blog.ipapaki.gr/
301 Moved Permanently 162 B IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: blog.ipapaki.gr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 02:01:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://blog.ipapaki.gr/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10814
Expires: Tue, 31 Jan 2023 05:01:41 GMT
Date: Tue, 31 Jan 2023 02:01:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10409
Expires: Tue, 31 Jan 2023 04:54:56 GMT
Date: Tue, 31 Jan 2023 02:01:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 01:35:50 GMT
content-type: application/json
age: 1537
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4856
Expires: Tue, 31 Jan 2023 03:22:23 GMT
Date: Tue, 31 Jan 2023 02:01:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g6c09rJ82BPUfZOqN6HWRAVaIMGYBUL55CoeG1j0H+kFijWu76sDjoUnVmMjXpB/cd8QZCtG9ro=
x-amz-request-id: ZE8TNAVFCZQH6STZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 01:22:01 GMT
age: 2366
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ca03b785d0a42d4c9f17eed260d6e0d
43c64020e1b2aba4a6658a282303f3fc7558004e
0f24d4c7d4af192c7aecccf7a7e17550d71dcce67f6c96ccc4d70bd9b3b29bd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F24D4C7D4AF192C7AECCCF7A7E17550D71DCCE67F6C96CCC4D70BD9B3B29BD5"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 08:01:28 GMT
Date: Tue, 31 Jan 2023 02:01:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 01:41:41 GMT
age: 1187
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9021
Expires: Tue, 31 Jan 2023 04:31:49 GMT
Date: Tue, 31 Jan 2023 02:01:28 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6Plo+wn+iXb57gmfki2d6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MPvFTDv4Chd+NpytjiCwFS5xrtA=
blog.ipapaki.gr/
301 Moved Permanently 0 B IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: blog.ipapaki.gr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 31 Jan 2023 02:01:28 GMT
content-type: text/html; charset=UTF-8
content-length: 0
vary: Accept-Encoding,Cookie
x-redirect-by: WordPress
location: https://new.mc-educate.eu/
x-powered-by: PHP/7.3.33, PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a45830a24e41d53ab40e3d3c0a7c9406
7c9247e9969fd5ea46093876c473245e72a3822a
667e2ea6e640d1d6dcc9fff3d6e8a414c340a47010745f29b6578ef86ef81fd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "667E2EA6E640D1D6DCC9FFF3D6E8A414C340A47010745F29B6578EF86EF81FD9"
Last-Modified: Tue, 31 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 08:01:29 GMT
Date: Tue, 31 Jan 2023 02:01:29 GMT
Connection: keep-alive
new.mc-educate.eu/
200 OK 28 kB IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25336)
Hash f93bb972e914a995cc6ad9aa75fa1d75
9ed30bde53ec1ebfdcf868d2f27b95a37d1828b0
18d183260bd95a9280849f783c6e281e9116e0964ab64e0531b5ffc8dcfd6f9d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/html; charset=UTF-8
content-length: 27633
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
content-encoding: gzip
x-powered-by: PHP/8.0.27, PleskLin
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
200 OK 309 B URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
content-length: 309
x-accel-version: 0.01
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: "29d-5d37385c3c7e0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
200 OK 4.0 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (11862), with no line terminators
Hash ecc99fd8587a7a804bcfd27e8a21231d
8783089662f6fdee346c4c4d185b3d599a493347
55f10e00a52f5cf521a77c856c173206d91a2ce1996de8fdce4aac2e2fa298d4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.3 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:52:45 GMT
etag: W/"61be663d-2e56"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:01:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
new.mc-educate.eu/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.6.8
200 OK 374 B URL HTTP/2 new.mc-educate.eu/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.6.8
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.6.8 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
content-length: 374
x-accel-version: 0.01
last-modified: Thu, 23 Sep 2021 09:54:59 GMT
etag: "2f2-5cca69fb98a83-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.2
200 OK 962 B URL HTTP/2 new.mc-educate.eu/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.2
IP
ASN #24940 Hetzner Online GmbH
Hash e3d52a0361ba721d38f63f0bc00c7d47
4bdd57961ffa941ff62af551045f768c060529b5
7d67034df0ac2a92b99926489dfbfcb3cde00f20d9b0f3a60e838cf21cb6a121
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.2 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 04 Dec 2021 18:46:56 GMT
etag: W/"61abb7a0-53f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blog.ipapaki.gr/wp-content/uploads/2020/11/MC-educate-logo-M.png
200 OK 17 kB URL HTTP/2 blog.ipapaki.gr/wp-content/uploads/2020/11/MC-educate-logo-M.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 314 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash a90e7ef08d3937f3526a23753b3ffade
ed004d911b61211e16cfb1091e8573e3eec03e83
ce93a69589a1a52b3f990ee8d3d16f3a44742a0864bc0e9a0771e2ada72ce7b5
GET /wp-content/uploads/2020/11/MC-educate-logo-M.png HTTP/1.1
Host: blog.ipapaki.gr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: image/png
content-length: 17256
last-modified: Thu, 23 Sep 2021 09:55:01 GMT
etag: "614c4ef5-4368"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.5.0
200 OK 79 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.5.0
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2577)
Hash 3ce6c96c21686aa60a90719fdc7df5aa
9464526bd0f1edc81ee83795cefe958539915dea
747f7716249144a62c5199361de37fa972ab7d3b839911dbcbc4f9968d3c2d53
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.5.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-a12"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1675130482
200 OK 322 kB URL HTTP/2 new.mc-educate.eu/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1675130482
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Size 322 kB (322252 bytes)
Hash 47d9344d2d4528a655acd32dbff853e9
640ddcba57e2e6dc5b0617cbde96e53ac40b6b2f
dfdc23f2ca637b5486d790b7d1e089bad307c2a5ba267421d925feeb382bc343
GET /wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1675130482 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Thu, 23 Sep 2021 09:55:01 GMT
etag: W/"614c4ef5-f7b48"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.ttf
200 OK 6.2 kB URL HTTP/2 new.mc-educate.eu/wp-content/themes/Divi/core/admin/fonts/modules/base/modules.ttf
IP
ASN #24940 Hetzner Online GmbH
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ETmodules \012- data
Hash 51ae8a67713e8dff77ab0903532caed2
388212f5009137d58ed93aeccfd075cb7e522166
7c51f9fb51890524ad066fb1b4b69d7dc2bd923e182eb4df6d880ea593d2ce4e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/core/admin/fonts/modules/base/modules.ttf HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/font-sfnt
content-length: 6228
last-modified: Sat, 04 Dec 2021 18:46:56 GMT
etag: "61abb7a0-1854"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/2020/11/Digital-merketing-mc-educate-300x223.jpg
200 OK 5.8 kB URL HTTP/2 new.mc-educate.eu/wp-content/uploads/2020/11/Digital-merketing-mc-educate-300x223.jpg
IP
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x223, components 3\012- data
Hash 7c0fb6b9403b67105bb7bc8748c45aaa
530f2ba8b8156ed707766f56d834b9eadfc9e23e
165b2d1a5f77dd99f8c576d66640c55277eaa64393549ef359992e65a6991a05
GET /wp-content/uploads/2020/11/Digital-merketing-mc-educate-300x223.jpg HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: image/jpeg
content-length: 5788
last-modified: Thu, 23 Sep 2021 09:55:01 GMT
etag: "614c4ef5-169c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:01:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/5.8.6/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 22 kB URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
File type ASCII text, with very long lines (4186), with no line terminators
Hash 50a5f9adcc910168a625edd18d94c5dd
8531a088b124fc0150b36f6641f02937ae86915d
2959e21f17f22c685333a6dd3a2918ccdf767c4388ee889cf78bc5f5a9d8302a
GET /c/5.8.6/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 35 kB URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
File type ASCII text, with very long lines (11256), with no line terminators
Hash 46ed7f7830cb9e69e8c83e3ecc5d5dda
e281b65ab9468c8d8381ac4a4551ea55b544ef85
ce486028a9c5ce3fac55c16550680942728f5cc028db272173c24369a0bd60ec
GET /c/5.8.6/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
200 OK 26 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3
IP
ASN #24940 Hetzner Online GmbH
Hash 8eb06c6e575efc11a3c95fcc09a059e5
0a39f57289a11e3926f12ed02aab28082bbe83e2
de10eb9836e8a8c8d4ee226bae1d881511836dd08a1a8f41894041a4484c334d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.3 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sat, 18 Dec 2021 22:52:45 GMT
etag: W/"61be663d-aab"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:01:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
new.mc-educate.eu/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1639875989
200 OK 45 kB URL HTTP/2 new.mc-educate.eu/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1639875989
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0a63e1c4340a67695ec584e05da668e3
a34edc8932a4b04f80526e589c13d6f6c343b87f
ba6065bfdd760dcd4862ec7efc5a7c26b9316e02b78eef344703f115629e74c1
GET /wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1639875989 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 01:06:29 GMT
etag: W/"61be8595-209d9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:01:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
new.mc-educate.eu/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.2
200 OK 72 kB URL HTTP/2 new.mc-educate.eu/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.2
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65467)
Hash ba0a278aa5966e24130720907d935fab
8fb2d2e1dbb042c0291bc85ab0fc73673775f1ce
543cb69500881927e32376b0d7481aeb639ca9ccb3a1c4e46903f790d4968aa6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.14.2 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 04 Dec 2021 18:46:56 GMT
etag: W/"61abb7a0-43a00"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22212, version 1.0\012- data
Hash e62adebf67147c481b9c00011e2c5d48
3af42ef356fa413fd162c56a7b11b8d34a61cefb
17ec0c20d179cf39cbbb164c18165e8a35e9678d5602c8c4f6826ff457b0685e
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new.mc-educate.eu
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 01:15:52 GMT
expires: Mon, 29 Jan 2024 01:15:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:15:01 GMT
content-type: font/woff2
age: 175537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.5.0
200 OK 20 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.5.0
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (42994)
Hash 175b957bc6edf74585ce208bb49ef961
5c3d3ecc2cd402fbecbef62e9a60feeabd670e7d
385effd8a971c6b3face35bb2ed50b07532464634c070b7eab056a92cc0e42b6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.5.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-a819"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 25 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (12198), with no line terminators
Hash 915a6dcba81b897f7996b8679811270f
263a615c3ea789b585485f78f752babc2d079cab
bf9abc97df972dc9df356b36da5fbbec8bbad152bfe1f310acb7a0ae6c6b1fb7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-2fa6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1639867981
200 OK 2.0 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1639867981
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4184), with no line terminators
Hash 95cff346ecf6a49caaa44136305f6418
2788c929a86a36ab20990067d3479752cd015974
c3ee50a935640b474562589b7d7f2ead237ec9b41a948d4a24956727e68034f5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js?ver=1639867981 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:53:01 GMT
etag: W/"61be664d-1058"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.0
200 OK 29 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.0
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (36842)
Hash 3bd5978eb54815e819688bc7cebd07fc
eeee5c54c160cddd987a7c82498723e363f21606
06f880f81b8cfba4fadd990b435344e4e49971474c623dcc5f6a7db18ddbe12b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-9011"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_g.woff2
200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_g.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18072, version 1.0\012- data
Hash b6a1ea49de35dad044a23f58c0aa916b
9f03536854e9a8f3aa214b37bd225f7ecceef62a
f379d01b8202423b2e222e3f429b4324da22fa5aa357d8bfb38b7aea12438072
GET /s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new.mc-educate.eu
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 08:12:21 GMT
expires: Sat, 27 Jan 2024 08:12:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:17:06 GMT
content-type: font/woff2
age: 323348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP2D6puoR_g.woff2
200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP2D6puoR_g.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18892, version 1.0\012- data
Hash 31634031195c6049b1b221def041572b
1a2f7d466e35abc8b0fe8096cd771dbb8f41edc1
1b1d74b7fb495881f90caa237e276b35b9639fe6177888fdb0a20bf2ca46a0ef
GET /s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP2D6puoR_g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new.mc-educate.eu
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 08:12:21 GMT
expires: Sat, 27 Jan 2024 08:12:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:17:10 GMT
content-type: font/woff2
age: 323348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/elementor/css/post-47.css?ver=1639875989
200 OK 22 kB URL HTTP/2 new.mc-educate.eu/wp-content/uploads/elementor/css/post-47.css?ver=1639875989
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1175), with no line terminators
Hash 1e54bce913cace11d9d6bba3862ffd65
ae52c22d7cf4cb925842222778d5cb9b4b58c426
f44d77b631115425fb35e960a3c811229bd2f84e39ce2e7b3d248888127bc1c6
GET /wp-content/uploads/elementor/css/post-47.css?ver=1639875989 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 01:06:29 GMT
etag: W/"61be8595-497"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.7
200 OK 8.8 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.7
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6595), with no line terminators
Hash 13d042ad4652c9e8f7ba99a671e79082
2303bf8143f663d145749ec97d24ea82ec77a8c9
0961fd0d411429617277df709d5d46690960f88b896e0fff891dd607d83a83fb
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.7 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Thu, 23 Sep 2021 09:54:56 GMT
etag: W/"614c4ef0-19c3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2
200 OK 6.9 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 6936, version 1.0\012- data
Hash 3f8b2aa43c439ca2c8930c198320c231
e616fd3ee33ea9971dd71c7d667c5b4e146e8e95
1c9cc76fd52238330f0aabac35acd2cac0f04b7890862e61e013ebbb8513fb5b
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new.mc-educate.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 02:44:48 GMT
expires: Fri, 26 Jan 2024 02:44:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:03 GMT
content-type: font/woff2
age: 429401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:01:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
new.mc-educate.eu/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.0
200 OK 35 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.0
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4866)
Hash cdfacafa1b2d3fdcae8f97d3cc81c4a3
e9c490001a785595dec26930a70182dd6bbe3766
661fff6430f9009f84458b9fe91f322381b6e8242cfcbebb222f4d155c92db92
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-1329"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/imagesloaded.min.js
200 OK 18 kB URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/imagesloaded.min.js
IP
File type ASCII text, with very long lines (5477)
Hash 6d1a89868b5b4315f351283f474561e8
945183cdae3db2df647cdcf88645378abfef3b9a
0f4a303a995dd088cc3ec6012eb30fc9f684f2c078e49f3897f4a7b51b868538
GET /c/5.8.6/wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=187610302&post=413&tz=0&srv=new.mc-educate.eu&host=new.mc-educate.eu&ref=&fcp=2358&rand=0.4478060437891034
200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=187610302&post=413&tz=0&srv=new.mc-educate.eu&host=new.mc-educate.eu&ref=&fcp=2358&rand=0.4478060437891034
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A10.4&blog=187610302&post=413&tz=0&srv=new.mc-educate.eu&host=new.mc-educate.eu&ref=&fcp=2358&rand=0.4478060437891034 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14213
Expires: Tue, 31 Jan 2023 05:58:22 GMT
Date: Tue, 31 Jan 2023 02:01:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14212
Expires: Tue, 31 Jan 2023 05:58:22 GMT
Date: Tue, 31 Jan 2023 02:01:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14212
Expires: Tue, 31 Jan 2023 05:58:22 GMT
Date: Tue, 31 Jan 2023 02:01:30 GMT
Connection: keep-alive
new.mc-educate.eu/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.7
200 OK 55 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.7
IP
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (39674), with LF, NEL line terminators
Hash 5353161fffc6d4699c9104243ae5636a
10b47e5d20a96cabd9544ae7b5965d494b7eb5b6
3575ce8375f61555614867b00cdb3839b4ef02436e5c5f54cc3b9c3bdf52c4e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.7 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Thu, 23 Sep 2021 09:54:56 GMT
etag: W/"614c4ef0-2a09f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14212
Expires: Tue, 31 Jan 2023 05:58:22 GMT
Date: Tue, 31 Jan 2023 02:01:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e575f4c5e3aa793f846cadc8baf386c
f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d
09a5bbe4fb7f23ee43228267f30c1ef0cd8747e515e01c963df0756b866f23ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 059475a7-d7de-4a44-9fc7-11fb24e201b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_9G8DIAMF64A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e399-57fea3031d1e93ec02308fac;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vzubP2I1xR5NF1amWIPiIlp6yPykWhz-CEbwDiJOs-eTWkTE-fvfjA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 03:51:25 GMT
age: 79805
etag: "f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/elementor/css/post-320.css?ver=1639875990
200 OK 5.5 kB URL HTTP/2 new.mc-educate.eu/wp-content/uploads/elementor/css/post-320.css?ver=1639875990
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5472), with no line terminators
Hash 88f59f729e93ee0ab6d90e58f76fb2c2
ff17cdede88f7485e8fee2d18a6d3bf953352901
0968c3f297227b873270cb39d1a526d60540ce36db0b689fb3092711aa21fd45
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-320.css?ver=1639875990 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 01:06:30 GMT
etag: W/"61be8596-1560"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/elementor/css/custom-frontend-legacy.min.css?ver=3.5.0
200 OK 1.1 kB URL HTTP/2 new.mc-educate.eu/wp-content/uploads/elementor/css/custom-frontend-legacy.min.css?ver=3.5.0
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9431), with no line terminators
Hash 8e3bc023056e93059029abc7f036f179
c535706093801897a788d459e0708629b792bb99
eb03aca5eabd681f26a141907377a75c4c256576964198e2ee9384239a69e3f0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/custom-frontend-legacy.min.css?ver=3.5.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 01:06:29 GMT
etag: W/"61be8595-24d7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0
200 OK 17 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (18854)
Hash 3efd696e5f37f1cf19b1c35a779776f3
767e2348526a78da9c4d905542b43777f6f3f67f
7b355b30f912c749675ade666999fc18e2b4cf2597f333ff7f62b74abf752db5
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-49d4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 15189
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=greek&ver=5.8.6
200 OK 10 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=greek&ver=5.8.6
IP
Hash 83e8f107bf4b0e0cdb91d6e7c9132f7b
8184426d743e359486d089b05c821176ac559a3e
513ed1ec7cfddc9a00e109b4b1721c2c53e5f6ed5945b155c7aa445a0ab93d66
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=greek&ver=5.8.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 02:01:29 GMT
date: Tue, 31 Jan 2023 02:01:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/dist/vendor/regenerator-runtime.min.js
200 OK 7.7 kB URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
File type ASCII text, with very long lines (6406), with no line terminators
Hash 4677a95bb9c822d583e2f43b7f8a910d
cf84a1269e2e5c909f70de27443c5ece99880b27
d0bee8f7d48accd7671d693c2d717eb5e33973064e963be45b6447f4306c9ea7
GET /c/5.8.6/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 23 Jun 2021 00:06:13 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff
IP
File type Web Open Font Format, TrueType, length 27520, version 1.1\012- data
Hash cd247306809a5a4ddcfee4e2681aa03b
1aaa3efe7fc2cf5ccd75d4c67e1bf05e5041af3b
925be42fa3c0ca5ea75cd203804c3f6c717407e44010e1b63ed2c951bacc1849
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVQ.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new.mc-educate.eu
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27520
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:18 GMT
expires: Sat, 27 Jan 2024 10:05:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:58 GMT
content-type: font/woff
age: 316572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansR\012- data
Hash e03509d142b8616a3a13bb9ba955179e
301b98d5a1d198857f2ec1a1197aaea40e444609
6209db0cff73e99b5b544fb7ec31ffecd8afd695961066e0d78b5014f9c81ce2
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new.mc-educate.eu
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 06:33:04 GMT
expires: Mon, 29 Jan 2024 06:33:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:15:00 GMT
content-type: font/ttf
age: 156506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_4.woff
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_4.woff
IP
File type Web Open Font Format, TrueType, length 24148, version 1.1\012- data
Hash 4ca9a07dc73dcacb356ba22b96caa42a
e4ba97bdc90d91cfd6c8db6d494d2eec54d7d3d7
1af00ba601b2fae4f1da5d476485bc8412c9da06ca7331544efa3796402f72af
GET /s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_4.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new.mc-educate.eu
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 13:16:06 GMT
expires: Thu, 25 Jan 2024 13:16:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:17:08 GMT
content-type: font/woff
age: 477924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_0.ttf
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_0.ttf
IP
File type TrueType Font data, 16 tables, 1st "GDEF", 10 names, Microsoft, language 0x409, Copyright 2019 The Jura Project Authors (https://github.com/ossobuffo/jura)Jura LightBold5.106;G\012- data
Hash c00a494c8cdc953b229845e878b1dd7c
ce1cd1f9417e6a49c502aa8bd96ef414aef8e0d4
68a884639abde6d416d4068d8162e0414dd1e935a3a29e03a18573e55dbd2143
GET /s/jura/v24/z7NOdRfiaC4Vd8hhoPzfb5vBTP266puoR_0.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new.mc-educate.eu
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24650
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:40:40 GMT
expires: Thu, 25 Jan 2024 19:40:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:17:07 GMT
content-type: font/ttf
age: 454850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.0
200 OK 204 kB URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.0
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (14196)
Size 204 kB (203747 bytes)
Hash aa10a3ec06b9fc7e06287b05b3c4047f
8afdddc2d65129b15b33000db30a0740b5e095e6
03198820d5e49d9f568e5fde5ed14a9cecbc951d2a4b37914b68394c50f3d8d4
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-379b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/2020/11/FAV.png
200 OK 4.1 kB URL HTTP/2 new.mc-educate.eu/wp-content/uploads/2020/11/FAV.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 71 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 77d371174114f10a72167bfee4eae105
9f4858644bdcd6a63b7ec1fd0ec3e102eb7706b9
366d1b0a2b6dab2fc48723103bd51bc556736b5635b9b456596b859891a41e6e
GET /wp-content/uploads/2020/11/FAV.png HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:30 GMT
content-type: image/png
content-length: 4145
last-modified: Thu, 23 Sep 2021 09:55:01 GMT
etag: "614c4ef5-1031"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cbc9f50b0a96fb69fa2e948aa3125413
e7f13a6e81263e73ac5777959d63b567f50848d5
2e3411687a31211dbf0aa732f8d93a3c5a4748afb264e695d36782700c8e8b5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12906
x-amzn-requestid: a1b3b104-14dc-4cc9-a3fb-b2fcc8f7700c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiPRrGSOIAMF-5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d72c0a-6e5a348670f401e076a59286;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 02:31:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TqLNvyBKeFgNPTUSFH__8lKjIc22VLORy0pTdCvkHsmiS8WpEd1aMQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:32:23 GMT
age: 12553
etag: "e7f13a6e81263e73ac5777959d63b567f50848d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/jquery/jquery-migrate.min.js
IP
GET /c/5.8.6/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/10.4/css/jetpack.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/10.4/css/jetpack.css
IP
GET /p/jetpack/10.4/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 17:11:24 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.6.8
200 OK 0 B URL HTTP/2 new.mc-educate.eu/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.6.8
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.6.8 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 09:54:59 GMT
etag: W/"614c4ef3-9799"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1639875989
200 OK 0 B URL HTTP/2 new.mc-educate.eu/wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1639875989
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/custom-pro-frontend.min.css?ver=1639875989 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 01:06:29 GMT
etag: W/"61be8595-337e6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/dist/vendor/wp-polyfill.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
GET /c/5.8.6/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 14 Jun 2021 23:18:11 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/wp-util.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/wp-util.min.js
IP
GET /c/5.8.6/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/elementor/css/global.css?ver=1639875990
200 OK 0 B URL HTTP/2 new.mc-educate.eu/wp-content/uploads/elementor/css/global.css?ver=1639875990
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/global.css?ver=1639875990 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sun, 19 Dec 2021 01:06:30 GMT
etag: W/"61be8596-c44c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.0
200 OK 0 B URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.0
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-4824"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/wp-embed.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/wp-embed.min.js
IP
GET /c/5.8.6/wp-includes/js/wp-embed.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202305.js
200 OK 0 B IP
GET /e-202305.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Wed, 24 Jan 2024 05:54:37 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
200 OK 0 B URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-e238"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
200 OK 0 B URL HTTP/2 new.mc-educate.eu/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
last-modified: Sat, 18 Dec 2021 22:53:22 GMT
etag: W/"61be6662-29ba"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
new.mc-educate.eu/wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1675130482
200 OK 0 B URL HTTP/2 new.mc-educate.eu/wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1675130482
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1675130482 HTTP/1.1
Host: new.mc-educate.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 09:55:01 GMT
etag: W/"614c4ef5-6412a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/jquery/jquery.min.js
IP
GET /c/5.8.6/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/jquery/ui/core.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/jquery/ui/core.min.js
IP
GET /c/5.8.6/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/5.8.6/wp-includes/js/underscore.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.8.6/wp-includes/js/underscore.min.js
IP
GET /c/5.8.6/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new.mc-educate.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:01:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 27 May 2021 19:33:19 GMT
content-encoding: br
expires: Wed, 31 Jan 2024 02:01:29 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
94.130.205.31
192.0.76.3
95.101.11.115
0.0.0.0