Report - www.work2live.de/

Report Overview

Submitted URL
www.work2live.de/
IP
217.160.0.10
ASN
#8560 IONOS SE
Submitted
2022-09-28 05:57:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.work2live.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	770 B	704 B	217.160.0.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
work2live.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	1.9 MB	217.160.0.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.35.74.102

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-28	medium	www.work2live.de/	Malware
2022-09-28	medium	work2live.de/wp-includes/css/dashicons.min.css?ver=5.7.7	Malware
2022-09-28	medium	work2live.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	Malware
2022-09-28	medium	work2live.de/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72	Malware
2022-09-28	medium	work2live.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4	Malware
2022-09-28	medium	work2live.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7	Malware
2022-09-28	medium	work2live.de/wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js	Malware
2022-09-28	medium	work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2	Malware
2022-09-28	medium	work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2	Malware
2022-09-28	medium	work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2	Malware
2022-09-28	medium	work2live.de/wp-content/themes/jupiterx/lib/assets/fonts/jupiterx.woff2	Malware
2022-09-28	medium	work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-logo.svg	Malware
2022-09-28	medium	work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-icon-black.svg	Malware
2022-09-28	medium	work2live.de/	Malware
2022-09-28	medium	www.work2live.de/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	work2live.de/	418 B	2023-03-08	2023-07-06
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-07-06 16:18:37 Times Seen3 Hash 0b7f7ef54a7aa2b39c628cdba3bc0837 e818fc20416c3ed64dd2ec553ee55f7d217a5da9 65c19993b056888f95ecec5c1e8872360ecb8c8d89bcb46799f39016e3d38199 Loading...

	work2live.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7	14 kB	2023-03-07	2024-05-10
Pretty URL work2live.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7 IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-05-10 12:26:05 Times Seen7976 Hash eaa8641bcda2371f4024a71fbb67de3b 0e46c39d3821683c856605a82254115f9a6a7792 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c Loading...

	work2live.de/	1.3 kB	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash e9f3b4035e20de039a3d644658208661 4637d50cf22e23017c71f869e196abfc2050fd3f b9eefb99e242a851eec6d872adbcdb10409e94001cf1cf987a22ecc7342577cf Loading...

	work2live.de/	2.3 kB	2023-03-08	2024-04-17
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2024-04-17 18:26:19 Times Seen7 Hash 39dafac32b6488291e29e0c7ece5e0b8 4d562a7cdd50140edbb92922de3a7076636699e4 a973e5c4cbe944ca3dfddd2e48e48f5ff87584601b1e6283521243c318fd5de5 Loading...

	work2live.de/	1.9 kB	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash cd37af1004b622d6b5c208928601aaa9 09da842cadf0b2074cd57226504411430027f046 aa41448459f68423708872fad9a2a2e2923c20ae43d5c293111885eeffbed279 Loading...

	work2live.de/	159 B	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash b218e3972cbe67025d945d754bd4286c e2c30c9c1bd9a13e34a1705669107a196f044b6c 93b9453ed13789cb3000c15099782b835060617077aa6cd0e2a9c09096322834 Loading...

	work2live.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	90 kB	2023-03-07	2024-05-10
Pretty URL work2live.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1 IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-05-10 17:25:26 Times Seen9595 Hash b6f7093369a0e8b83703914ce731b13c d1889f5c173c2a4b20288f1f84758599afd346ef 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827 Loading...

	work2live.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4	99 kB	2023-03-07	2024-05-09
Pretty URL work2live.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-05-09 11:49:11 Times Seen3629 Hash 5090bae2c114802440412e301bdf5174 3850afd52816ee686eccd881df06764b426cd86a d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3 Loading...

	work2live.de/	190 B	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash 55a229ad2358f1273237d492fcd4d608 94d1bec42927432dac3bd040b9ba725683557859 5bf953de6a198fb1e13a4c40c68f8fa4881fde09bb4e4595de2f4cabe72b0e90 Loading...

	work2live.de/	672 B	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash 9a037eee413267b50835d9e290ab3e2b 5b72d834e5471661022495255389219a2e5ef12c d3ba2526a8f064085fed1f2ccf572b8708b5fee7ac5cd564e0ab1b6d134abc46 Loading...

	work2live.de/	82 B	2023-03-07	2024-05-04
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:34 Last Seen2024-05-04 05:27:34 Times Seen206 Hash 3598c9e643392974d4d8cb8da193e1fe fe21b3e0e46144cd7d9cd7fd94fb01c2270eef18 e25419d532f34706cc20049e4c925cd3ac6630f86b492f9ce001f71e3013737c Loading...

	work2live.de/	270 B	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash 60fab702af1aa2dd05a14064ef5d46c8 9ee2d90f0ef92660c0cd7e4337f4f741122a2cf4 23aceb80db6e8bf0820205dba2540df997dc12a9ed18e07b85f72ba4b4bf21be Loading...

	work2live.de/	211 B	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash 3fda0527007a552f0593725f4a489eb5 4fff698200bba97bcbdcb9da34426f1cafb778e3 8512a79e1bafe4259fd3e4e654e038b52682ef18946ad16440f05286b6ee50a7 Loading...

	work2live.de/	68 B	2023-03-07	2024-05-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-08 05:53:42 Times Seen455 Hash 1f5570ace7e1fedf6026302fd3433aa4 6576f7c633dac50f7e2e5decfe3fe5a68debef6d 0007b485d82f4539b80f37e9272e5322e09988a6311d76267e8ba85a30066382 Loading...

	work2live.de/	97 B	2023-03-08	2024-02-29
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2024-02-29 23:58:09 Times Seen6 Hash f982eeec63aa8e633cde1940a774d0af 635cf759e156f9e3e59eae36bc45501e7da43ec4 7b192e592395dcd452658e6cbf98fbb60e746a149fe86487aaaad007ff817821 Loading...

	work2live.de/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72	7.0 kB	2023-03-07	2024-05-08
Pretty URL work2live.de/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72 IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-05-08 08:22:19 Times Seen688 Hash fff58f50d2d6243f7705185a16cba7ea 144566a0887f77bf9126bd1bb46ccad9f29a5971 fcc650dabdeef66e791d2159bddf7e6ec415841c265e2e121bfdf8da9f898837 Loading...

	work2live.de/	2.1 kB	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash cf5c3426f164594dad60806cd408a04b 2eabccbd0c21213798a61c1673f64b06466ba804 b4ab669b3671f872ef53dfe1082364f50eb7e5ba6b510bfc681c52b605900aca Loading...

	work2live.de/wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js	1.1 MB	2023-03-08	2023-03-08
Pretty URL work2live.de/wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash 3c9334e2a00f9e94c7be5072e7d01c16 25aeb1885d3c8b6eeda5f916a79b25f66e6df87f 007105795fdc0fdddb937bc1ef1ace903742c77f501a008b818f2c54b57275a4 Loading...

	work2live.de/	3.3 kB	2023-03-08	2023-03-08
Pretty URL work2live.de/ IP 217.160.0.10 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:57:34 Last Seen2023-03-08 02:57:34 Times Seen1 Hash 3abb68cb6440b394d79366570b351051 bead020f6f9353f8d5b7214c576f3b0ea391f102 c77584b6c28470ea7b921ee4b12e1e5fdd08f016501b02cdb5a51cdf720b3693 Loading...

HTTP Transactions (51)

URL IP Response Size

www.work2live.de/

217.160.0.10

302 Found

209 B

URL HTTP/1.1
www.work2live.de/
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
209 B (209 bytes)
Hash
d8fd7f212697b68140da6e5b017c060a
eb05a7c38b49d3c99ca9ec0b892dbd846721ef7a
e767f6e186fda0aac15fdb06f0391c5bcdc3e6a25e095716a9b7990cdfc8b613

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
Content-Length: 209
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 28 Sep 2022 05:57:43 GMT
Server: Apache
Location: https://www.work2live.de/
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 06:57:43 GMT

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 05:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EGUrBpeqe96IFLHRkK50SmGtog-ZXzfN-GBxyxMohGh-jmfRQNLekg==
Age: 2524

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12631
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 05:57:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j2NcrYNW0n4AQOQd7Sns7YqV1xKZ_QlXFN7r-dKdUt2M2rX9Zh_yDg==
age: 74011
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 05:57:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 05:29:33 GMT
Expires: Wed, 28 Sep 2022 06:16:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -WpKJ_PbLLC9cNizferRV_GuInwJulpZSs8z39f1IMgD6Q2E3LD2ZA==
Age: 1691

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4152
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:57:44 GMT
Last-Modified: Wed, 28 Sep 2022 04:48:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.35.74.102

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.74.102:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cY89p3HPhMnowZhNGaH2Mg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6g04IznberwU4OW1O5WEUTj+Vos=

work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_8340dd626a5c4cf22decb5b96c0912ea.css?ver=1.22.1

217.160.0.10

200 OK

653 B

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_8340dd626a5c4cf22decb5b96c0912ea.css?ver=1.22.1
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (3465), with no line terminators
Size
653 B (653 bytes)
Hash
b44a37ed8ff9c7b9383eda862da49899
ef0b8cecacc4c1fb646764b14760a1469eb55bea
41f4bedadc11ad3f88208e8043900d745238364af1fd7365a13fddba9c85196d

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_single_8340dd626a5c4cf22decb5b96c0912ea.css?ver=1.22.1 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 653
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "d89-5e92c6e331522-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-includes/css/dashicons.min.css?ver=5.7.7

217.160.0.10

200 OK

37 kB

URL HTTP/2
work2live.de/wp-includes/css/dashicons.min.css?ver=5.7.7
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (58981)
Size
37 kB (36769 bytes)
Hash
a43f072b1c6cc0bb10ff7aad98758539
659ae328009e78ece12e242b20bb7982411fd287
81d40a5ef2fc0b46563aed4ef564ac69a4ada802e618013eb8a937c04e6b3f66

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=5.7.7 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 36769
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Thu, 15 Apr 2021 05:55:40 GMT
etag: "e688-5bffc8361b5e5-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_54bce84c007f66dab1437591a4a5dcca.css?ver=1.22.1

217.160.0.10

200 OK

26 kB

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_54bce84c007f66dab1437591a4a5dcca.css?ver=1.22.1
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26025 bytes)
Hash
7f862d7eba36c0d5238d9b39b8c4a0e8
af3c52eb0828721eef6be35d7acc44a93a2d6819
031550dc061eb26f7c5bbed014a88a6493150b61f04775e2226189eb57654dee

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_single_54bce84c007f66dab1437591a4a5dcca.css?ver=1.22.1 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 26025
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "1e629-5e92c6e331522-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_f4bc1a12b7e5f8ffabd2357712e725e8.css?ver=1628797359

217.160.0.10

200 OK

1.3 kB

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_f4bc1a12b7e5f8ffabd2357712e725e8.css?ver=1628797359
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (9751), with no line terminators
Size
1.3 kB (1315 bytes)
Hash
0bf4a0ce1be0350fbca8867377c21ac9
87185ee9503b22fccb4719f0ce25d414512a089f
fdab777f9abc1795b07d64e17b0f0747adf6e97fb33511ca58530735a08b1fee

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_single_f4bc1a12b7e5f8ffabd2357712e725e8.css?ver=1628797359 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 1315
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "2617-5e92c6e3353a3-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_d5894bb04cbf21c7ec43b9dc3253df33.css?ver=1628797359

217.160.0.10

200 OK

326 B

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_d5894bb04cbf21c7ec43b9dc3253df33.css?ver=1628797359
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (936), with no line terminators
Size
326 B (326 bytes)
Hash
041ac4498e8f7615bd38eb124022e523
e353b6b3b2dece451ba583de80313f685617ae14
873f83cad5a8d868990662eae4413f9548c5204882c317878ed97724bc69bed1

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_single_d5894bb04cbf21c7ec43b9dc3253df33.css?ver=1628797359 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 326
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "3a8-5e92c6e3324c2-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542

217.160.0.10

200 OK

4.9 kB

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (50687), with no line terminators
Size
4.9 kB (4895 bytes)
Hash
1601c256d82cdd36aee1c52527861998
e79bd40bab9982b79061c960e527298bd36df471
dda599966faf81489009391506278c2410c59ce361408ec3b88699692b3330d8

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 4895
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "c5ff-5e92c6e334403-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_ddb377651c1dd17337f98845aa2d1bee.css?ver=2.2.30-3

217.160.0.10

200 OK

6.5 kB

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_ddb377651c1dd17337f98845aa2d1bee.css?ver=2.2.30-3
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (35117), with no line terminators
Size
6.5 kB (6476 bytes)
Hash
0d2d29db24be342fa5069338f950379b
f57f833d2d83bbaeb2f941845c999e4ccca3633a
b4dea6068cd16621541fb51529dabeeb2e607fd89888dd9f00af44efbb15aeac

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_single_ddb377651c1dd17337f98845aa2d1bee.css?ver=2.2.30-3 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 6476
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "892d-5e92c6e3324c2-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_72fa7156d60f1d624622291e6580816d.css?ver=1628797359

217.160.0.10

200 OK

1.2 kB

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_72fa7156d60f1d624622291e6580816d.css?ver=1628797359
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (7903), with no line terminators
Size
1.2 kB (1231 bytes)
Hash
1cbfca32087c0d73647679eabd35aa4a
2067529a719186dcb34feb23022b490aaf7285b1
afc4ad04c1f7e24dcc100d6d73ef839cbc01a2eb1a65ee50d146f7812056d9e7

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_single_72fa7156d60f1d624622291e6580816d.css?ver=1628797359 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 1231
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "1edf-5e92c6e3353a3-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_501401b5436e222d5de8f979a5aa5d01.css?ver=1628797359

217.160.0.10

200 OK

2.1 kB

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_501401b5436e222d5de8f979a5aa5d01.css?ver=1628797359
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (13771), with no line terminators
Size
2.1 kB (2090 bytes)
Hash
8863aae054d88c61e23797cc15661f48
4bac02cff7f46ccffb75ed8a95494616559b7261
e20bc9313d7aa0a8d131b196194dd1ca258bf0997395e88905364be2e6abb32c

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_single_501401b5436e222d5de8f979a5aa5d01.css?ver=1628797359 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 2090
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "35cb-5e92c6e336343-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

217.160.0.10

200 OK

36 kB

URL HTTP/2
work2live.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (65451)
Size
36 kB (36153 bytes)
Hash
32249fc6d92d1992450d0d7df22cd934
51c4da50055a1329a1f5c5b8d455e2233cea0a79
cd867ce1c970ee323dfbb9497a6c6c307f72e04a44cb2957aef4850f4409a3dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 36153
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 23 Feb 2021 00:47:48 GMT
etag: "15d98-5bbf64470aa61-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72

217.160.0.10

200 OK

2.5 kB

URL HTTP/2
work2live.de/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (6944)
Size
2.5 kB (2501 bytes)
Hash
3a77ce8887c54dc69b72b414c4d79157
933e3a37c6c95b6c5c6e48a22e0848d76ae759c8
056cf2eb247aa7db39f6de6f801f8c61b0f3fe11b6d26620cbe2a4e79f05e8a7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2501
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 09 Sep 2021 05:55:46 GMT
etag: "1b43-5cb89a66cfa21-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4

217.160.0.10

200 OK

39 kB

URL HTTP/2
work2live.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Size
39 kB (39357 bytes)
Hash
68c18a71e6d95ef7ab4b6505270997c2
a89b9ce654ff8241adb34f9188b29b085a09b36a
decb1b471be43dc5e9c707a0463d5d579d2b09121a189da3ca21c7b819b49288

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 39357
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 23 Feb 2021 01:20:31 GMT
etag: "183ee-5bbf6b9770b70-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2020/10/Transparent-Logo_Work2live2_png.png

217.160.0.10

200 OK

208 kB

URL HTTP/2
work2live.de/wp-content/uploads/2020/10/Transparent-Logo_Work2live2_png.png
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
PNG image data, 7318 x 1558, 8-bit/color RGBA, non-interlaced\012- data
Size
208 kB (207644 bytes)
Hash
a92f91637354b7f04d1ab226cd3df5c9
e4cd4e37dff0f14779a34c6dbfc5c850a3ed31fb
3d3823a30bf3c5ba61421eee028191e3d68d98d7347f7e6b39f52a504a818f93

HTTP Headers

GET /wp-content/uploads/2020/10/Transparent-Logo_Work2live2_png.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 207644
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Sat, 10 Oct 2020 10:43:13 GMT
etag: "32b1c-5b14ebb63d240"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7

217.160.0.10

200 OK

5.3 kB

URL HTTP/2
work2live.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
ASCII text, with very long lines (11272)
Size
5.3 kB (5273 bytes)
Hash
7e85783271cdaecb2b4ec865c71cddee
db082129c7a75034a2cba609c0eb508a7e0219b7
b9ad3cb7770b67f344b35547459f2aba21d93f1ec949c1e353fa7b012a7099ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.7 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 5273
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 23 Feb 2021 21:31:55 GMT
etag: "3795-5bc07a5c590b1-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js

217.160.0.10

200 OK

368 kB

URL HTTP/2
work2live.de/wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
data
Size
368 kB (367463 bytes)
Hash
05195394e6ae0a3afba80b9ba5262672
3955bd28221f047f598aa479cb230f86685d7dae
526daeb509d9219e84e4a1614f77346045d19eb9afe924818bef510d2f259236

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:24:59 GMT
etag: "10eaa4-5e92c84d1904d-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2020/12/best-security-company-london-uk-1151114_1280.jpg

217.160.0.10

200 OK

109 kB

URL HTTP/2
work2live.de/wp-content/uploads/2020/12/best-security-company-london-uk-1151114_1280.jpg
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x466, components 3\012- data
Size
109 kB (108715 bytes)
Hash
e3d59641edcf4708c71ed9198d8b1cf4
59ec2eeb8132ace2c0d059501ff45d6796e1dc1a
8694a7948c6a402b9f6115e4dc328ef249a02dbb48df9b0f4783f4d8ed631725

HTTP Headers

GET /wp-content/uploads/2020/12/best-security-company-london-uk-1151114_1280.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 108715
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Wed, 02 Dec 2020 16:17:09 GMT
etag: "1a8ab-5b57d9337cb40"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2020/10/antragsteller_skaliert.png

217.160.0.10

200 OK

1.4 kB

URL HTTP/2
work2live.de/wp-content/uploads/2020/10/antragsteller_skaliert.png
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1404 bytes)
Hash
c8728d7848361a89d7eb711c0021e969
0a2d193886590ff594a1830f50cd948749763cff
b916b42f1087a3c0882695eba9928c392100f45fd3d875877cca3de0b70bb605

HTTP Headers

GET /wp-content/uploads/2020/10/antragsteller_skaliert.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1404
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 13 Oct 2020 13:02:19 GMT
etag: "57c-5b18d065fccc0"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

217.160.0.10

200 OK

78 kB

URL HTTP/2
work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_03f10307776f2a3fb73a936a062a8485.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 78196
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:34:52 GMT
etag: "13174-5c961d4341670"
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive

work2live.de/wp-content/uploads/2020/10/Fuer_Unternehmen.png

217.160.0.10

200 OK

690 B

URL HTTP/2
work2live.de/wp-content/uploads/2020/10/Fuer_Unternehmen.png
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
690 B (690 bytes)
Hash
34410428e4af307706528e5b4f81ef17
e7d1c1821da9091a05eb0dda40fdd0ff5e35ab53
c11e523517a839986675b363cf04432b1f92ff8b287121ec4db440099e8662b1

HTTP Headers

GET /wp-content/uploads/2020/10/Fuer_Unternehmen.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 690
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 13 Oct 2020 13:06:08 GMT
etag: "2b2-5b18d14061000"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

217.160.0.10

200 OK

13 kB

URL HTTP/2
work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size
13 kB (13276 bytes)
Hash
f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_03f10307776f2a3fb73a936a062a8485.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 13276
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:34:52 GMT
etag: "33dc-5c961d4341670"
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive

work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

217.160.0.10

200 OK

77 kB

URL HTTP/2
work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size
77 kB (76764 bytes)
Hash
f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_03f10307776f2a3fb73a936a062a8485.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 76764
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:34:52 GMT
etag: "12bdc-5c961d4341670"
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9780 bytes)
Hash
43d7c0db2af42ad4d0095324b2691f6c
1a1139cff14aff6755b9e43ff4ef8c9ece1102c1
42073c84e0c215109b54ab55a53cce9e6cce44f4619f5988fa4e2776ff70b362

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9780
x-amzn-requestid: 9938422e-12cd-4aab-9e58-c26b8fee53b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UOH3DoAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-37105d923f19437025abec71;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Halsx09hxT_sMRc2jy-fJA0tE85F6Bgz9P9Trx02Z9aMfIZVLkLW4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:42 GMT
age: 28804
etag: "1a1139cff14aff6755b9e43ff4ef8c9ece1102c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11314 bytes)
Hash
ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 29506
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8621 bytes)
Hash
59163c799f3d48e74abdd285ee615119
883e61d46ef6c09013724aa7b8f560272ee08574
e1bafc575ff4274b210bee481a8e73c065de5bc14ddf46c269ef91eda0df8d84

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8621
x-amzn-requestid: 5a828651-41c2-4aa0-931d-6522098a8438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASUWEYvIAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffdb5-5ace75523a98a9237fabca8f;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:05:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2a-Ip86QEcmn31zRYLuD9dtCXduTOd0OZO0JdpfbTvJK7Z7wRGxEaQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 27371
etag: "883e61d46ef6c09013724aa7b8f560272ee08574"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:35:49 GMT
age: 80517
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14018 bytes)
Hash
d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:52 GMT
age: 26934
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10031 bytes)
Hash
07f06c54e3b1431203308e4134e7efcb
e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49
2814f21c6a21623c189163672867272eb24f754d3d22a8285349e5dd9f6b49f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: 0ac9a228-b6ce-4695-b269-f6a5ba959576
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4HTsoAMF8dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-1d1cacef2608d5820b2bc1b1;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kqeQV7wIw3SgSUFs3Nd3ZOV_0b9ETAw1X1_c40UXEjLZAT-JTqIQhQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
age: 29262
etag: "e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2020/10/workplace-1245776_1920-1.jpg

217.160.0.10

200 OK

407 kB

URL HTTP/2
work2live.de/wp-content/uploads/2020/10/workplace-1245776_1920-1.jpg
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size
407 kB (406945 bytes)
Hash
e57168b69ffdbc888644baf5363a1909
c760017a98cec5ad646ee1ae74a4943b128021ad
a9d517b369c7d61303300da289b94f1d20aa9c6d566c5642029b46d187a52cbb

HTTP Headers

GET /wp-content/uploads/2020/10/workplace-1245776_1920-1.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 406945
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 13 Oct 2020 13:19:44 GMT
etag: "635a1-5b18d44a93c00"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-content/themes/jupiterx/lib/assets/fonts/jupiterx.woff2

217.160.0.10

200 OK

15 kB

URL HTTP/2
work2live.de/wp-content/themes/jupiterx/lib/assets/fonts/jupiterx.woff2
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
Web Open Font Format (Version 2), TrueType, length 14616, version 1.0\012- data
Size
15 kB (14616 bytes)
Hash
44413eb6dc0bb01ab3b06da6bf65fd99
a2b7a7caa1aaddba0515c3299e3f9d7419f2213a
8f764f16411990ab93c6c5043f179fd483176a4bdaecb7a91494ae44475fb977

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/jupiterx/lib/assets/fonts/jupiterx.woff2 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_54bce84c007f66dab1437591a4a5dcca.css?ver=1.22.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-length: 14616
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 23 Feb 2021 21:33:01 GMT
etag: "3918-5bc07a9b38d26"
accept-ranges: bytes
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2021/01/security-man-1536x1024.jpg

217.160.0.10

200 OK

172 kB

URL HTTP/2
work2live.de/wp-content/uploads/2021/01/security-man-1536x1024.jpg
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1536x1024, components 3\012- data
Size
172 kB (171659 bytes)
Hash
924057ab83846e090defb63866c44e51
5fd41166b80471f69dddcc59eb34bae3f41d98b4
a4bee9ecde304d70053e89a193b4824166a7da1efd1a89f3a015b915cc5e8441

HTTP Headers

GET /wp-content/uploads/2021/01/security-man-1536x1024.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 171659
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 07 Jan 2021 07:33:20 GMT
etag: "29e8b-5b84a7430d000"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2021/01/camera-1536x1024.jpg

217.160.0.10

200 OK

155 kB

URL HTTP/2
work2live.de/wp-content/uploads/2021/01/camera-1536x1024.jpg
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1536x1024, components 3\012- data
Size
155 kB (154578 bytes)
Hash
28287b518c05de00b85b577a5f472a61
c6aba8cc875d76be483a91ace48e81103544e812
217e7f2372965b89d4c96088e0e216eaa0c278ef8828de32d8fb01dc5c575a90

HTTP Headers

GET /wp-content/uploads/2021/01/camera-1536x1024.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 154578
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 07 Jan 2021 07:36:10 GMT
etag: "25bd2-5b84a7e52ce80"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2021/02/train-1536x1023.jpg

217.160.0.10

200 OK

134 kB

URL HTTP/2
work2live.de/wp-content/uploads/2021/02/train-1536x1023.jpg
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1536x1023, components 3\012- data
Size
134 kB (134169 bytes)
Hash
c5aded8bdfac837bfbf207a7fdb4c393
1b9e154b0c524f641ad7ded2ebaaad962966f09a
61c1d250045cf713e873e12a85f1875439a25232077457cb2d35f74e00c1116a

HTTP Headers

GET /wp-content/uploads/2021/02/train-1536x1023.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 134169
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 11 Feb 2021 16:02:35 GMT
etag: "20c19-5bb11a5db3cc0"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-logo.svg

217.160.0.10

200 OK

1.6 kB

URL HTTP/2
work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-logo.svg
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (636)
Size
1.6 kB (1576 bytes)
Hash
1ad624313753dd8d211cc7544e0bc913
cb70faa71f047ebb68d8548b4d0bf6bfab213a6d
85147d050cd1b5f00e0923cfb44c75b2068bcffcb2cc5811407fd1f524bbb0be

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/borlabs-cookie/images/borlabs-cookie-logo.svg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1576
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:33:12 GMT
etag: "215a-5c961ce3ca527-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-icon-black.svg

217.160.0.10

200 OK

2.0 kB

URL HTTP/2
work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-icon-black.svg
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (4190), with no line terminators
Size
2.0 kB (1989 bytes)
Hash
6ff07d40b1d2beab2fc196e899b0dab3
869fbe2afc91c81d5299bc153710a65cad2bb4a8
d43e1017086747c63c998263d115569a3911d51d7608909a7e27436834133e6f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/borlabs-cookie/images/borlabs-cookie-icon-black.svg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1989
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:33:12 GMT
etag: "105e-5c961ce3ca527-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-32x32.png

217.160.0.10

200 OK

877 B

URL HTTP/2
work2live.de/wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-32x32.png
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
877 B (877 bytes)
Hash
8bcefe27ce5bde6c003bb1de63684b9a
3bf475b8751959c96f8feaafcedd4e8f6d68d2e7
14625da7cda7f8995d171ceb2dc834820af28a1b7ceb16ac6be6bd1843a09930

HTTP Headers

GET /wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-32x32.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 877
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Sat, 10 Oct 2020 10:44:14 GMT
etag: "36d-5b14ebf069b80"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-192x192.png

217.160.0.10

200 OK

12 kB

URL HTTP/2
work2live.de/wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-192x192.png
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11461 bytes)
Hash
12d2f4fd0dc4d6e304d408d9de41cac0
71a6ff9fa67832fb4cde07f0162c81e0b5e14d83
1f63554d704f803ee1486c3671c6c3e54b425880c74cd04c066b4fa3710fa40c

HTTP Headers

GET /wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-192x192.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 11461
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Sat, 10 Oct 2020 10:44:14 GMT
etag: "2cc5-5b14ebf069b80"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2

work2live.de/

217.160.0.10

200 OK

0 B

URL HTTP/2
work2live.de/
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 05:57:44 GMT
server: Apache
link: <https://work2live.de/wp-json/>; rel="https://api.w.org/", <https://work2live.de/wp-json/wp/v2/pages/40>; rel="alternate"; type="application/json", <https://work2live.de/>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2

www.work2live.de/

217.160.0.10

301 Moved Permanently

0 B

URL HTTP/2
www.work2live.de/
IP
217.160.0.10:0
ASN
#8560 IONOS SE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://work2live.de/
date: Wed, 28 Sep 2022 05:57:44 GMT
server: Apache
x-redirect-by: WordPress
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations