Overview

URL energieberater-nordrhein-westfalen.de/
IP83.169.41.94
ASNHost Europe GmbH
Location Germany
Report completed2022-09-22 12:45:10 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-22 2 energieberater-nordrhein-westfalen.de/ Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/ Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-includes/js/wp-emoji-release.min.j (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/c (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google- (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/a (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/sticky-header-effe (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/uploads/astra-addon/astra- (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-includes/js/jquery/jquery.min.js?v (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-includes/js/jquery/jquery-migrate. (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/themes/astra/assets/js/min (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-includes/js/imagesloaded.min.js?ve (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/asse (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/ultimate-elementor (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/j (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/j (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-includes/js/dist/hooks.min.js?ver= (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-includes/js/dist/vendor/regenerato (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-includes/js/dist/i18n.min.js?ver=e (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/asse (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/asse (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/a (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-pro/asse (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor-extras/a (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google- (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google- (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
2022-09-22 2 energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/l (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (14)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-22 05:01:22 UTC 52.89.15.44
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-22 04:23:52 UTC 34.120.237.76
mnemonic passive DNS maps.googleapis.com (1) 33876 2014-10-18 20:19:59 UTC 2022-09-22 11:17:00 UTC 142.250.74.170
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-22 04:32:00 UTC 23.36.76.226
mnemonic passive DNS energieberater-nordrhein-westfalen.de (81) 0 2020-02-10 14:06:56 UTC 2022-09-22 00:09:12 UTC 83.169.41.94 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-22 05:09:58 UTC 143.204.55.36
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-22 04:34:04 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-22 09:32:38 UTC 93.184.220.29
mnemonic passive DNS maps.google.com (1) 1899 2016-05-21 18:40:38 UTC 2022-09-22 08:20:05 UTC 216.58.211.14
mnemonic passive DNS maps.gstatic.com (1) 0 2016-01-11 16:55:17 UTC 2022-09-22 07:07:13 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-22 05:24:31 UTC 143.204.55.110
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-22 05:51:40 UTC 104.17.24.14
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-22 04:32:28 UTC 142.250.74.3
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-22 04:33:41 UTC 142.250.74.164


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 83.169.41.94

Date UQ / IDS / BL URL IP
2022-12-02 02:49:23 +0000
0 - 0 - 38 steuerberatungkempf.de/ 83.169.41.94
2022-12-02 02:47:04 +0000
0 - 0 - 25 steuerkanzlei-lambrecht.de/ 83.169.41.94
2022-12-02 02:19:23 +0000
0 - 0 - 2 mail.steuerberater-winterfeld.de/ 83.169.41.94
2022-12-01 01:54:16 +0000
0 - 0 - 38 erstehilfe-amkind.de/ 83.169.41.94
2022-12-01 01:50:36 +0000
0 - 0 - 38 hausratversicherung-dinslaken.de/ 83.169.41.94

Last 5 reports on ASN: Host Europe GmbH

Date UQ / IDS / BL URL IP
2022-12-04 20:54:17 +0000
0 - 0 - 2 www.backstedtcoaching.com/about-magnus/ 79.170.44.105
2022-12-04 08:12:35 +0000
0 - 0 - 9 xn--tter-magazin-gcb.de/ 83.169.35.10
2022-12-03 09:06:49 +0000
0 - 0 - 55 emobilsolution.de/ 83.169.34.123
2022-12-03 08:34:30 +0000
0 - 0 - 9 detmers-kontejner.hr/ 5.175.20.139
2022-12-03 07:48:20 +0000
0 - 0 - 0 www.coeo-inkasso.at 92.51.182.137

Last 3 reports on domain: energieberater-nordrhein-westfalen.de

Date UQ / IDS / BL URL IP
2022-11-27 06:15:08 +0000
0 - 0 - 40 energieberater-nordrhein-westfalen.de/ 83.169.41.94
2022-10-27 02:15:25 +0000
0 - 0 - 41 energieberater-nordrhein-westfalen.de/ 83.169.41.94
2022-09-22 12:45:10 +0000
0 - 0 - 41 energieberater-nordrhein-westfalen.de/ 83.169.41.94

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-27 06:15:08 +0000
0 - 0 - 40 energieberater-nordrhein-westfalen.de/ 83.169.41.94
2022-10-27 02:15:25 +0000
0 - 0 - 41 energieberater-nordrhein-westfalen.de/ 83.169.41.94


JavaScript

Executed Scripts (51)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (113)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 12:13:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SkwzZtXX7_oLiNJWHdYWtklhsSDBWurXEjnolfcYCHxnuw9K-UiHEA==
Age: 1860


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3582
Expires: Thu, 22 Sep 2022 13:44:40 GMT
Date: Thu, 22 Sep 2022 12:44:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wAiLgIXCiZLaJXEnF5qaA4yWJwh9DHRLhBqkvI3lSeMW7iiFoubjgA==
age: 29384
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 22 Sep 2022 12:44:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         83.169.41.94
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 22 Sep 2022 12:44:58 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://energieberater-nordrhein-westfalen.de/
X-Powered-By: PHP/7.4.16, PleskLin
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 22 Sep 2022 12:03:22 GMT
Expires: Thu, 22 Sep 2022 12:11:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DqfvmJAVgNcRLThi4iI1NfU3KWWg-sprKQMYus-zmTeo3rSBZwEyCw==
Age: 2496


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5230
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 12:44:58 GMT
Last-Modified: Thu, 22 Sep 2022 11:17:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BCA8D3C8D78C53F00714EB7343A5C65E560A697743CCF544FF478E2353B6A9EB"
Last-Modified: Thu, 22 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Thu, 22 Sep 2022 18:44:08 GMT
Date: Thu, 22 Sep 2022 12:44:59 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aPglqhW1jPb6eiXHohQsyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.15.44
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y8wzC7CGV5uBr71/I6jptzRZuTs=

                                        
                                            GET / HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 22 Sep 2022 12:44:59 GMT
Server: Apache
Link: <https://energieberater-nordrhein-westfalen.de/wp-json/>; rel="https://api.w.org/", <https://energieberater-nordrhein-westfalen.de/wp-json/wp/v2/pages/23>; rel="alternate"; type="application/json", <https://energieberater-nordrhein-westfalen.de/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.4.16, PleskLin
Content-Length: 29345
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41860), with CRLF, LF line terminators
Size:   29345
Md5:    1a17eab9f9be4fa8fa2e0e3291aba904
Sha1:   bea02314a622bf5398db77541e036da961c09e9f
Sha256: 448c1ac82f7125aa605cb8cbda18e29b95cd602a76a2179d1ad99bf050fef785

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 17:20:25 GMT
ETag: "11449-5e81987523d71-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11733
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (63070), with CRLF line terminators
Size:   11733
Md5:    aab8da333613933cc37485d8a7ba13be
Sha1:   29762b20907f8feda444d83de5e1b08b07351713
Sha256: 02762812ff8f9094fca15e4e5361fcffbb7b9be75acfb46ed6e87f43acdcbbdc
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "48b9-5dfcf4214c7a9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5009
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5009
Md5:    e6624e0b978e6ddba476be41aaaa82df
Sha1:   822e920d8233072110ed7c8a7f379e5b13209b18
Sha256: dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:50 GMT
ETag: "aa3-5e91e3621cfe3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 713
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2723), with no line terminators
Size:   713
Md5:    7e67979bdd7b91ff88c5113cd3db186e
Sha1:   1ef16fddac63946359c3d47b46d1985c3961ea26
Sha256: 10f99207a897bca4be545b3a4a330907e90e0dc49326c774946393ed4adcd83c
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "28722-5e91e36816166-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 20219
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   20219
Md5:    aabd344581399563134b985f514a1cd8
Sha1:   6b5a37930501a8b1ed54dd5f6c41251dd1943ecf
Sha256: b4dee2a7a178a601312478f2b97c5b8aff205c8930669a9bf90825bb4a2a9bb1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/gsap/2.1.3/TweenMax.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 22 Sep 2022 12:45:00 GMT
content-length: 34868
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e71-1c604"
last-modified: Mon, 04 May 2020 16:10:25 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3079048
expires: Tue, 12 Sep 2023 12:45:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2dV60BdfnHEPXL8%2F8H%2F%2F9hS2NMBoKGAdQ23%2FXwNd9jsBj1Y2euDLcraX%2BoFl6XXRGfneJwQQbOTLPuUnBJJtcR5ykDQ29cmSHZkuDhvNSoenXhdGLXngud%2BekrowPnm8HLoXOBR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74eb229cead81bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32037)
Size:   34868
Md5:    8ec306b76e7dc20e47d5f986b68d5932
Sha1:   6bc2204b8061f8d54f416b0d1df1343c2f42521a
Sha256: 9b623920be3228e50eabb5af38e599acdbdc4fce6b2f1d7eb884cf3bb0245d7c
                                        
                                            GET /wp-content/uploads/elementor/css/post-527.css?ver=1646070080 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 17:41:20 GMT
ETag: "474-5d9178e665205-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 411
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1140), with no line terminators
Size:   411
Md5:    560d7cac4d110c4af78c35f4cc5c6f39
Sha1:   51768edf3effb387533226729b20591a65f48323
Sha256: 603fdf23a051e4c54a56901dde0e1c312f1e2e6454c3cccebabe4c86bdb3f92b
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6126
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:45:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gZ8I075ljJuPvMcsyyRU3m09P9z7mL3WNBiex99pwXtoWDzt_jWP0A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:25:13 GMT
age: 51587
etag: "09bd3300d710c3212483159f8398b84cde09da26"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7507
Md5:    4d98acc059a69d51165fb5e0c7430ea3
Sha1:   09bd3300d710c3212483159f8398b84cde09da26
Sha256: 6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
age: 54651
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8678
Md5:    91c56f0b9810bfdd84e10a626b89e389
Sha1:   15d83e44d568938b6c9c87201e898cedb3edec0a
Sha256: 942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
age: 53793
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5650
Md5:    a5edcd9aee78a6cacc9241b47cbce598
Sha1:   f95b843029e84dbb188427a8c2ff8c9f32740465
Sha256: 6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.6 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 05:13:55 GMT
ETag: "7570f-5e8b04fda0464-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 41371
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65493)
Size:   41371
Md5:    44135852af54b9b045ef95bf76ed7501
Sha1:   e4f8878a9982fe6f33d13eb72d90168ded5d357e
Sha256: 8c82decc3f8d3ac813d2a4f7f3019c958d4a84449a9a445125137106eafc1a3d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
age: 54651
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10754
Md5:    af5773255351157d72c28a670a355c60
Sha1:   c803e5866edbe6c9baec14e93677f610bdf09bff
Sha256: 3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11645
x-amzn-requestid: 0ae5c056-6d78-4c37-8e18-b9abfe1e1f47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG34FKIIAMF6Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab832-59fbd91527ea400d333ddc41;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q7rg9YqHScSwWXfS96bSI5Mb0mSYQ-jbShb7wddPcG51nhn0_8DIJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 15:21:32 GMT
age: 77008
etag: "5ee6c32afd92810ae61a791c059928e33148bb0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11645
Md5:    298be26294efc965abc5707a84df8a0a
Sha1:   5ee6c32afd92810ae61a791c059928e33148bb0c
Sha256: d9b5fe88c8e03f6a6a64e360015080bca00f7fb147515a137447832bacc2e6e7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9233
x-amzn-requestid: f90a9ed8-b4e7-4786-887a-90f24cc4f432
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HZSG1IoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b85d4-7a75336f316aa6450e3369b4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PEhEMNxyamS4_x8DPhIeX2bEkaVWzS4foO7vPQX8KgWpm1KjsSvRxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:21:48 GMT
age: 51792
etag: "134720f07ffdbef5ff551bdb3c3743c806d1512d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9233
Md5:    ce3e9d330cc9b9c84fb7846bf0d8c7a0
Sha1:   134720f07ffdbef5ff551bdb3c3743c806d1512d
Sha256: 0724f7ca2de62c8086e80b527aec78de6b63996107b32c7e9990bd472e64a347
                                        
                                            GET /wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.10 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 19:46:44 GMT
ETag: "991f5-5e7160ea9472e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   67764
Md5:    d80625359997bcac0892ae52bcf69de4
Sha1:   1f667fcda92670f9297f1fd058fa57b3f292515d
Sha256: 3930c3bff9fc4d12fedaac5f38758c1a7c0861bc3651325e1ac440477beabc62

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/omgf/astra-google-fonts/astra-google-fonts.css?ver=1659959053 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:59:31 GMT
ETag: "6f4-5e5ba6305103c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 436
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   436
Md5:    ac09566400c947134913b9552ba34609
Sha1:   4f44a738b5331f48c4c2b3d63905b4265bb587e1
Sha256: e52ce40ecd2fde817b685ee8307bb1213800f0d07c56c810d280e911eeed4d0e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-extras/assets/lib/nicons/css/nicons.css?ver=2.2.51 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "175f-5cd761409cfdc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1278
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1278
Md5:    a63b8d085e6f0b551b44deb75f5b57c8
Sha1:   26aeacf3d5799da7ff92698de64e658f09e830a2
Sha256: 9e205d074c92f86e85d995a1982ce9c98b8ec9d8446f4fd647960c2ab4c2474e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/sticky-header-effects-for-elementor/assets/css/she-header-style.css?ver=1.5.3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Sun, 10 Jul 2022 17:18:31 GMT
ETag: "13e5-5e3769fdf6f72-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 686
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   686
Md5:    ee1f1e15db0c712541a88db95fa8e535
Sha1:   eafe5615588eb78ddce726f1cd86df59e78e66a6
Sha256: 431c38b9553d1d9d70596188374490191fefb190110f423f52aba17237a17e76

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-extras/assets/css/frontend.min.css?ver=2.2.51 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "322e9-5cd7614088f8c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 24813
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   24813
Md5:    5b4af266d88a77e8b32c96b0111b3e43
Sha1:   17ed7865c6fd383c94e25f24e0f0d593124434d9
Sha256: f1d555a3c0b35ee370353457235dcd504759c91c72cf30de46076e02b6f55f44
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 12 Jul 2022 19:20:25 GMT
ETag: "15b64-5e3a08f7c1419-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11681
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   11681
Md5:    e5548800176e913a9084f47a3e1e04f6
Sha1:   eff4604acc5c26ae82a19188de2f98bf5b79d80c
Sha256: a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
                                        
                                            GET /wp-content/uploads/elementor/css/post-23.css?ver=1646070080 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 17:41:20 GMT
ETag: "2be8-5d9178e6af19e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1506
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (11240), with no line terminators
Size:   1506
Md5:    4ebd233bfa293f78969f82c05c4ad9a2
Sha1:   78c1f988a659a556708f852f4f02e2232dc6e4e7
Sha256: 408353691f2a526861dff9a20abee6b41ec12d8055daef08340e3e8dcf56ff29

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-104.css?ver=1646070080 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 17:41:20 GMT
ETag: "162d-5d9178e6b3bd6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 951
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2008)
Size:   951
Md5:    9736dda2daa899f49aafc815ed2392eb
Sha1:   f006da723698547a0a1572ed763b4fdf14a393ed
Sha256: 0d20ee7b34b774cec469ad88a3c40349859ee5aa48770e6b5b2fe70bcf086b70
                                        
                                            GET /wp-content/uploads/elementor/css/post-157.css?ver=1646070080 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 28 Feb 2022 17:41:20 GMT
ETag: "2f6a-5d9178e6c030e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1629
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (12138), with no line terminators
Size:   1629
Md5:    681a29f53654abd2a1bb136e9bf50617
Sha1:   73ac61ffe5d4cb61df0273ec66aa3a8ae0d83ff6
Sha256: 12ebfa7c238e8d9e02825eb5932c3cb50ca0ea34231c72eb263ea3a056553623
                                        
                                            GET /wp-content/uploads/omgf/google-fonts-1/google-fonts-1.css?ver=1659959053 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:59:33 GMT
ETag: "44b4-5e5ba6326405d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 711
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   711
Md5:    629a93d1ff87bd58e4a399f5c41cd9d9
Sha1:   ca85d16917754efdb7e0b04caf272181b7f8be41
Sha256: b84965548475012b41e11e83a65e644d8c30c879bb4684ea2f554acb232b390c
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "2a5-5e91e36828e30-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 308
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (491)
Size:   308
Md5:    851fd514d412b7e854365f20a4227c8a
Sha1:   08bf47072f70af1816450cc85a5efb3b8f9114d2
Sha256: a9449e3cc7c003e5ed6b93bae7b0bba3e4f1713c52214f41d3591692a759b9d7
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "e238-5e91e36828278-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 12582
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (57726)
Size:   12582
Md5:    991d00cd7cb62d50a29295522d554f1f
Sha1:   e128a5238f141e9c4da1979716108d858340fe03
Sha256: b8fcb61816168fc6a7ee01bb09fa4378398838dc6e4f49dc411872876355d113

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/astra-addon/astra-addon-6318d2dcda04c6-84036519.css?ver=3.6.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 17:20:28 GMT
ETag: "e70c-5e819878311c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6442
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (59148), with no line terminators
Size:   6442
Md5:    b38c74612448bc01418df0f8082d83ba
Sha1:   85d7c409508b588bdee34c9f4895719af91b1179
Sha256: f3ba60839a4868dcbb21f2d88fe94c62036def30770954f44e4d5285068399ca

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "29d-5e91e36828e30-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 309
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (483)
Size:   309
Md5:    0ea43e394ddaae5fdb710dbbc8869e58
Sha1:   3b0c93adc80720236096201db5cc2751e703996d
Sha256: 85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "2a3-5e91e36828a48-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 308
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (489)
Size:   308
Md5:    0a08469d24387f830bbaaa00b3c228ae
Sha1:   01f5dfeb8f93a32c9a8f66fe5940758109771fcd
Sha256: 3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "4b4f-5e91e3682a5a0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3961
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (19233)
Size:   3961
Md5:    24dc15839234f4dbd06f677098762e1c
Sha1:   a285318fa3f4d9a1491f523f080cd32e1df12315
Sha256: 016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Jul 2021 17:31:00 GMT
ETag: "15db1-5c7916ae25248-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 30908
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30908
Md5:    9640915738503451aa21181699feab5b
Sha1:   c053eaf36ef0da96619706b3abda326305063bd6
Sha256: f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 09 Dec 2020 05:30:27 GMT
ETag: "2bd8-5b6015b59447d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 4169
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.5.3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Sun, 10 Jul 2022 17:18:31 GMT
ETag: "1cbf-5e3769fdf4092-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1623
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1623
Md5:    3a78ae37971d0c697873ddd9137e11fb
Sha1:   b144247865005f786672068103340650591b3e16
Sha256: 9a82f81586fbbcc581630ff5d1abf94397ea2181f23ffc7d1f769aa553634846
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.7 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "4824-5e91e3682ff79-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2592
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   2592
Md5:    0ea81c35141c6a4692506e4fe8d36edb
Sha1:   392c5f96995e66d74c27ed5a42f93169c2f32d18
Sha256: b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "35ed-5e91e36817106-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 855
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (13766)
Size:   855
Md5:    b67ce014664ad80f61a78b2721f5001f
Sha1:   80a3c23a3643598f590765c091f16008c834eb18
Sha256: 77f77a21706b27952b789ff364c6322da6675363d50bb0f9cdff7c4b6db6ec40
                                        
                                            GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 17:20:25 GMT
ETag: "289e-5e8198751f720-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2744
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (10398), with no line terminators
Size:   2744
Md5:    97cea445c7c0cec6df1760fc0cf5fefb
Sha1:   69aef0529522fab7eb0a6807897ade7eb0f4e90c
Sha256: 19f00f952b91cd466ae2dceee052773304dcc4a7f103d9b87d0ea62f9c0d0f4c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/astra-addon/astra-addon-6318d2dcda5f55-75895018.js?ver=3.6.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 17:20:28 GMT
ETag: "a6fc-5e819878315af-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 8057
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (42748), with no line terminators
Size:   8057
Md5:    b0c8455f0e77fe9706f14e5e8eadb445
Sha1:   afafe31864b4d7702f0f5e745fd67cf03787415d
Sha256: 06f3db3eda76fff9b2587afdba8ec3a17d44f99e2a0effe1b879f889484def4e
                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 12 Aug 2020 13:07:45 GMT
ETag: "15fd-5acaddfa79959-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1834
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1834
Md5:    951ae46ca55ec7b0e401e2074bdf8b54
Sha1:   64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
Sha256: fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 05:13:55 GMT
ETag: "6272-5e8b04fda98d5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7157
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (25115)
Size:   7157
Md5:    de752486ae6f3549ee513c4f7bd89b1c
Sha1:   7e415888c930d6952efce6ae601c37427ac2345e
Sha256: d74a2945742950cd22705aa87f266a7eccc3a7949861da7e04cab475765206d1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ultimate-elementor/assets/lib/jquery-element-resize/jquery_resize.min.js?ver=1.36.10 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 19:46:39 GMT
ETag: "d5e-5e7160e5c0d1f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1369
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (995)
Size:   1369
Md5:    a12ed231f19efe3a084cb8694b7720c2
Sha1:   7b12cefbe5ecf7ba9f2ee18ca660cff9667cde27
Sha256: 9ff353804ac854f429127cf588317de7e78e42988fc5add5d2ed2c83fc65a72a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ultimate-elementor/assets/lib/isotope/isotope.min.js?ver=1.36.10 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 19:46:39 GMT
ETag: "8942-5e7160e5c2c5f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 9787
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (34807)
Size:   9787
Md5:    4c287e0a13d8cdaad54232e28bc0ee50
Sha1:   5a4d0e394c753b6395d7dcb54e25b165dfb16ce7
Sha256: aeddc80273e862bafbbf0474144066217b7c772e1419e882bfdd3b5ec850bfa8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:50 GMT
ETag: "bbaf-5e91e36299821-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 11061
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  C source textAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (48047), with no line terminators
Size:   11061
Md5:    9d8f001a59dc380e83526cb4a5ccbd91
Sha1:   0a82be5bb9c3a2bb6d2f1498d18d160feb682c98
Sha256: 9be66b9338a4ff6157f8c5e6743cc51f8739ddd525c1975817ccd0b6afc1de71
                                        
                                            GET /wp-content/plugins/ultimate-elementor/assets/lib/slick/slick.min.js?ver=1.36.10 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 19:46:39 GMT
ETag: "a93e-5e7160e5c0d1f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10670
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (42862)
Size:   10670
Md5:    36f4de3a1f9cbec36a382dca5e8d6e9c
Sha1:   42758ab254ef2cfdc7ba1485bd02bf39979d7378
Sha256: 1eef360b93bde2802d29aa3bc7c6c6a9c1db9796c926816c22132bec539936d6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ultimate-elementor/assets/min-js/uael-frontend.min.js?ver=1.36.10 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 19:46:39 GMT
ETag: "83b4-5e7160e5b037d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 9071
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (33716), with no line terminators
Size:   9071
Md5:    a1738dc5527e5b40290219f75dfcebde
Sha1:   63e42a304fac5bca9de4e46cbde76c77a7926636
Sha256: 4bf77e879002ceb090ad1f2df2d13974f053aa9c8fb311e34fa0b8d13ff9fb01
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 05:13:55 GMT
ETag: "1440-5e8b04fd977c4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2364
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (5141)
Size:   2364
Md5:    7405cd7f5f4485b5aa18eaf005720b16
Sha1:   64ff52fc0013b6cc2a6821cdb2566899e831a459
Sha256: df13d8aca8bad270698f7b97256b7a8baf4f8db030a6cf4789aaae832e211779
                                        
                                            GET /wp-content/plugins/ultimate-elementor/assets/lib/justifiedgallery/justifiedgallery.min.js?ver=1.36.10 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 19:46:39 GMT
ETag: "484e-5e7160e5c248f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5020
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (18351)
Size:   5020
Md5:    8eab2bddbfa60f879cad15f4997ee7cb
Sha1:   774781376ebf2090ee21b1dc9cc2f7e5d86f25ed
Sha256: a86c9ca0813ece4c6b64721d91d2b9b525e9c72f44448888806d4cd6bba1aad1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/ultimate-elementor/assets/lib/fancybox/jquery_fancybox.min.js?ver=1.36.10 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 25 Aug 2022 19:46:39 GMT
ETag: "ef5a-5e7160e5c18d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 19935
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (60980)
Size:   19935
Md5:    e2c676e07a2c8d6fc22c67b9d771849e
Sha1:   e6ef7cf74f6dbb1a2f86d20f335ace4a0d73d270
Sha256: 6fe26d896ccb4eb14ff1a07a00ffb5177823989184c55b9c8ee71ca613fee5ac

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "135d-5e91e3680b19d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2193
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   2193
Md5:    ac5286e01cb948466083b4a9db3725b1
Sha1:   158ee166465804fafaf226ed85b2243bb34d5fb1
Sha256: e4ab2a0069a89260933d5fc4235c352cd504a7fe88d14c95ef66f46a680718b3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "80a1-5e91e3680a1fd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 10742
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32889)
Size:   10742
Md5:    540ab7a81306a8a45622d154e9df498b
Sha1:   f06d1223e432a8d648d15008c4dcd7306553e0ac
Sha256: 9f5782726439ecaa602bfb3f5d4762d50409899eb22562da187e252a3eaf0df9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "132e-5dfcf4212ef01-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1661
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   1661
Md5:    320b86bb1a9ce650a5e3553b2bb1c430
Sha1:   c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
Sha256: c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "4ac6-5dfcf421471b9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 7095
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size:   7095
Md5:    2f4fcc5a628b379672d76b7e91cbdf07
Sha1:   9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
Sha256: a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "194b-5dfcf42147d71-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2457
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2457
Md5:    27cbbd0a9d7c5ad9402118c4afc36035
Sha1:   7659d08a005f5ecfa6c779e3cda45c30007fd059
Sha256: ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "27ee-5dfcf42130289-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3865
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   3865
Md5:    ca0cf10a1d933e4262c732da8f9008c1
Sha1:   d6fdc041e650cf096841671884db8854490dba72
Sha256: fbd145cb64d3185e42b8a3f6fff22b3e4cc3550934b63a4f874c21c44f920702

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "2fa6-5e91e36830f19-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2993
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   2993
Md5:    cfea3c51880820f2962a7773fbc864f9
Sha1:   45aa7ddc9b0c4201097d0df36791ab346470b734
Sha256: 12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 05:13:55 GMT
ETag: "53a9-5e8b04fd98f34-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 5715
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (21374)
Size:   5715
Md5:    9b6299ad9f104fd7855d3e84c6573e70
Sha1:   44ca178792bc83b0a01b70c40821ec89452555d7
Sha256: bbe1fe57671b08ade3312b5d06e7c623d12f7f1ffd52f956e54bb82db771c9ba

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 05:22:23 GMT
ETag: "50eb-5dfcf4211d5c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 6914
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6914
Md5:    7e2b78a6e8a9b90385330755ee1cf3e5
Sha1:   684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
Sha256: 43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.7 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "a3c-5e91e36830361-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1139
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2620), with no line terminators
Size:   1139
Md5:    366a9c35bbef9fea7021f6b1b56cf8d0
Sha1:   18feab78c61c6e8261db364d6681a9633041e837
Sha256: b1108a264198109bc4e692e30e2dc7c148625fa9a3dce15477fc7618669c7a6f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6126
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:45:00 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "29ba-5e91e3682e809-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 3446
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (10544)
Size:   3446
Md5:    88f71137b2a89a53df46cdb4deeb4e3d
Sha1:   426e12f0e8712db20afd2c54e77e1384074f3181
Sha256: 591a8b7a859de8af878c56e1ec72384596285f768387e9958f0a0afe53d89428
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6126
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:45:00 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "9e41-5e91e3680b19d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 12045
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (40474)
Size:   12045
Md5:    9f98d9eb97acbaa6fdbecb9086f0eba1
Sha1:   b8f3c7e68de9fcbc87c3bb232f71800e62a2c2f7
Sha256: 1eff8a686486469b581f8ea377acaaedb79cc6339976d17c9392752be4c4a993
                                        
                                            GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.7 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "a884-5e91e36809a2d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 13121
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (43101)
Size:   13121
Md5:    227f3f29a5ac2d74fec28aeb97d0768a
Sha1:   2a7516811b58b46c0ee982c7c6616c76433e19c5
Sha256: dbc5b4077a4e85e9dedec28dd5c513cfdfbc672d16f8eb3eb7d2340188bcd6c6
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.6 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 05:13:55 GMT
ETag: "e78-5e8b04fda9cbe-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 1586
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (3703)
Size:   1586
Md5:    dbb7b7eb1f27ef159dcd3e20d95d0ccf
Sha1:   fef3645e4691734fee4bac5a58c1d5d70acd6a1b
Sha256: dd5eb456aa6a6ccad9a7eebd497a816aa22f73e5007a507ff8929192cd7d7c8e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "21f91-5e91e3682a988-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 35491
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65280)
Size:   35491
Md5:    f2f239cb6e82311cd197aa5888632811
Sha1:   e2376a981fa3bf8e7e36e86b979f3a3ea6443d29
Sha256: c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d
                                        
                                            GET /wp-content/plugins/elementor-extras/assets/js/frontend.min.js?ver=2.2.51 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "12ca3-5cd7614085cc4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 17977
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (31998)
Size:   17977
Md5:    12b0a76903b6a69a137fff11a2e2eb9c
Sha1:   27d532edacdc03008f0fceda5cbb2ba4d350f42a
Sha256: 2e291c576a0f9bcd0efcd9df06ae8e1fee8ed8db2fac1612be25ac60dc495435

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-extras/assets/lib/parallax-gallery/parallax-gallery.min.js?ver=1.0.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "a88-5cd76140a9ee5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 891
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2696), with no line terminators
Size:   891
Md5:    9bb0cb292f07393b12f070a88ced0cac
Sha1:   4a5f984164de3b2efcea4de7bb0d28ddd976b37e
Sha256: faabd24e7a87aef5dc3413b696b66426067f7f67758a48e133341321cdadb138
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.6 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Thu, 15 Sep 2022 05:13:55 GMT
ETag: "20de6-5e8b04fd9931c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 31439
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65493)
Size:   31439
Md5:    79f5ae6f7a6cf0554420655c1ace3b65
Sha1:   289d2f9713a05ad48a44e66f9081c768d0f18d25
Sha256: a7553e825867026ad4d0f4906bf7ad303579b2666636145a326f14ecf84bb465

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor-extras/assets/lib/hotips/hotips.min.js?ver=1.1.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Sun, 03 Oct 2021 17:25:09 GMT
ETag: "1fac-5cd76140ae535-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2227
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8108), with no line terminators
Size:   2227
Md5:    3661568b226450df0eaba057db689cb6
Sha1:   efcdcf6b1d5a7c467954b2d85d10420fb2015c19
Sha256: afa5e02948cf30a33ef1a7d593498b80d83fc7e3f4bf8d5818441cc3884f6a7d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6126
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:45:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6126
Expires: Thu, 22 Sep 2022 14:27:06 GMT
Date: Thu, 22 Sep 2022 12:45:00 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/omgf/astra-google-fonts/open-sans-normal-latin-400.woff2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/astra-google-fonts.css?ver=1659959053
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:59:31 GMT
ETag: "4150-5e5ba6302ca33"
Accept-Ranges: bytes
Content-Length: 16720
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16720, version 1.0\012- data
Size:   16720
Md5:    c416910cae8fe4258cdf8c35933e9f4c
Sha1:   4a768ba0a3abc49b572c08c235db9f066ffc2b18
Sha256: 9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/omgf/astra-google-fonts/raleway-normal-latin-400.woff2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/omgf/astra-google-fonts/astra-google-fonts.css?ver=1659959053
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 08 Aug 2022 12:59:31 GMT
ETag: "5320-5e5ba63050c54"
Accept-Ranges: bytes
Content-Length: 21280
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Size:   21280
Md5:    16911581ab7ea10687a5aee74cbc5612
Sha1:   b0b24248345739209d753a4ac77ccfc1f627b219
Sha256: c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "33dc-5e91e36825780"
Accept-Ranges: bytes
Content-Length: 13276
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size:   13276
Md5:    f0f8230116992e521526097a28f54066
Sha1:   0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
Sha256: 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "13174-5e91e36825780"
Accept-Ranges: bytes
Content-Length: 78196
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size:   78196
Md5:    e8a427e15cc502bef99cfd722b37ea98
Sha1:   a9922842a120a7f1eaced667480c5e185a106d69
Sha256: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "12bdc-5e91e36824fb0"
Accept-Ranges: bytes
Content-Length: 76764
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size:   76764
Md5:    f7307680c7fe85959f3ecf122493ea7d
Sha1:   fce0da592a3e536d6d5df5b50cb513398d8c5161
Sha256: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /maps?q=Brandenburger%20Tor%2C%20Berlin%2C%20Deutschland&t=m&z=10&output=embed&iwloc=near HTTP/1.1 
Host: maps.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.211.14
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Thu, 22 Sep 2022 12:45:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sBrandenburger+Tor,+Berlin,+Deutschland!5e0!6i10
server: mafe
content-length: 307
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   307
Md5:    36fb848a47e8c6a310f95b65c2e8a881
Sha1:   45114e78aca638a5bdd867dca18a5a9fae1c31d0
Sha256: 8f1dd870197f4890fdedd22806ff9742f972da83b99d67dda9934a9cea2806c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/complianz/css/banner-1-optin.css?v=10 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 16:10:44 GMT
ETag: "3e0b-5e7f0526636d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
Content-Length: 2936
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (15883), with no line terminators
Size:   2936
Md5:    192bb2657048df667dfac5cfc8afcad4
Sha1:   88832995920b263c802aef8e1ee901178fcf91b0
Sha256: 56ce08ba1eeb03a165b47526134472151b0b3d21f5e852685651759c62c74b79
                                        
                                            GET /wp-content/uploads/2020/03/Kontakt_Schmidt.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-157.css?ver=1646070080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "2aa18-5a5e6afe2b64a"
Accept-Ranges: bytes
Content-Length: 174616
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Email at symbol in the sand at the beach, manufacturer=Canon, model=Canon EOS 5DS R, orientation=upper-left, xresolution=197, yresolution=205, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2017:05:08 15:23:32], baseline, precision 8, 1920x1280, components 3\012- data
Size:   174616
Md5:    01437aff0a9b4d72e26cfef0baf7baae
Sha1:   04527de2004c92c2cda245294e28c4a5a94f811e
Sha256: f7fc165b0a3376f43a6cbc99e72069b0521679112bb0a0e00e738c9c1abbf578
                                        
                                            GET /wp-content/uploads/2020/03/cropped-fav-energie-1-192x192-66x66-1-192x192.png HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "3488-5a5e6afe3799a"
Accept-Ranges: bytes
Content-Length: 13448
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   13448
Md5:    a5915e92b794cdeb6983854ef36f5f71
Sha1:   3204ae97b32188ee5ce66a513af0913361b68037
Sha256: f141c919d646639918b3bf958bda6ef0b4a79a55dabe32cbd7446f66790ee1a5
                                        
                                            GET /wp-content/uploads/2020/03/cropped-fav-energie-1-192x192-66x66-1-32x32.png HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "423-5a5e6afe37d82"
Accept-Ranges: bytes
Content-Length: 1059
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1059
Md5:    9d3373d9ac83e79cf2e31b322a34ed19
Sha1:   937bd21af9eeec865329e820801202342959f7c3
Sha256: f77ca81f12ef2d91de4cee028dd3ad9b8aa2d6346f976b67cdb2d7af2727dbca
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 16:20:56 GMT
ETag: "16cbc-5e91e3682a1b8"
Accept-Ranges: bytes
Content-Length: 93372
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Size:   93372
Md5:    aab0bb3379e0eb7ebc26071db61fbd57
Sha1:   711c8d350c4192c2f1aa7f73551445b89fb4b161
Sha256: 691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2020/03/Energieeffizienz-Nordrhein-Westfalen.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "38ef5-5a5e6afe1f2fa"
Accept-Ranges: bytes
Content-Length: 233205
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2432x1724, components 3\012- data
Size:   233205
Md5:    603641aefa17f4a924485af0d066dac7
Sha1:   78756d4525176e05612b934fab73649a647fc495
Sha256: 559234c86bdd03a0cf98b9e75b83285d1a5228ab548abb132712eb3fa13242bc
                                        
                                            GET /wp-content/uploads/2020/03/Energiesparen-Nordrhein-Westfalen.png HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "1eeb6-5a5e6afe2394a"
Accept-Ranges: bytes
Content-Length: 126646
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1280 x 719, 8-bit/color RGBA, non-interlaced\012- data
Size:   126646
Md5:    8f52b020a822f1cdba76e5d65ab77bee
Sha1:   e8e83e0ef4da808f18393004b3cd2719a92d24b0
Sha256: 449f3800589b360350d7e9b43eb671d79a536172c9dbca88148e1e48329f3c97
                                        
                                            GET /wp-content/uploads/2020/03/Energieausweis-Nordrhein-Westfalen.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "75508-5a5e6afe1953a"
Accept-Ranges: bytes
Content-Length: 480520
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2508x1672, components 3\012- data
Size:   480520
Md5:    071be1840f7c00cd72fe1c4168274d52
Sha1:   c43a645a64992295d555efaa2ee165a82f301c89
Sha256: 3cd2e113bd4a263c53134278586db348ec59bdc1f213665499d1e91ae2c16bea
                                        
                                            GET /wp-content/uploads/2020/03/Geba%CC%88udeenergieberatung-Nordrhein-Westfalen.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "77430-5a5e6afe2605a"
Accept-Ranges: bytes
Content-Length: 488496
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 2508x1672, components 3\012- data
Size:   488496
Md5:    61504fba56810ea9265e4f4b5b8a9651
Sha1:   6a57af4b2f06daae2983f3c88ee0f32a6b16f1fd
Sha256: 4280517f9a33aec38efa00a04f63816a467940dd6d3f03ad01ebc26a0f5db1d8
                                        
                                            GET /wp-content/uploads/2020/03/Thermografie-Nordrhein-Westfalen.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "b3bf0-5a5e6afe375b2"
Accept-Ranges: bytes
Content-Length: 736240
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=19, height=3189, bps=0, compression=LZW, PhotometricIntepretation=RGB, description=Heat Loss Detection of the House Facade With Infrared Thermal Camera, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=4833], baseline, precision 8, 2413x1738, components 3\012- data
Size:   736240
Md5:    98f2e1a1b1739824cf2f791270943dfc
Sha1:   9f95558b7d7be9b8c214ebd44d22c57b8e77f817
Sha256: 619a72150f31fd15a3b7d15285f41340a68b6d98f2c3f3a138a233283548cdc4
                                        
                                            GET /wp-content/uploads/2020/03/Hauskaufberatung-Nordrhein-Westfalen-scaled.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "7eb7f-5a5e6afe28f3a"
Accept-Ranges: bytes
Content-Length: 519039
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, description=Green eco house environmental background in field for future residential building plot, manufacturer=Canon, model=Canon EOS 5DS R, orientation=upper-left, xresolution=243, yresolution=251, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2017:07:03 13:12:24], baseline, precision 8, 2560x1707, components 3\012- data
Size:   519039
Md5:    3cdff815ceae2ea553fd701321e9bafa
Sha1:   4c24bd9f3c7aa5335fe952acc29871e8b5d31c51
Sha256: a15c9725b714f5c832de72b11000444a4512327f2c925803be45330b17f31e42
                                        
                                            GET /wp-content/uploads/2020/03/Energiekonzepte-Nordrhein-Westfalen.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "3421c-5a5e6afe22d92"
Accept-Ranges: bytes
Content-Length: 213532
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=16, height=2959, bps=206, compression=none, PhotometricIntepretation=RGB, description=Energy efficiency rating of buildings for sustainable development, orientation=upper-left, width=4439], baseline, precision 8, 2432x1724, components 3\012- data
Size:   213532
Md5:    2fcd24817cc670138cf4685692849a3c
Sha1:   72600b74f159eda55d4995eb8d6b9f214525baeb
Sha256: 68c597cfbc8ff2149bc4e5b364451ea6c09b11337efd977b96238afe2f9103aa
                                        
                                            GET /wp-content/uploads/2020/03/Energiegutachten-Nordrhein-Westfalen.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "53b4a-5a5e6afe2123a"
Accept-Ranges: bytes
Content-Length: 342858
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D800E, xresolution=4296, yresolution=4304, resolutionunit=2, software=Adobe Photoshop Lightroom 6.4 (Windows), datetime=2016:04:04 22:41:21], baseline, precision 8, 2507x1673, components 3\012- data
Size:   342858
Md5:    05d357599ae688ffa91a99c04e1fd579
Sha1:   dedfef7b8c414c9e9d073647d7e2d97ecd8871d4
Sha256: e734bdc5b7fdf71116a5322e84f17c6ba6f56b6b1fbcdc5afd88ca31b75f1c9f
                                        
                                            GET /wp-content/uploads/2020/03/Energieberatung-Nordrhein-Westfalen.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "2f486-5a5e6afe1d3ba"
Accept-Ranges: bytes
Content-Length: 193670
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=15, height=3508, bps=0, PhotometricIntepretation=CMYK, description=German text Energieberatung, translate Energy Consulting. Eps 10 vector file., orientation=upper-left, width=4961], baseline, precision 8, 2435x1722, components 3\012- data
Size:   193670
Md5:    a7f27660a20bc284744606f4767bebfc
Sha1:   ed74858041da8e1c61cf5bdcf551bf70cd171d80
Sha256: b15f4e837944f181a81840aef154ca688b0b916cc3093afe96a06384f58dfa3a
                                        
                                            GET /wp-content/uploads/2020/03/Energieberater-Nordrhein-Westfalen.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "472ef-5a5e6afe1b862"
Accept-Ranges: bytes
Content-Length: 291567
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=NIKON CORPORATION, model=NIKON D800E, xresolution=4296, yresolution=4304, resolutionunit=2, software=Adobe Photoshop Lightroom 6.4 (Windows), datetime=2016:04:04 22:41:19], baseline, precision 8, 2507x1673, components 3\012- data
Size:   291567
Md5:    e8f5d28c356884fbd8ec770bb2bb3914
Sha1:   25682b7d4b2263b6e6406f3bc1015ec36be8b9f9
Sha256: c3558d7ecc80403890856f78694df1a0499705a352903065b13b9ec322634037
                                        
                                            GET /maps/embed?origin=mfe&pb=!1m4!2m1!1sBrandenburger+Tor,+Berlin,+Deutschland!5e0!6i10 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://energieberater-nordrhein-westfalen.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 22 Sep 2022 12:45:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-RkY0S3roYTrYdkECoaQ46A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 982
x-xss-protection: 0
server-timing: gfet4t7; dur=644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1571)
Size:   982
Md5:    d05a86a107a10da32b9e1fa00ca15f3e
Sha1:   9c7d3a1710f675c020999247990d5e71d03df4d4
Sha256: e8c16b1f53f1d5eea37e2010428a1a18f1cf77e78db2de986132b8d6d6786db2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56930
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=14
date: Thu, 22 Sep 2022 12:33:45 GMT
expires: Thu, 22 Sep 2022 13:03:45 GMT
cache-control: public, max-age=1800
age: 676
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2500)
Size:   56930
Md5:    45710fafd31da3c8d18ddd4f1432d07b
Sha1:   05d0825f6f8e86b238243051748ba0b70ba3636f
Sha256: f960ad906cc5415fa0df166e5507570815e07f00e97351cded62243f0dcfe602
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 12:45:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 12:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps-api-v3/embed/js/50/6/init_embed.js HTTP/1.1 
Host: maps.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 70449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:51:15 GMT
expires: Thu, 21 Sep 2023 19:51:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 19:19:29 GMT
age: 60827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2669)
Size:   70449
Md5:    28b2f8991cb293000d95bcd22b064bdb
Sha1:   6cd3d214658feca2cd46b21b0e7312e986e60c68
Sha256: 9bc7a89f847eb9ef92849d1ec663511a56a942e60d683ce8f916924684b19300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 12:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:59:09 GMT
age: 53158
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7060
Md5:    c92f202bddcfee6efac41bcc25be5745
Sha1:   9d297544318ff34f839678d8b358290ab6bd62a8
Sha256: f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2
                                        
                                            GET /wp-content/uploads/2020/03/Startseite-Oben-1-scaled.jpg HTTP/1.1 
Host: energieberater-nordrhein-westfalen.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://energieberater-nordrhein-westfalen.de/wp-content/uploads/elementor/css/post-23.css?ver=1646070080
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         83.169.41.94
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 12:45:00 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 06:58:15 GMT
ETag: "7eb7f-5a5e6afe2f4ca"
Accept-Ranges: bytes
Content-Length: 519039
X-Powered-By: PleskLin
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---