22c67b9d771849e
e6ef7cf74f6dbb1a2f86d20f335ace4a0d73d270
6fe26d896ccb4eb14ff1a07a00ffb5177823989184c55b9c8ee71ca613fee5ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ultimate-elementor/assets/lib/fancybox/jquery_fancybox.min.js?ver=1.36.12 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 21 Oct 2022 16:22:21 GMT
ETag: "ef5a-5eb8dd8ac977f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 19935
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.7
83.169.41.94200 OK 5.7 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (21374)
Hash db3b93dd49507a7f0b1b95bbbc0cc450
89116e1953551e4c544c4f68c069b628b2580fe8
002eed6e37695cc5d9b76667f8b2708643bf0d0c9fb24fa88b48eacbfe1841b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.7 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 16:13:00 GMT
ETag: "53a9-5e95a73b150f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5714
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
83.169.41.94200 OK 3.0 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "2fa6-5ea0f9b315d8b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2993
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
83.169.41.94200 OK 6.9 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "50eb-5dfcf4211d5c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6914
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
83.169.41.94200 OK 2.2 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (4918)
Hash d0e4eb53954c6912b6bd9ec65c7077c7
914cff98ed617cd6147417b846c3de04fb551fc8
d81efc68c2e078e814a9753404ae8bc87f7eed14de224c2c42f426d20ef46bb6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "135d-5ea0f9b2f32d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2193
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
83.169.41.94200 OK 3.9 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash ca0cf10a1d933e4262c732da8f9008c1
d6fdc041e650cf096841671884db8854490dba72
fbd145cb64d3185e42b8a3f6fff22b3e4cc3550934b63a4f874c21c44f920702
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "27ee-5dfcf42130289-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3865
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
83.169.41.94200 OK 11 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 41e7307e69775772797b7cd940b4df0a
b9e0e06eeb178c11a7bbfdc0696bba4e695741d2
d9a2e4abd068e07870a30beaeb7471ace3c594816a0c6f8543773ea8e65a0954
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "80a1-5ea0f9b2f1f4f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10742
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.8
83.169.41.94200 OK 1.1 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.8
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (2620), with no line terminators
Hash 366a9c35bbef9fea7021f6b1b56cf8d0
18feab78c61c6e8261db364d6681a9633041e837
b1108a264198109bc4e692e30e2dc7c148625fa9a3dce15477fc7618669c7a6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.8 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "a3c-5ea0f9b3151d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1139
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
83.169.41.94200 OK 36 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65280)
Hash f2f239cb6e82311cd197aa5888632811
e2376a981fa3bf8e7e36e86b979f3a3ea6443d29
c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "21f91-5ea0f9b30f7fa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 35491
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.7
83.169.41.94200 OK 1.6 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (3703)
Hash dbb7b7eb1f27ef159dcd3e20d95d0ccf
fef3645e4691734fee4bac5a58c1d5d70acd6a1b
dd5eb456aa6a6ccad9a7eebd497a816aa22f73e5007a507ff8929192cd7d7c8e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.7 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 16:13:00 GMT
ETag: "e78-5e95a73b29142-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1586
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
83.169.41.94200 OK 3.4 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (10544)
Hash 88f71137b2a89a53df46cdb4deeb4e3d
426e12f0e8712db20afd2c54e77e1384074f3181
591a8b7a859de8af878c56e1ec72384596285f768387e9958f0a0afe53d89428
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "29ba-5ea0f9b313e4b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3446
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.8
83.169.41.94200 OK 13 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.8
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (43101)
Hash ed6c5f8b52b3c109636f3dda7b19c747
d13c32d25159b228f289afb9b4d050148a3b9caa
8537de213f0dcae52b7a0b14eb37555effd036cb7fa01578cd148ab8475a40c5
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.8 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "a884-5ea0f9b2f177f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 13121
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
83.169.41.94200 OK 12 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (40474)
Hash a6c577d8e3a2d401d3d8dc73be9bf1ea
f323e195b9ad4843d81de9715b0dd2efd978f65a
3c0b9b10be0457a0d48117486750dadde37937a9f15b3299383082c52590ec7e
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "9e41-5ea0f9b2f32d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 12045
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 02:15:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 625ad6aa33dda47097bff081ac75bf05
5f5bc1b567c8322e09f8f4fac2a542d063f83421
d9f85e2da8a3f517763eada5449029a0285aea770bb16be15de5a70d154f9565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1522
Cache-Control: max-age=149713
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:14 GMT
Etag: "63598991-117"
Expires: Fri, 28 Oct 2022 19:50:27 GMT
Last-Modified: Wed, 26 Oct 2022 19:25:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/lib/parallax-gallery/parallax-gallery.min.js?ver=1.0.0
83.169.41.94200 OK 891 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/lib/parallax-gallery/parallax-gallery.min.js?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (2696), with no line terminators
Hash 9bb0cb292f07393b12f070a88ced0cac
4a5f984164de3b2efcea4de7bb0d28ddd976b37e
faabd24e7a87aef5dc3413b696b66426067f7f67758a48e133341321cdadb138
GET /wp-content/plugins/elementor-extras/assets/lib/parallax-gallery/parallax-gallery.min.js?ver=1.0.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "a88-5cd76140a9ee5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 891
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/lib/hotips/hotips.min.js?ver=1.1.0
83.169.41.94200 OK 2.2 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/lib/hotips/hotips.min.js?ver=1.1.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (8108), with no line terminators
Hash 3661568b226450df0eaba057db689cb6
efcdcf6b1d5a7c467954b2d85d10420fb2015c19
afa5e02948cf30a33ef1a7d593498b80d83fc7e3f4bf8d5818441cc3884f6a7d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-extras/assets/lib/hotips/hotips.min.js?ver=1.1.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "1fac-5cd76140ae535-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2227
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.7
83.169.41.94200 OK 31 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65493)
Hash f6dda4694e20958cdb9eacd1a73bd140
e337470b9511ce1888fc37331f9699da69ee7a3b
966166a0f07b717271b6f9a4cfd1f0ffe471630d1944d882bb841f546fac426b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.7 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 16:13:00 GMT
ETag: "20de6-5e95a73b154d8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 31439
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 02:15:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9237
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 02:15:14 GMT
Connection: keep-alive
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/js/frontend.min.js?ver=2.2.51
83.169.41.94200 OK 18 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/assets/js/frontend.min.js?ver=2.2.51
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (31998)
Hash 12b0a76903b6a69a137fff11a2e2eb9c
27d532edacdc03008f0fceda5cbb2ba4d350f42a
2e291c576a0f9bcd0efcd9df06ae8e1fee8ed8db2fac1612be25ac60dc495435
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-extras/assets/js/frontend.min.js?ver=2.2.51 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "12ca3-5cd7614085cc4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 17977
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
83.169.41.94200 OK 13 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "33dc-5ea0f9b30a9da"
Accept-Ranges: bytes
Content-Length: 13276
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/open-sans-normal-latin-400.woff2
83.169.41.94200 OK 17 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/open-sans-normal-latin-400.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 16720, version 1.0\012- data
Hash c416910cae8fe4258cdf8c35933e9f4c
4a768ba0a3abc49b572c08c235db9f066ffc2b18
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/astra-google-fonts/open-sans-normal-latin-400.woff2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/astra-google-fonts.css?ver=1659959053
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:59:31 GMT
ETag: "4150-5e5ba6302ca33"
Accept-Ranges: bytes
Content-Length: 16720
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
83.169.41.94200 OK 77 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "12bdc-5ea0f9b30a20a"
Accept-Ranges: bytes
Content-Length: 76764
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
83.169.41.94200 OK 78 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "13174-5ea0f9b30a9da"
Accept-Ranges: bytes
Content-Length: 78196
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
maps.google.com/maps?q=Brandenburger%20Tor%2C%20Berlin%2C%20Deutschland&t=m&z=10&output=embed&iwloc=near
216.58.211.14301 Moved Permanently 307 B URL HTTP/2 maps.google.com/maps?q=Brandenburger%20Tor%2C%20Berlin%2C%20Deutschland&t=m&z=10&output=embed&iwloc=near
IP 216.58.211.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 36fb848a47e8c6a310f95b65c2e8a881
45114e78aca638a5bdd867dca18a5a9fae1c31d0
8f1dd870197f4890fdedd22806ff9742f972da83b99d67dda9934a9cea2806c3
GET /maps?q=Brandenburger%20Tor%2C%20Berlin%2C%20Deutschland&t=m&z=10&output=embed&iwloc=near HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 27 Oct 2022 02:15:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sBrandenburger+Tor,+Berlin,+Deutschland!5e0!6i10
content-type: text/html; charset=UTF-8
server: mafe
content-length: 307
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 625ad6aa33dda47097bff081ac75bf05
5f5bc1b567c8322e09f8f4fac2a542d063f83421
d9f85e2da8a3f517763eada5449029a0285aea770bb16be15de5a70d154f9565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1523
Cache-Control: max-age=149713
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:15 GMT
Etag: "63598991-117"
Expires: Fri, 28 Oct 2022 19:50:28 GMT
Last-Modified: Wed, 26 Oct 2022 19:25:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Startseite-scaled.jpg
83.169.41.94200 OK 336 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Startseite-scaled.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 299x299, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, description=shake hands isolated on white background, orientation=upper-left, xresolution=188, yresolution=196, resolutionunit=3, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2017:02:10 11:08:24], baseline, precision 8, 2560x1842, components 3\012- data
Size 336 kB (335519 bytes)
Hash facbcb05ed5ab8e39f6e4b4e3a6a5a1f
0a58a149269e673aed1ddb83e8b14b690afc818d
daa7cd4aaba2a45723acccc6bdb3c782fdf22da6341034e9604083b6967e2347
GET /wp-content/uploads/2020/03/Startseite-scaled.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-23.css?ver=1646070080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "51e9f-5a5e6afe31bda"
Accept-Ranges: bytes
Content-Length: 335519
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Kontakt_Schmidt.jpg
83.169.41.94200 OK 175 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Kontakt_Schmidt.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Email at symbol in the sand at the beach, manufacturer=Canon, model=Canon EOS 5DS R, orientation=upper-left, xresolution=197, yresolution=205, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2017:05:08 15:23:32], baseline, precision 8, 1920x1280, components 3\012- data
Size 175 kB (174616 bytes)
Hash 01437aff0a9b4d72e26cfef0baf7baae
04527de2004c92c2cda245294e28c4a5a94f811e
f7fc165b0a3376f43a6cbc99e72069b0521679112bb0a0e00e738c9c1abbf578
GET /wp-content/uploads/2020/03/Kontakt_Schmidt.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-157.css?ver=1646070080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "2aa18-5a5e6afe2b64a"
Accept-Ranges: bytes
Content-Length: 174616
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 77b5da0f60755df91da1b98333c6d33c
0c36c5f1063e2ef41d02e26ddf9ed1e0a490e6b4
085b499d52d53965301db8affc692e09876290e5d67bf09c83178cc54384999f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Startseite-Oben-1-scaled.jpg
83.169.41.94200 OK 519 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Startseite-Oben-1-scaled.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Green eco house environmental background in field for future residential building plot, manufacturer=Canon, model=Canon EOS 5DS R, orientation=upper-left, xresolution=243, yresolution=251, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2017:07:03 13:12:24], baseline, precision 8, 2560x1707, components 3\012- data
Size 519 kB (519039 bytes)
Hash 3cdff815ceae2ea553fd701321e9bafa
4c24bd9f3c7aa5335fe952acc29871e8b5d31c51
a15c9725b714f5c832de72b11000444a4512327f2c925803be45330b17f31e42
GET /wp-content/uploads/2020/03/Startseite-Oben-1-scaled.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-23.css?ver=1646070080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "7eb7f-5a5e6afe2f4ca"
Accept-Ranges: bytes
Content-Length: 519039
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/complianz/css/banner-1-optin.css?v=10
83.169.41.94200 OK 2.9 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/complianz/css/banner-1-optin.css?v=10
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (15883), with no line terminators
Hash 192bb2657048df667dfac5cfc8afcad4
88832995920b263c802aef8e1ee901178fcf91b0
56ce08ba1eeb03a165b47526134472151b0b3d21f5e852685651759c62c74b79
GET /wp-content/uploads/complianz/css/banner-1-optin.css?v=10 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 16:10:44 GMT
ETag: "3e0b-5e7f0526636d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2936
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/cropped-fav-energie-1-192x192-66x66-1-192x192.png
83.169.41.94200 OK 13 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/cropped-fav-energie-1-192x192-66x66-1-192x192.png
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a5915e92b794cdeb6983854ef36f5f71
3204ae97b32188ee5ce66a513af0913361b68037
f141c919d646639918b3bf958bda6ef0b4a79a55dabe32cbd7446f66790ee1a5
GET /wp-content/uploads/2020/03/cropped-fav-energie-1-192x192-66x66-1-192x192.png HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "3488-5a5e6afe3799a"
Accept-Ranges: bytes
Content-Length: 13448
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/cropped-fav-energie-1-192x192-66x66-1-32x32.png
83.169.41.94200 OK 1.1 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/cropped-fav-energie-1-192x192-66x66-1-32x32.png
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d3373d9ac83e79cf2e31b322a34ed19
937bd21af9eeec865329e820801202342959f7c3
f77ca81f12ef2d91de4cee028dd3ad9b8aa2d6346f976b67cdb2d7af2727dbca
GET /wp-content/uploads/2020/03/cropped-fav-energie-1-192x192-66x66-1-32x32.png HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "423-5a5e6afe37d82"
Accept-Ranges: bytes
Content-Length: 1059
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
83.169.41.94200 OK 93 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 16:20:32 GMT
ETag: "16cbc-5ea0f9b30f02a"
Accept-Ranges: bytes
Content-Length: 93372
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energieberatung-Nordrhein-Westfalen.jpg
83.169.41.94200 OK 194 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energieberatung-Nordrhein-Westfalen.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=15, height=3508, bps=0, PhotometricIntepretation=CMYK, description=German text Energieberatung, translate Energy Consulting. Eps 10 vector file., orientation=upper-left, width=4961], baseline, precision 8, 2435x1722, components 3\012- data
Size 194 kB (193670 bytes)
Hash a7f27660a20bc284744606f4767bebfc
ed74858041da8e1c61cf5bdcf551bf70cd171d80
b15f4e837944f181a81840aef154ca688b0b916cc3093afe96a06384f58dfa3a
GET /wp-content/uploads/2020/03/Energieberatung-Nordrhein-Westfalen.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "2f486-5a5e6afe1d3ba"
Accept-Ranges: bytes
Content-Length: 193670
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energiekonzepte-Nordrhein-Westfalen.jpg
83.169.41.94200 OK 214 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energiekonzepte-Nordrhein-Westfalen.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, height=2959, bps=206, compression=none, PhotometricIntepretation=RGB, description=Energy efficiency rating of buildings for sustainable development, orientation=upper-left, width=4439], baseline, precision 8, 2432x1724, components 3\012- data
Size 214 kB (213532 bytes)
Hash 2fcd24817cc670138cf4685692849a3c
72600b74f159eda55d4995eb8d6b9f214525baeb
68c597cfbc8ff2149bc4e5b364451ea6c09b11337efd977b96238afe2f9103aa
GET /wp-content/uploads/2020/03/Energiekonzepte-Nordrhein-Westfalen.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "3421c-5a5e6afe22d92"
Accept-Ranges: bytes
Content-Length: 213532
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energieeffizienz-Nordrhein-Westfalen.jpg
83.169.41.94200 OK 233 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energieeffizienz-Nordrhein-Westfalen.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2432x1724, components 3\012- data
Size 233 kB (233205 bytes)
Hash 603641aefa17f4a924485af0d066dac7
78756d4525176e05612b934fab73649a647fc495
559234c86bdd03a0cf98b9e75b83285d1a5228ab548abb132712eb3fa13242bc
GET /wp-content/uploads/2020/03/Energieeffizienz-Nordrhein-Westfalen.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "38ef5-5a5e6afe1f2fa"
Accept-Ranges: bytes
Content-Length: 233205
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energieausweis-Nordrhein-Westfalen.jpg
83.169.41.94200 OK 480 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energieausweis-Nordrhein-Westfalen.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2508x1672, components 3\012- data
Size 480 kB (480520 bytes)
Hash 071be1840f7c00cd72fe1c4168274d52
c43a645a64992295d555efaa2ee165a82f301c89
3cd2e113bd4a263c53134278586db348ec59bdc1f213665499d1e91ae2c16bea
GET /wp-content/uploads/2020/03/Energieausweis-Nordrhein-Westfalen.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "75508-5a5e6afe1953a"
Accept-Ranges: bytes
Content-Length: 480520
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energiesparen-Nordrhein-Westfalen.png
83.169.41.94200 OK 127 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energiesparen-Nordrhein-Westfalen.png
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type PNG image data, 1280 x 719, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (126646 bytes)
Hash 8f52b020a822f1cdba76e5d65ab77bee
e8e83e0ef4da808f18393004b3cd2719a92d24b0
449f3800589b360350d7e9b43eb671d79a536172c9dbca88148e1e48329f3c97
GET /wp-content/uploads/2020/03/Energiesparen-Nordrhein-Westfalen.png HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "1eeb6-5a5e6afe2394a"
Accept-Ranges: bytes
Content-Length: 126646
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energiegutachten-Nordrhein-Westfalen.jpg
83.169.41.94200 OK 343 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energiegutachten-Nordrhein-Westfalen.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D800E, xresolution=4296, yresolution=4304, resolutionunit=2, software=Adobe Photoshop Lightroom 6.4 (Windows), datetime=2016:04:04 22:41:21], baseline, precision 8, 2507x1673, components 3\012- data
Size 343 kB (342858 bytes)
Hash 05d357599ae688ffa91a99c04e1fd579
dedfef7b8c414c9e9d073647d7e2d97ecd8871d4
e734bdc5b7fdf71116a5322e84f17c6ba6f56b6b1fbcdc5afd88ca31b75f1c9f
GET /wp-content/uploads/2020/03/Energiegutachten-Nordrhein-Westfalen.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "53b4a-5a5e6afe2123a"
Accept-Ranges: bytes
Content-Length: 342858
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Geba%CC%88udeenergieberatung-Nordrhein-Westfalen.jpg
83.169.41.94200 OK 488 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Geba%CC%88udeenergieberatung-Nordrhein-Westfalen.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 2508x1672, components 3\012- data
Size 488 kB (488496 bytes)
Hash 61504fba56810ea9265e4f4b5b8a9651
6a57af4b2f06daae2983f3c88ee0f32a6b16f1fd
4280517f9a33aec38efa00a04f63816a467940dd6d3f03ad01ebc26a0f5db1d8
GET /wp-content/uploads/2020/03/Geba%CC%88udeenergieberatung-Nordrhein-Westfalen.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "77430-5a5e6afe2605a"
Accept-Ranges: bytes
Content-Length: 488496
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Thermografie-Nordrhein-Westfalen.jpg
83.169.41.94200 OK 736 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Thermografie-Nordrhein-Westfalen.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=19, height=3189, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=Heat Loss Detection of the House Facade With Infrared Thermal Camera, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=4833], baseline, precision 8, 2413x1738, components 3\012- data
Size 736 kB (736240 bytes)
Hash 98f2e1a1b1739824cf2f791270943dfc
9f95558b7d7be9b8c214ebd44d22c57b8e77f817
619a72150f31fd15a3b7d15285f41340a68b6d98f2c3f3a138a233283548cdc4
GET /wp-content/uploads/2020/03/Thermografie-Nordrhein-Westfalen.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "b3bf0-5a5e6afe375b2"
Accept-Ranges: bytes
Content-Length: 736240
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sBrandenburger+Tor,+Berlin,+Deutschland!5e0!6i10
142.250.74.164200 OK 1.1 kB URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sBrandenburger+Tor,+Berlin,+Deutschland!5e0!6i10
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1708)
Hash b333daffa84956d002c36e1c9be5c34c
6cf602ee86609f916cb47054e40cbfc5d7b2bc15
e0ed818b9f920e9a8a108a2b50e369ad136850f7fe30451859dc63ea6285d60b
GET /maps/embed?origin=mfe&pb=!1m4!2m1!1sBrandenburger+Tor,+Berlin,+Deutschland!5e0!6i10 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://energieberater-nordrhein-westfalen.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 02:15:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-lWMkCv-ceOP5eX-WWC4Jdw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1061
x-xss-protection: 0
server-timing: gfet4t7; dur=581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Hauskaufberatung-Nordrhein-Westfalen-scaled.jpg
83.169.41.94200 OK 519 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Hauskaufberatung-Nordrhein-Westfalen-scaled.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Green eco house environmental background in field for future residential building plot, manufacturer=Canon, model=Canon EOS 5DS R, orientation=upper-left, xresolution=243, yresolution=251, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2017:07:03 13:12:24], baseline, precision 8, 2560x1707, components 3\012- data
Size 519 kB (519039 bytes)
Hash 3cdff815ceae2ea553fd701321e9bafa
4c24bd9f3c7aa5335fe952acc29871e8b5d31c51
a15c9725b714f5c832de72b11000444a4512327f2c925803be45330b17f31e42
GET /wp-content/uploads/2020/03/Hauskaufberatung-Nordrhein-Westfalen-scaled.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "7eb7f-5a5e6afe28f3a"
Accept-Ranges: bytes
Content-Length: 519039
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energieberater-Nordrhein-Westfalen.jpg
83.169.41.94200 OK 292 kB URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/2020/03/Energieberater-Nordrhein-Westfalen.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D800E, xresolution=4296, yresolution=4304, resolutionunit=2, software=Adobe Photoshop Lightroom 6.4 (Windows), datetime=2016:04:04 22:41:19], baseline, precision 8, 2507x1673, components 3\012- data
Size 292 kB (291567 bytes)
Hash e8f5d28c356884fbd8ec770bb2bb3914
25682b7d4b2263b6e6406f3bc1015ec36be8b9f9
c3558d7ecc80403890856f78694df1a0499705a352903065b13b9ec322634037
GET /wp-content/uploads/2020/03/Energieberater-Nordrhein-Westfalen.jpg HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:15 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "472ef-5a5e6afe1b862"
Accept-Ranges: bytes
Content-Length: 291567
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
142.250.74.10200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP 142.250.74.10:0
File type ASCII text, with very long lines (2472)
Hash 13f0a14366af655b30d0fbfa48503549
393a22d52b4ef043ac7ff2fa383dde45b60c9652
cbd6217d102bad4d86611317e4a71fcda5813d20ff0ee832d0d057417a298f60
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56631
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
date: Thu, 27 Oct 2022 02:08:22 GMT
expires: Thu, 27 Oct 2022 02:38:22 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/50/11/init_embed.js
142.250.74.163200 OK 68 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/11/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash fe23a44f7d6b847f4f00e9676d7b214e
34375bbc682dcd32e32b0d10151d4b9ebaaa837a
8b5a83cdc1ad4b095bdd0a954eb0de85fd0110476b6c7b15c3118ff2356d3d1f
GET /maps-api-v3/embed/js/50/11/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68539
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 20:52:38 GMT
expires: Thu, 26 Oct 2023 20:52:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Oct 2022 20:31:12 GMT
content-type: text/javascript
age: 19358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 02:15:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/raleway-normal-latin-400.woff2
83.169.41.94200 OK 0 B URL HTTP/1.1 energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/raleway-normal-latin-400.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/astra-google-fonts/raleway-normal-latin-400.woff2 HTTP/1.1
Host: energieberater-nordrhein-westfalen.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/astra-google-fonts.css?ver=1659959053
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 02:15:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:59:31 GMT
ETag: "5320-5e5ba63050c54"
Accept-Ranges: bytes
Content-Length: 21280
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive