ra-tigges.de/
83.169.41.94301 Moved Permanently 291 B IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6910bcff32e5bd824ee36a8803edfd2c
aaf354f0c862fba10333313dc9e45930fa935c2e
3ba8c242b45f8d116f23bdae4383a809f018e2fdabbf18ae9aa58972ba4bfb77
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 06:44:13 GMT
Server: Apache
Location: https://ra-tigges.de/
Content-Length: 291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12217
Expires: Sun, 27 Nov 2022 10:07:50 GMT
Date: Sun, 27 Nov 2022 06:44:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15309
Expires: Sun, 27 Nov 2022 10:59:22 GMT
Date: Sun, 27 Nov 2022 06:44:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2408
Cache-Control: max-age=102423
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 06:44:13 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:11:16 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N20tT2kwBXFzjN1o33ClPNZkEFTGzriwv+7bEioBbniqklKu0cOQBqXhTEc82It59/7H2uk8oag=
x-amz-request-id: E624PDR844Z7Z713
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 06:41:32 GMT
age: 161
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 06:17:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1597
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 06:44:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3e7f35f862c59292993f6c4b2e1ef208
6f0e33fe1e86ca2a3640f406df7b676110395130
726f62810f6e1d67424da25b6a472b9fa86550b28d6b24c5c03d22cbec479872
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "726F62810F6E1D67424DA25B6A472B9FA86550B28D6B24C5C03D22CBEC479872"
Last-Modified: Sat, 26 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 27 Nov 2022 12:44:13 GMT
Date: Sun, 27 Nov 2022 06:44:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 06:08:54 GMT
cache-control: public,max-age=3600
age: 2119
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2935
Cache-Control: max-age=97892
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 06:44:14 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 09:55:46 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ra-tigges.de/
83.169.41.94200 OK 16 kB IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 79c3a43224af202ecfd047e0cf177916
75e5d3758fd51853af278c7e07d75f621d2b035e
dcbb7e72f01e52aa4f8a89bb9c65ff6805f0498238fb57a29f66bbbc3dff8448
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:13 GMT
Server: Apache
Link: <https://ra-tigges.de/wp-json/>; rel="https://api.w.org/", <https://ra-tigges.de/wp-json/wp/v2/pages/1873>; rel="alternate"; type="application/json", <https://ra-tigges.de/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.4.16, PleskLin
Content-Length: 15559
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ra-tigges.de/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
83.169.41.94200 OK 12 kB URL HTTP/1.1 ra-tigges.de/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 05:14:13 GMT
ETag: "172a9-5ed8f8b21866e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 12518
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/cmssuperheroes/assets/css/cms-style.css?ver=6.1.1
83.169.41.94200 OK 235 B URL HTTP/1.1 ra-tigges.de/wp-content/plugins/cmssuperheroes/assets/css/cms-style.css?ver=6.1.1
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 9b4bd8bfe381ad93a2d49f4b2b2f7a10
984c1b39f88296414947d33326dc9285cd39ee40
d326dc0cfb07133aa627f62693fc34d80ab0cf2654618b630b3ed5d6d1e2a8ac
GET /wp-content/plugins/cmssuperheroes/assets/css/cms-style.css?ver=6.1.1 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:50:40 GMT
ETag: "24e-597232e4cfc00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 235
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-includes/css/classic-themes.min.css?ver=1
83.169.41.94200 OK 189 B URL HTTP/1.1 ra-tigges.de/wp-includes/css/classic-themes.min.css?ver=1
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 05:13:42 GMT
ETag: "d9-5ec75e77cf14d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 189
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/uploads/omgf/wp-elementy-poppins/wp-elementy-poppins.css?ver=1659958852
83.169.41.94200 OK 465 B URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/wp-elementy-poppins/wp-elementy-poppins.css?ver=1659958852
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 3108123fce9353491179314eaf811139
a0437f152bfea329227cfdedaeae943047bae1e8
1ede57430a9e5fb9dd9965af96cb6bbc03a3b6cecf787da26fc12c7c0fc33102
GET /wp-content/uploads/omgf/wp-elementy-poppins/wp-elementy-poppins.css?ver=1659958852 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 11:49:43 GMT
ETag: "fd4-5e5b969630798-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 465
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
83.169.41.94200 OK 972 B URL HTTP/1.1 ra-tigges.de/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 17:12:19 GMT
ETag: "aab-5eb664fa8c091-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 972
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7
83.169.41.94200 OK 9.6 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 3c7f295d5d0c4ae7fc2a952a15e52955
bffc889b83980ff7072302b6a9a259995a71869e
69abe3628e56319b88059ce432fcc943a086d3b203aa396534ec46ca527f43dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:53:32 GMT
ETag: "9b4b-59723388d7f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 9552
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.5
83.169.41.94200 OK 713 B URL HTTP/1.1 ra-tigges.de/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.5
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (2723), with no line terminators
Hash 7e67979bdd7b91ff88c5113cd3db186e
1ef16fddac63946359c3d47b46d1985c3961ea26
10f99207a897bca4be545b3a4a330907e90e0dc49326c774946393ed4adcd83c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.5 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 17:13:15 GMT
ETag: "aa3-5ece489fcda1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 713
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/uploads/omgf/wp-elementy-monserrat/wp-elementy-monserrat.css?ver=1659958852
83.169.41.94200 OK 407 B URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/wp-elementy-monserrat/wp-elementy-monserrat.css?ver=1659958852
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash d268e15e8c98311a3e7ae0b989ca89d5
0977e79cf84042cb70146d017948463533b33bbc
a0a4d59e7304fc7d48e9d5e56555b05f5b94a4c24fcbf75b2749d2ee2fc771e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/wp-elementy-monserrat/wp-elementy-monserrat.css?ver=1659958852 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 11:49:42 GMT
ETag: "69c-5e5b969569be4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 407
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/uploads/omgf/wp-elementy-josefin/wp-elementy-josefin.css?ver=1659958852
83.169.41.94200 OK 505 B URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/wp-elementy-josefin/wp-elementy-josefin.css?ver=1659958852
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 60bf650352b218cdeb9bf7888f056938
fab329ee571025d2d859a9267abb9c936d83c410
4cff76779905a952d83c13af1b4e4b5815fc72548d847b83f6b9dfe9f4f1028a
GET /wp-content/uploads/omgf/wp-elementy-josefin/wp-elementy-josefin.css?ver=1659958852 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 11:49:43 GMT
ETag: "197c-5e5b9696a991a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 505
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/themes/wp-elementy/assets/css/custom-dynamic.css?ver=6.1.1
83.169.41.94200 OK 81 B URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/css/custom-dynamic.css?ver=6.1.1
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 5536fb2c4ac10e8c5e86e62f31ee2832
50cc46655782756ab3eb93bfa2c1ec1ac0f11a66
39a30d64a67ebd16f7952671ae934b5dad09f11f2942a95adeb5fbed849d24e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/css/custom-dynamic.css?ver=6.1.1 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:06 GMT
ETag: "45-55d60409fa080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 81
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
83.169.41.94200 OK 7.0 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (30308)
Hash cbeba0bff031d2d7baf059379c3cd172
11e52fab1e83dbc5b6eac9d5a3483343256c0a28
2da9e38ac7698c4083d5e9741744a003a172345a49562bd29b54a91c39a69376
GET /wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:51:50 GMT
ETag: "7706-5972332791980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7036
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/themes/wp-elementy/assets/css/fonts-icon.css?ver=20121010
83.169.41.94200 OK 6.5 kB URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/css/fonts-icon.css?ver=20121010
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (21759)
Hash bfd04b736764160bc25b08c5a8fb1fb4
9dc65e9a41ade5bc323251040d0aba2203cfa8dd
0cb3e248e0179316ad8456ce4255a2f3149caf8248cf4bcc64dcb3dee89bc7c0
GET /wp-content/themes/wp-elementy/assets/css/fonts-icon.css?ver=20121010 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:06 GMT
ETag: "912f-55d60409fa080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6502
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/themes/wp-elementy/assets/css/owl.carousel.min.css?ver=2.0.0
83.169.41.94200 OK 886 B URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/css/owl.carousel.min.css?ver=2.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (3592), with no line terminators
Hash 206fabdcecad622fca5025a6bd5ddadc
eeb9cbeb39c307fe5ffea6cc99f324598f9fcaf1
ad2a978f9831ca9c0cff876b285016f4fed125ec007c2666da94967adfd10def
GET /wp-content/themes/wp-elementy/assets/css/owl.carousel.min.css?ver=2.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:06 GMT
ETag: "e08-55d60409fa080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 886
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/themes/wp-elementy/assets/css/animate.min.css?ver=1.0.0
83.169.41.94200 OK 3.6 kB URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/css/animate.min.css?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (53660)
Hash 2f06024fb147bf6ed9d613ed968e4098
dd17eac2c23a0601fa86abcb3381b7373831ad73
511900052bfbb80f75627109bd9964e08d27a65a0930963a948c06fe772c00ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/css/animate.min.css?ver=1.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:06 GMT
ETag: "d1ae-55d60409fa080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3598
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/themes/wp-elementy/assets/css/text-rotator.css?ver=1.0.0
83.169.41.94200 OK 2.7 kB URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/css/text-rotator.css?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash ac9873983c648a257607aa4a77f2517c
7450322c924fc961134eb09a706d41c85b5c9f18
941614b19ff28a37e4ac123bec2d34b1b64b06151c89dcf8d806df69d2a204d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/css/text-rotator.css?ver=1.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:06 GMT
ETag: "66ca-55d60409fa080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2711
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/themes/wp-elementy/assets/css/bootstrap.min.css?ver=3.3.2
83.169.41.94200 OK 20 kB URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/css/bootstrap.min.css?ver=3.3.2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65291)
Hash 4826dbc8497839b36cb08abecd38362f
176e00fd95d6ed7bd1b8819b4ae8099eea4d30d9
20a1eb2b20518789db37b824d62cc31d61775da8e9a23a50a86cf41318701a3d
GET /wp-content/themes/wp-elementy/assets/css/bootstrap.min.css?ver=3.3.2 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:06 GMT
ETag: "1d9d6-55d60409fa080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 19760
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/themes/wp-elementy-child/style.css?ver=6.1.1
83.169.41.94200 OK 371 B URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy-child/style.css?ver=6.1.1
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash e7e3383e0e8a9b5a95b2e127758bf908
4af87b106fb0b15545b55ad2056926babccbed8c
df6be0c9a1a02b002c528154d1e063c76bab5a1b462793ed7399706bf1647886
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy-child/style.css?ver=6.1.1 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Fri, 22 Jul 2016 12:39:36 GMT
ETag: "258-53838ba271200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 371
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/themes/wp-elementy/assets/css/option-default.css?ver=1.0.0
83.169.41.94200 OK 628 B URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/css/option-default.css?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (3716), with no line terminators
Hash 732cc96f39b042a784e62abff9914ceb
b4f0842d1e40698e7908e3234f355bab28f5bcf3
3be07461601dbf9b483903346ab91b63611a8468095e6d6f87eb51139b8655bc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/css/option-default.css?ver=1.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:06 GMT
ETag: "e84-55d60409fa080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 628
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/newsletter/style.css?ver=7.5.6
83.169.41.94200 OK 1.2 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/newsletter/style.css?ver=7.5.6
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash efdd902a4a2785e263af1bc9789087a3
9c43991cc8be7245d2220bf749521bfb2eef7b4b
65518f98fd22862efde1673e5865a2755a2bb6cd2e2ac259706dbd1b8ae3ee17
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/newsletter/style.css?ver=7.5.6 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 17:13:40 GMT
ETag: "188a-5ed20e5012bc2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1198
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
83.169.41.94200 OK 4.2 kB URL HTTP/1.1 ra-tigges.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 14 Dec 2020 13:17:27 GMT
ETag: "2bd8-5b66c76b49ecd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4169
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/themes/wp-elementy/assets/css/static.css?ver=1.0.0
83.169.41.94200 OK 49 kB URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/css/static.css?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (308), with CRLF, LF line terminators
Hash 52847c5fb29f9f62105d3211f660b8eb
09f7bbe76e40fe03cbe43eab50fda9e5cbfc0f1c
e6f108019fcf93cf0665405dd909514cb1d315c9e65e4daf5ff945e616d46b58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/css/static.css?ver=1.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:58:05 GMT
ETag: "621e5-5972348d32540-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 49025
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.4.7
83.169.41.94200 OK 45 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 29368eed220e9313fb3d3dcdcf9b78ae
936fbea6e2afe5bd013adeed18c3dbccdf1ff441
e2bee47830e040ccdb71fedbe019d9487985fac8fb3e1db2d9f2b7118b182fb3
GET /wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:51:50 GMT
ETag: "70d6e-5972332791980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 44917
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
34.213.121.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.121.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fUc50o8Se0u5nPtXhuIQtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T8tQru/re6WTzUCYl7FkgP9UvFQ=
ra-tigges.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
83.169.41.94200 OK 31 kB URL HTTP/1.1 ra-tigges.de/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 05:13:40 GMT
ETag: "15e54-5ec75e762ecf8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 30995
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7
83.169.41.94200 OK 38 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash b3f6ae7f52e3ddf070f5feabadc734bf
dac54ab898bdcf072dbdbbde6f9510a297fe0a77
cdefb165539978a80a9f42c532f89ca421cf95ee58a1ac1a60704b7985b8301e
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:53:32 GMT
ETag: "1afe3-59723388d7f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 38335
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/omgf-stylesheet-76.css?ver=1659958852
83.169.41.94200 OK 464 B URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/omgf-stylesheet-76.css?ver=1659958852
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 317afa913d9580d270a704ce4b49ad7a
709ff0e26dcf0957f62710380d5e8f7ab6234045
bee3f52ffebb94949a5594519bd24e81e6af58ae10b3ce006c51279b0f7d96c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/omgf-stylesheet-76/omgf-stylesheet-76.css?ver=1659958852 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:45:14 GMT
ETag: "cb0-5e5ba2fec9fb8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 464
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7
83.169.41.94200 OK 18 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (64567), with CRLF line terminators
Hash 2f287b04043eea548856b25652c26841
ef341d6545bfe2bb12bbc12666bb548021fe7cb7
8c50b22a780d5ef9d47be2c79bbe9437a18cce742324a099d03b69b927f45c06
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:53:32 GMT
ETag: "fd88-59723388d7f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 17984
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/themes/wp-elementy/assets/js/plugins.min.js?ver=1.0.0
83.169.41.94200 OK 32 kB URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/js/plugins.min.js?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (32003)
Hash f6f2652800734e254fbc371985a73add
e2447003575401e15c3109a5fec9d3c46da377d2
3f5ae61442b725edc376c42c1bcbbe73aa8b30ff4ebb222b6e6c0cc67afe2526
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/js/plugins.min.js?ver=1.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:08 GMT
ETag: "1b9f7-55d6040be2500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 32011
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/themes/wp-elementy/assets/js/simple.likes.js?ver=1.0
83.169.41.94200 OK 482 B URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/js/simple.likes.js?ver=1.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 93503ded75c0a9ce9a936027b17542e9
51643482b4bc34ba56cb1921480065ebbcd62ff7
2c0cd1a77dc581061ba7fe956c033fdcfb19869775dabb5abf1fead87cace7dc
GET /wp-content/themes/wp-elementy/assets/js/simple.likes.js?ver=1.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:08 GMT
ETag: "5ec-55d6040be2500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 482
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
83.169.41.94200 OK 2.9 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 17:12:19 GMT
ETag: "26d1-5eb664fa8d031-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2937
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/plugins/js-composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.7
83.169.41.94200 OK 2.6 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/js-composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (7808)
Hash ce37923565b26522f8e8cbd5070f03a1
139bdb311e96f326a2a7040e012a32bfa5331251
2c3ab394646b898c62e876a367ca8ac8dd9a81ff46559d3e4765487b7125b0d3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js-composer/assets/lib/waypoints/waypoints.min.js?ver=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:51:50 GMT
ETag: "1f6c-5972332791980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2615
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/themes/wp-elementy/assets/js/simple.likes.js?ver=1.0.0
83.169.41.94200 OK 482 B URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/js/simple.likes.js?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 93503ded75c0a9ce9a936027b17542e9
51643482b4bc34ba56cb1921480065ebbcd62ff7
2c0cd1a77dc581061ba7fe956c033fdcfb19869775dabb5abf1fead87cace7dc
GET /wp-content/themes/wp-elementy/assets/js/simple.likes.js?ver=1.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:08 GMT
ETag: "5ec-55d6040be2500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 482
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
83.169.41.94200 OK 4.0 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 17:12:19 GMT
ETag: "3016-5eb664fa89598-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3957
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/themes/wp-elementy/assets/js/main.js?ver=1.0.0
83.169.41.94200 OK 6.1 kB URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/js/main.js?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (623)
Hash c969553cb98796938c5de0ebf1676e58
d499a675f267065cf1594723b79a40f53a4c3ad1
1679042dcaa3b56ee859d73b373da97a7da9c849f83f8fb5285d87300111d6cc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/js/main.js?ver=1.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:08 GMT
ETag: "5a19-55d6040be2500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6074
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/themes/wp-elementy/assets/js/menu.js?ver=1.0.0
83.169.41.94200 OK 870 B URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/js/menu.js?ver=1.0.0
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Hash 0d367ecef8c2811d0915e6c4aede8adc
3b4aa1c9eaf502066d58d40e8fb56d677500dc01
d26fa3ad4961c9e249f9584c46de4e31d11b559708fd5b666d1d30e5ad530b9a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/js/menu.js?ver=1.0.0 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:08 GMT
ETag: "cca-55d6040be2500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 870
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.5
83.169.41.94200 OK 11 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.5
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type C source textAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (48616), with no line terminators
Hash df50cc222535c8a049c0b226474200ee
4822674f97308aa67642ca74b09d821b1cf0e489
6908314d6a7eec69c86843d234449e6dd04ee6a0ec97a532af6474e86097cfdb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.5 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 17:13:15 GMT
ETag: "bde8-5ece48a048703-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11188
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7
83.169.41.94200 OK 5.7 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (19781), with no line terminators
Hash 71d4a975deba5e39fd33961e72ca819b
42a59c27b10a93488444d23b36c3907341ff0c52
6740f99dcf4d84c7867b015dd5238c7feeb02ff64dc12619e61f7adeecbc5fb0
GET /wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:51:50 GMT
ETag: "4d45-5972332791980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5712
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/uploads/2019/11/branding.png
83.169.41.94200 OK 4.8 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/2019/11/branding.png
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type PNG image data, 385 x 86, 8-bit colormap, non-interlaced\012- data
Hash 3f71d0db8269be413182837128d8dc04
a489457c24be359501109bebdd259a27cfd25b11
0b9fa97af4d61a92c6bf015fa9204d53dc5afedcfe261ef3dd3f020e8094afce
GET /wp-content/uploads/2019/11/branding.png HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 10:23:14 GMT
ETag: "129b-59723a2c4a880"
Accept-Ranges: bytes
Content-Length: 4763
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
ra-tigges.de/wp-content/uploads/2019/11/lady-justice-statue-in-law-firm-office-EQ6TMGC-1.jpg
83.169.41.94200 OK 170 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/2019/11/lady-justice-statue-in-law-firm-office-EQ6TMGC-1.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=18, height=3670, bps=230, PhotometricIntepretation=RGB, description=Lady Justice statue with document ring binders in law office, manufacturer=NIKON CORPORATION, model=NIKON D810, orientation=upper-left, width=5500], baseline, precision 8, 1349x900, components 3\012- data
Size 170 kB (170042 bytes)
Hash c29c0095408ad2eb7163ae2ec331b715
19e1b537a4e45d37bb6f73944b874dc6e1c5c11b
6b2fbc876fb83751c58bdb5b88346b85afccfb137995aa88f35a24f783909868
GET /wp-content/uploads/2019/11/lady-justice-statue-in-law-firm-office-EQ6TMGC-1.jpg HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 10:14:22 GMT
ETag: "2983a-59723830efb80"
Accept-Ranges: bytes
Content-Length: 170042
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-400.woff2
83.169.41.94200 OK 7.9 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-400.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-400.woff2 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/omgf-stylesheet-76.css?ver=1659958852
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:45:14 GMT
ETag: "1ecc-5e5ba2fe8a047"
Accept-Ranges: bytes
Content-Length: 7884
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
ra-tigges.de/wp-content/uploads/omgf/vc_google_fonts_poppins/poppins-normal-latin-400.woff2
83.169.41.94200 OK 7.9 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/vc_google_fonts_poppins/poppins-normal-latin-400.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/vc_google_fonts_poppins/poppins-normal-latin-400.woff2 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ra-tigges.de/wp-content/uploads/omgf/vc_google_fonts_poppins/vc_google_fonts_poppins.css?ver=1659958852
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 11:50:45 GMT
ETag: "1ecc-5e5b96d1162cb"
Accept-Ranges: bytes
Content-Length: 7884
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-300.woff2
83.169.41.94200 OK 7.8 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-300.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-300.woff2 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/omgf-stylesheet-76.css?ver=1659958852
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:45:13 GMT
ETag: "1ea0-5e5ba2fe6ac47"
Accept-Ranges: bytes
Content-Length: 7840
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
ra-tigges.de/wp-content/themes/wp-elementy/assets/fonts/linea-icons.woff
83.169.41.94200 OK 22 kB URL HTTP/1.1 ra-tigges.de/wp-content/themes/wp-elementy/assets/fonts/linea-icons.woff
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format, CFF, length 21512, version 1.0\012- data
Hash 53e1c1b3129f025fdbbbd53ed06ab4aa
d20f8c2c179c43254dde92ae5346200064da7197
bce4fb45cc096426af90d2e40fe4f3d4cdaa9933b11433cf7795fcb11d676400
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/wp-elementy/assets/fonts/linea-icons.woff HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ra-tigges.de/wp-content/themes/wp-elementy/assets/css/fonts-icon.css?ver=20121010
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 07 Nov 2017 08:21:08 GMT
ETag: "5408-55d6040be2500"
Accept-Ranges: bytes
Content-Length: 21512
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/font-woff
ra-tigges.de/wp-content/uploads/complianz/css/banner-1-optin.css?v=13
83.169.41.94200 OK 2.8 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/complianz/css/banner-1-optin.css?v=13
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (15332), with no line terminators
Hash d5988bc7e3da43a86f94d21acba64642
2186053d6710f9f43ab3245c18b8703ed2e36f4b
309d600669991ef8b09859e00cb1e4faf2a810226fa7e9505d1b8fa866afc2be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/complianz/css/banner-1-optin.css?v=13 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Fri, 14 Oct 2022 17:16:39 GMT
ETag: "3be4-5eb01c9f0a91d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2831
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.7
83.169.41.94200 OK 7.0 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (29149), with CRLF line terminators
Hash 7190ca95d0e88397662f5261a541e7b0
a1bc9343d0b34d09dc78b4e62ae6af444ab8403d
c296fb620b72a3045de846d0893b02814d8e5538686b9b5f3ab20f46fcd17740
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:53:32 GMT
ETag: "72db-59723388d7f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7024
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.7
83.169.41.94200 OK 2.6 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (8089), with CRLF line terminators
Hash 138b7354eada8be8be68340a4b9c347d
d95f60a25e4003b631604aa9c90485b39f1552d4
9dba7141bb10928a0ab1b22018f2edf6c1349be2dc3919b65f29cada54e10ffc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:53:32 GMT
ETag: "208b-59723388d7f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2573
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-600.woff2
83.169.41.94200 OK 8.0 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-600.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/omgf-stylesheet-76/poppins-normal-latin-600.woff2 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/omgf-stylesheet-76.css?ver=1659958852
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:45:14 GMT
ETag: "1f40-5e5ba2feaabb8"
Accept-Ranges: bytes
Content-Length: 8000
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.7
83.169.41.94200 OK 14 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (55687), with CRLF line terminators
Hash 17417ec3bb8e396097947c8e24ac23f0
66467c5a9cb5adaad9dcf0e93e28edf9826da790
39df2e43bbaa7850905da4668e58d2db7837924640cdadbd445da66afc04952c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:53:32 GMT
ETag: "da86-59723388d7f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 14334
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.7
83.169.41.94200 OK 7.0 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (25862), with CRLF line terminators
Hash a86dac17d7bf2d3bb0f4f81e04f69423
1de57c5cc5d753ae68573d4f90145f38f1d9cbf2
2f1f5e6d6a4bbefd9a49ead6939db753748b8e1f03e71a10fa79a428b80c5a88
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:53:32 GMT
ETag: "65f9-59723388d7f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7043
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/roboto-normal-latin-500.woff2
83.169.41.94200 OK 16 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/roboto-normal-latin-500.woff2
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/omgf-stylesheet-76/roboto-normal-latin-500.woff2 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ra-tigges.de/wp-content/uploads/omgf/omgf-stylesheet-76/omgf-stylesheet-76.css?ver=1659958852
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:45:14 GMT
ETag: "3e30-5e5ba2fec9fb8"
Accept-Ranges: bytes
Content-Length: 15920
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.7
83.169.41.94200 OK 3.2 kB URL HTTP/1.1 ra-tigges.de/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.7
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type ASCII text, with very long lines (10692), with CRLF line terminators
Hash f65756918afb1b3b339fc668b1d11f37
335b6729b14a9225a9f123db8757ec3b4a699f8d
827da93c36935009271f2b9a40b99c1c99d70ccb9584da063f766b46002f6efd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.7 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 12 Nov 2019 09:53:32 GMT
ETag: "2ab5-59723388d7f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3241
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ra-tigges.de/wp-content/uploads/2019/11/cropped-lady-justice-statue-in-law-firm-office-EQ6TMGC-1-32x32.jpg
83.169.41.94200 OK 21 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/2019/11/cropped-lady-justice-statue-in-law-firm-office-EQ6TMGC-1-32x32.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=18, height=3670, bps=230, PhotometricIntepretation=RGB, description=Lady Justice statue with document ring binders in law office, manufacturer=NIKON CORPORATION, model=NIKON D810, orientation=upper-left, width=5500], baseline, precision 8, 32x32, components 3\012- data
Hash 2fca639310ac9b73a3621dce8891bf7e
1a2cf9bbe80e5ac2595401bb630395ae5f58b8d6
8ca9d66728751aa11c64c3d9b3f8a9a9b6a5b71a6acdd3e8a8800df5c7546496
GET /wp-content/uploads/2019/11/cropped-lady-justice-statue-in-law-firm-office-EQ6TMGC-1-32x32.jpg HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 10 Dec 2019 11:21:28 GMT
ETag: "530c-59957b6955e00"
Accept-Ranges: bytes
Content-Length: 21260
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
ra-tigges.de/wp-content/uploads/2019/11/cropped-lady-justice-statue-in-law-firm-office-EQ6TMGC-1-192x192.jpg
83.169.41.94200 OK 27 kB URL HTTP/1.1 ra-tigges.de/wp-content/uploads/2019/11/cropped-lady-justice-statue-in-law-firm-office-EQ6TMGC-1-192x192.jpg
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=18, height=3670, bps=230, PhotometricIntepretation=RGB, description=Lady Justice statue with document ring binders in law office, manufacturer=NIKON CORPORATION, model=NIKON D810, orientation=upper-left, width=5500], baseline, precision 8, 192x192, components 3\012- data
Hash b4058a4a6d88654d553f824dbe45f808
cf04642d360c664adfddf0ac5c2cb87b88b92fe6
b39a76add0eb10d51ce97d7f3cfa0015d83a8bcf8aa1a8ea20b291cf5c1126db
GET /wp-content/uploads/2019/11/cropped-lady-justice-statue-in-law-firm-office-EQ6TMGC-1-192x192.jpg HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Tue, 10 Dec 2019 11:21:28 GMT
ETag: "6a5f-59957b6955e00"
Accept-Ranges: bytes
Content-Length: 27231
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15670
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 06:44:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15670
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 06:44:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15670
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 06:44:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15670
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 06:44:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15670
Expires: Sun, 27 Nov 2022 11:05:25 GMT
Date: Sun, 27 Nov 2022 06:44:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 514b4077fad50ba782e4bbb2c95c6852
4770f56d4d9489df43f33952e4bfa84d8e46414e
a97ce7c911625345342731b96cf423ee36182e101e3039694a666d6508a702ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F597d0b25-8af2-425a-be32-195ac8e4bc00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4374
x-amzn-requestid: 16fa9401-4b57-4300-9377-3a7d96de3a38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGB7uFWJIAMFfTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f16b1-3386c7b54d828c3b1393b9ce;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:01:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6XMNeYqDwM9yHZf1rkBRhZ6k_iZE92MWKavu0vlQnT2jZ--tswQwWw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 08:08:31 GMT
age: 81344
etag: "4770f56d4d9489df43f33952e4bfa84d8e46414e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 892849386662d30042f01ab952a3ec14
3b349ac17a00d68875e64bee110ec85d07cffda2
893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9926
x-amzn-requestid: b03f4d3b-b144-4466-ab11-96c8201d75a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Je2G_NIAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b22c5-5ef5e11a198cd8202372d8da;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:03:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Eeu-CbRcm2Zv8ZVXNO3vhUt2shbKNQZ1YqsxCMk96twd7zL_rceGYg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:05:31 GMT
age: 31124
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:58:18 GMT
age: 35157
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 31958
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32013626-b98e-4f6b-bd84-ffd1a2c2b7ea.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32013626-b98e-4f6b-bd84-ffd1a2c2b7ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8965857253845582ad8333615154be59
6636e8929347aed0b19a22dd1e60065a9014ee30
42941561f6315d974d28f45104cfe79fb2eaf594e5e4efccf4f1377972cbb972
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32013626-b98e-4f6b-bd84-ffd1a2c2b7ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5483
x-amzn-requestid: b20511dd-2a15-4c90-b4c3-77f153b89c18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIymCEY9IAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803159-384168242833530b79db4012;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XnlUNKu4ofuJ8xeafiSJfmDbg4DMFQNV5WH1DpilrHxKEMBjRIEHrQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 03:57:02 GMT
age: 10033
etag: "6636e8929347aed0b19a22dd1e60065a9014ee30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 31954
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ra-tigges.de/wp-content/uploads/omgf/vc_google_fonts_poppins/vc_google_fonts_poppins.css?ver=1659958852
83.169.41.94200 OK 0 B URL HTTP/1.1 ra-tigges.de/wp-content/uploads/omgf/vc_google_fonts_poppins/vc_google_fonts_poppins.css?ver=1659958852
IP 83.169.41.94:0
ASN #20773 Host Europe GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/omgf/vc_google_fonts_poppins/vc_google_fonts_poppins.css?ver=1659958852 HTTP/1.1
Host: ra-tigges.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ra-tigges.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 06:44:14 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 11:50:45 GMT
ETag: "37c-5e5b96d1166b3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 393
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css