www.work2live.de/
217.160.0.10302 Found 209 B IP 217.160.0.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d8fd7f212697b68140da6e5b017c060a
eb05a7c38b49d3c99ca9ec0b892dbd846721ef7a
e767f6e186fda0aac15fdb06f0391c5bcdc3e6a25e095716a9b7990cdfc8b613
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
Content-Length: 209
Connection: keep-alive
Keep-Alive: timeout=15
Date: Wed, 28 Sep 2022 05:57:43 GMT
Server: Apache
Location: https://www.work2live.de/
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 06:57:43 GMT
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 05:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EGUrBpeqe96IFLHRkK50SmGtog-ZXzfN-GBxyxMohGh-jmfRQNLekg==
Age: 2524
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12631
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 05:57:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j2NcrYNW0n4AQOQd7Sns7YqV1xKZ_QlXFN7r-dKdUt2M2rX9Zh_yDg==
age: 74011
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 05:57:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 05:29:33 GMT
Expires: Wed, 28 Sep 2022 06:16:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -WpKJ_PbLLC9cNizferRV_GuInwJulpZSs8z39f1IMgD6Q2E3LD2ZA==
Age: 1691
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4152
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 05:57:44 GMT
Last-Modified: Wed, 28 Sep 2022 04:48:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cY89p3HPhMnowZhNGaH2Mg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6g04IznberwU4OW1O5WEUTj+Vos=
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_8340dd626a5c4cf22decb5b96c0912ea.css?ver=1.22.1
217.160.0.10200 OK 653 B URL HTTP/2 work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_8340dd626a5c4cf22decb5b96c0912ea.css?ver=1.22.1
IP 217.160.0.10:0
File type ASCII text, with very long lines (3465), with no line terminators
Hash b44a37ed8ff9c7b9383eda862da49899
ef0b8cecacc4c1fb646764b14760a1469eb55bea
41f4bedadc11ad3f88208e8043900d745238364af1fd7365a13fddba9c85196d
GET /wp-content/cache/autoptimize/css/autoptimize_single_8340dd626a5c4cf22decb5b96c0912ea.css?ver=1.22.1 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 653
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "d89-5e92c6e331522-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-includes/css/dashicons.min.css?ver=5.7.7
217.160.0.10200 OK 37 kB URL HTTP/2 work2live.de/wp-includes/css/dashicons.min.css?ver=5.7.7
IP 217.160.0.10:0
File type ASCII text, with very long lines (58981)
Hash a43f072b1c6cc0bb10ff7aad98758539
659ae328009e78ece12e242b20bb7982411fd287
81d40a5ef2fc0b46563aed4ef564ac69a4ada802e618013eb8a937c04e6b3f66
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=5.7.7 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 36769
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Thu, 15 Apr 2021 05:55:40 GMT
etag: "e688-5bffc8361b5e5-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_54bce84c007f66dab1437591a4a5dcca.css?ver=1.22.1
217.160.0.10200 OK 26 kB URL HTTP/2 work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_54bce84c007f66dab1437591a4a5dcca.css?ver=1.22.1
IP 217.160.0.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7f862d7eba36c0d5238d9b39b8c4a0e8
af3c52eb0828721eef6be35d7acc44a93a2d6819
031550dc061eb26f7c5bbed014a88a6493150b61f04775e2226189eb57654dee
GET /wp-content/cache/autoptimize/css/autoptimize_single_54bce84c007f66dab1437591a4a5dcca.css?ver=1.22.1 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 26025
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "1e629-5e92c6e331522-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_f4bc1a12b7e5f8ffabd2357712e725e8.css?ver=1628797359
217.160.0.10200 OK 1.3 kB URL HTTP/2 work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_f4bc1a12b7e5f8ffabd2357712e725e8.css?ver=1628797359
IP 217.160.0.10:0
File type ASCII text, with very long lines (9751), with no line terminators
Hash 0bf4a0ce1be0350fbca8867377c21ac9
87185ee9503b22fccb4719f0ce25d414512a089f
fdab777f9abc1795b07d64e17b0f0747adf6e97fb33511ca58530735a08b1fee
GET /wp-content/cache/autoptimize/css/autoptimize_single_f4bc1a12b7e5f8ffabd2357712e725e8.css?ver=1628797359 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1315
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "2617-5e92c6e3353a3-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_d5894bb04cbf21c7ec43b9dc3253df33.css?ver=1628797359
217.160.0.10200 OK 326 B URL HTTP/2 work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_d5894bb04cbf21c7ec43b9dc3253df33.css?ver=1628797359
IP 217.160.0.10:0
File type ASCII text, with very long lines (936), with no line terminators
Hash 041ac4498e8f7615bd38eb124022e523
e353b6b3b2dece451ba583de80313f685617ae14
873f83cad5a8d868990662eae4413f9548c5204882c317878ed97724bc69bed1
GET /wp-content/cache/autoptimize/css/autoptimize_single_d5894bb04cbf21c7ec43b9dc3253df33.css?ver=1628797359 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 326
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "3a8-5e92c6e3324c2-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
217.160.0.10200 OK 4.9 kB URL HTTP/2 work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
IP 217.160.0.10:0
File type ASCII text, with very long lines (50687), with no line terminators
Hash 1601c256d82cdd36aee1c52527861998
e79bd40bab9982b79061c960e527298bd36df471
dda599966faf81489009391506278c2410c59ce361408ec3b88699692b3330d8
GET /wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 4895
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "c5ff-5e92c6e334403-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_ddb377651c1dd17337f98845aa2d1bee.css?ver=2.2.30-3
217.160.0.10200 OK 6.5 kB URL HTTP/2 work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_ddb377651c1dd17337f98845aa2d1bee.css?ver=2.2.30-3
IP 217.160.0.10:0
File type ASCII text, with very long lines (35117), with no line terminators
Hash 0d2d29db24be342fa5069338f950379b
f57f833d2d83bbaeb2f941845c999e4ccca3633a
b4dea6068cd16621541fb51529dabeeb2e607fd89888dd9f00af44efbb15aeac
GET /wp-content/cache/autoptimize/css/autoptimize_single_ddb377651c1dd17337f98845aa2d1bee.css?ver=2.2.30-3 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 6476
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "892d-5e92c6e3324c2-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_72fa7156d60f1d624622291e6580816d.css?ver=1628797359
217.160.0.10200 OK 1.2 kB URL HTTP/2 work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_72fa7156d60f1d624622291e6580816d.css?ver=1628797359
IP 217.160.0.10:0
File type ASCII text, with very long lines (7903), with no line terminators
Hash 1cbfca32087c0d73647679eabd35aa4a
2067529a719186dcb34feb23022b490aaf7285b1
afc4ad04c1f7e24dcc100d6d73ef839cbc01a2eb1a65ee50d146f7812056d9e7
GET /wp-content/cache/autoptimize/css/autoptimize_single_72fa7156d60f1d624622291e6580816d.css?ver=1628797359 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1231
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "1edf-5e92c6e3353a3-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_501401b5436e222d5de8f979a5aa5d01.css?ver=1628797359
217.160.0.10200 OK 2.1 kB URL HTTP/2 work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_501401b5436e222d5de8f979a5aa5d01.css?ver=1628797359
IP 217.160.0.10:0
File type ASCII text, with very long lines (13771), with no line terminators
Hash 8863aae054d88c61e23797cc15661f48
4bac02cff7f46ccffb75ed8a95494616559b7261
e20bc9313d7aa0a8d131b196194dd1ca258bf0997395e88905364be2e6abb32c
GET /wp-content/cache/autoptimize/css/autoptimize_single_501401b5436e222d5de8f979a5aa5d01.css?ver=1628797359 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 2090
date: Wed, 28 Sep 2022 05:57:45 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:18:40 GMT
etag: "35cb-5e92c6e336343-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:45 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
217.160.0.10200 OK 36 kB URL HTTP/2 work2live.de/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP 217.160.0.10:0
File type ASCII text, with very long lines (65451)
Hash 32249fc6d92d1992450d0d7df22cd934
51c4da50055a1329a1f5c5b8d455e2233cea0a79
cd867ce1c970ee323dfbb9497a6c6c307f72e04a44cb2957aef4850f4409a3dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 36153
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 23 Feb 2021 00:47:48 GMT
etag: "15d98-5bbf64470aa61-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
217.160.0.10200 OK 2.5 kB URL HTTP/2 work2live.de/wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72
IP 217.160.0.10:0
File type ASCII text, with very long lines (6944)
Hash 3a77ce8887c54dc69b72b414c4d79157
933e3a37c6c95b6c5c6e48a22e0848d76ae759c8
056cf2eb247aa7db39f6de6f801f8c61b0f3fe11b6d26620cbe2a4e79f05e8a7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=d0188aa6c336f8bb426fe5318b7f5b72 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2501
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 09 Sep 2021 05:55:46 GMT
etag: "1b43-5cb89a66cfa21-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
217.160.0.10200 OK 39 kB URL HTTP/2 work2live.de/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP 217.160.0.10:0
File type Unicode text, UTF-8 text, with very long lines (34729), with NEL line terminators
Hash 68c18a71e6d95ef7ab4b6505270997c2
a89b9ce654ff8241adb34f9188b29b085a09b36a
decb1b471be43dc5e9c707a0463d5d579d2b09121a189da3ca21c7b819b49288
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 39357
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 23 Feb 2021 01:20:31 GMT
etag: "183ee-5bbf6b9770b70-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2020/10/Transparent-Logo_Work2live2_png.png
217.160.0.10200 OK 208 kB URL HTTP/2 work2live.de/wp-content/uploads/2020/10/Transparent-Logo_Work2live2_png.png
IP 217.160.0.10:0
File type PNG image data, 7318 x 1558, 8-bit/color RGBA, non-interlaced\012- data
Size 208 kB (207644 bytes)
Hash a92f91637354b7f04d1ab226cd3df5c9
e4cd4e37dff0f14779a34c6dbfc5c850a3ed31fb
3d3823a30bf3c5ba61421eee028191e3d68d98d7347f7e6b39f52a504a818f93
GET /wp-content/uploads/2020/10/Transparent-Logo_Work2live2_png.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 207644
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Sat, 10 Oct 2020 10:43:13 GMT
etag: "32b1c-5b14ebb63d240"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7
217.160.0.10200 OK 5.3 kB URL HTTP/2 work2live.de/wp-includes/js/wp-emoji-release.min.js?ver=5.7.7
IP 217.160.0.10:0
File type ASCII text, with very long lines (11272)
Hash 7e85783271cdaecb2b4ec865c71cddee
db082129c7a75034a2cba609c0eb508a7e0219b7
b9ad3cb7770b67f344b35547459f2aba21d93f1ec949c1e353fa7b012a7099ef
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.7 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 5273
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 23 Feb 2021 21:31:55 GMT
etag: "3795-5bc07a5c590b1-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js
217.160.0.10200 OK 368 kB URL HTTP/2 work2live.de/wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js
IP 217.160.0.10:0
Size 368 kB (367463 bytes)
Hash 05195394e6ae0a3afba80b9ba5262672
3955bd28221f047f598aa479cb230f86685d7dae
526daeb509d9219e84e4a1614f77346045d19eb9afe924818bef510d2f259236
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/autoptimize/js/autoptimize_428503f96651b4d65a6fabd50b32e76d.js HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Wed, 21 Sep 2022 09:24:59 GMT
etag: "10eaa4-5e92c84d1904d-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Mon, 18 Sep 2023 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2020/12/best-security-company-london-uk-1151114_1280.jpg
217.160.0.10200 OK 109 kB URL HTTP/2 work2live.de/wp-content/uploads/2020/12/best-security-company-london-uk-1151114_1280.jpg
IP 217.160.0.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x466, components 3\012- data
Size 109 kB (108715 bytes)
Hash e3d59641edcf4708c71ed9198d8b1cf4
59ec2eeb8132ace2c0d059501ff45d6796e1dc1a
8694a7948c6a402b9f6115e4dc328ef249a02dbb48df9b0f4783f4d8ed631725
GET /wp-content/uploads/2020/12/best-security-company-london-uk-1151114_1280.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 108715
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Wed, 02 Dec 2020 16:17:09 GMT
etag: "1a8ab-5b57d9337cb40"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2020/10/antragsteller_skaliert.png
217.160.0.10200 OK 1.4 kB URL HTTP/2 work2live.de/wp-content/uploads/2020/10/antragsteller_skaliert.png
IP 217.160.0.10:0
File type PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash c8728d7848361a89d7eb711c0021e969
0a2d193886590ff594a1830f50cd948749763cff
b916b42f1087a3c0882695eba9928c392100f45fd3d875877cca3de0b70bb605
GET /wp-content/uploads/2020/10/antragsteller_skaliert.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1404
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 13 Oct 2020 13:02:19 GMT
etag: "57c-5b18d065fccc0"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
217.160.0.10200 OK 78 kB URL HTTP/2 work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 217.160.0.10:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_03f10307776f2a3fb73a936a062a8485.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 78196
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:34:52 GMT
etag: "13174-5c961d4341670"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive
work2live.de/wp-content/uploads/2020/10/Fuer_Unternehmen.png
217.160.0.10200 OK 690 B URL HTTP/2 work2live.de/wp-content/uploads/2020/10/Fuer_Unternehmen.png
IP 217.160.0.10:0
File type PNG image data, 47 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 34410428e4af307706528e5b4f81ef17
e7d1c1821da9091a05eb0dda40fdd0ff5e35ab53
c11e523517a839986675b363cf04432b1f92ff8b287121ec4db440099e8662b1
GET /wp-content/uploads/2020/10/Fuer_Unternehmen.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 690
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 13 Oct 2020 13:06:08 GMT
etag: "2b2-5b18d14061000"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
217.160.0.10200 OK 13 kB URL HTTP/2 work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 217.160.0.10:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_03f10307776f2a3fb73a936a062a8485.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 13276
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:34:52 GMT
etag: "33dc-5c961d4341670"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive
work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
217.160.0.10200 OK 77 kB URL HTTP/2 work2live.de/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 217.160.0.10:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_03f10307776f2a3fb73a936a062a8485.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 76764
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:34:52 GMT
etag: "12bdc-5c961d4341670"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10934
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 05:57:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43d7c0db2af42ad4d0095324b2691f6c
1a1139cff14aff6755b9e43ff4ef8c9ece1102c1
42073c84e0c215109b54ab55a53cce9e6cce44f4619f5988fa4e2776ff70b362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9780
x-amzn-requestid: 9938422e-12cd-4aab-9e58-c26b8fee53b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UOH3DoAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-37105d923f19437025abec71;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Halsx09hxT_sMRc2jy-fJA0tE85F6Bgz9P9Trx02Z9aMfIZVLkLW4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:42 GMT
age: 28804
etag: "1a1139cff14aff6755b9e43ff4ef8c9ece1102c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 29506
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59163c799f3d48e74abdd285ee615119
883e61d46ef6c09013724aa7b8f560272ee08574
e1bafc575ff4274b210bee481a8e73c065de5bc14ddf46c269ef91eda0df8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8621
x-amzn-requestid: 5a828651-41c2-4aa0-931d-6522098a8438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASUWEYvIAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffdb5-5ace75523a98a9237fabca8f;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:05:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2a-Ip86QEcmn31zRYLuD9dtCXduTOd0OZO0JdpfbTvJK7Z7wRGxEaQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 27371
etag: "883e61d46ef6c09013724aa7b8f560272ee08574"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:35:49 GMT
age: 80517
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:28:52 GMT
age: 26934
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07f06c54e3b1431203308e4134e7efcb
e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49
2814f21c6a21623c189163672867272eb24f754d3d22a8285349e5dd9f6b49f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: 0ac9a228-b6ce-4695-b269-f6a5ba959576
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4HTsoAMF8dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-1d1cacef2608d5820b2bc1b1;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kqeQV7wIw3SgSUFs3Nd3ZOV_0b9ETAw1X1_c40UXEjLZAT-JTqIQhQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
age: 29262
etag: "e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2020/10/workplace-1245776_1920-1.jpg
217.160.0.10200 OK 407 kB URL HTTP/2 work2live.de/wp-content/uploads/2020/10/workplace-1245776_1920-1.jpg
IP 217.160.0.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 407 kB (406945 bytes)
Hash e57168b69ffdbc888644baf5363a1909
c760017a98cec5ad646ee1ae74a4943b128021ad
a9d517b369c7d61303300da289b94f1d20aa9c6d566c5642029b46d187a52cbb
GET /wp-content/uploads/2020/10/workplace-1245776_1920-1.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_e4b54ac3ed78d06aa13d45c00006ab07.css?ver=1628798542
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 406945
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 13 Oct 2020 13:19:44 GMT
etag: "635a1-5b18d44a93c00"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-content/themes/jupiterx/lib/assets/fonts/jupiterx.woff2
217.160.0.10200 OK 15 kB URL HTTP/2 work2live.de/wp-content/themes/jupiterx/lib/assets/fonts/jupiterx.woff2
IP 217.160.0.10:0
File type Web Open Font Format (Version 2), TrueType, length 14616, version 1.0\012- data
Hash 44413eb6dc0bb01ab3b06da6bf65fd99
a2b7a7caa1aaddba0515c3299e3f9d7419f2213a
8f764f16411990ab93c6c5043f179fd483176a4bdaecb7a91494ae44475fb977
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/jupiterx/lib/assets/fonts/jupiterx.woff2 HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://work2live.de/wp-content/cache/autoptimize/css/autoptimize_single_54bce84c007f66dab1437591a4a5dcca.css?ver=1.22.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 14616
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Tue, 23 Feb 2021 21:33:01 GMT
etag: "3918-5bc07a9b38d26"
accept-ranges: bytes
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2021/01/security-man-1536x1024.jpg
217.160.0.10200 OK 172 kB URL HTTP/2 work2live.de/wp-content/uploads/2021/01/security-man-1536x1024.jpg
IP 217.160.0.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1536x1024, components 3\012- data
Size 172 kB (171659 bytes)
Hash 924057ab83846e090defb63866c44e51
5fd41166b80471f69dddcc59eb34bae3f41d98b4
a4bee9ecde304d70053e89a193b4824166a7da1efd1a89f3a015b915cc5e8441
GET /wp-content/uploads/2021/01/security-man-1536x1024.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 171659
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 07 Jan 2021 07:33:20 GMT
etag: "29e8b-5b84a7430d000"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2021/01/camera-1536x1024.jpg
217.160.0.10200 OK 155 kB URL HTTP/2 work2live.de/wp-content/uploads/2021/01/camera-1536x1024.jpg
IP 217.160.0.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1536x1024, components 3\012- data
Size 155 kB (154578 bytes)
Hash 28287b518c05de00b85b577a5f472a61
c6aba8cc875d76be483a91ace48e81103544e812
217e7f2372965b89d4c96088e0e216eaa0c278ef8828de32d8fb01dc5c575a90
GET /wp-content/uploads/2021/01/camera-1536x1024.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 154578
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 07 Jan 2021 07:36:10 GMT
etag: "25bd2-5b84a7e52ce80"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2021/02/train-1536x1023.jpg
217.160.0.10200 OK 134 kB URL HTTP/2 work2live.de/wp-content/uploads/2021/02/train-1536x1023.jpg
IP 217.160.0.10:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1536x1023, components 3\012- data
Size 134 kB (134169 bytes)
Hash c5aded8bdfac837bfbf207a7fdb4c393
1b9e154b0c524f641ad7ded2ebaaad962966f09a
61c1d250045cf713e873e12a85f1875439a25232077457cb2d35f74e00c1116a
GET /wp-content/uploads/2021/02/train-1536x1023.jpg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 134169
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 11 Feb 2021 16:02:35 GMT
etag: "20c19-5bb11a5db3cc0"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-logo.svg
217.160.0.10200 OK 1.6 kB URL HTTP/2 work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-logo.svg
IP 217.160.0.10:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (636)
Hash 1ad624313753dd8d211cc7544e0bc913
cb70faa71f047ebb68d8548b4d0bf6bfab213a6d
85147d050cd1b5f00e0923cfb44c75b2068bcffcb2cc5811407fd1f524bbb0be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/borlabs-cookie/images/borlabs-cookie-logo.svg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1576
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:33:12 GMT
etag: "215a-5c961ce3ca527-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-icon-black.svg
217.160.0.10200 OK 2.0 kB URL HTTP/2 work2live.de/wp-content/plugins/borlabs-cookie/images/borlabs-cookie-icon-black.svg
IP 217.160.0.10:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (4190), with no line terminators
Hash 6ff07d40b1d2beab2fc196e899b0dab3
869fbe2afc91c81d5299bc153710a65cad2bb4a8
d43e1017086747c63c998263d115569a3911d51d7608909a7e27436834133e6f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/borlabs-cookie/images/borlabs-cookie-icon-black.svg HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1989
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Thu, 12 Aug 2021 19:33:12 GMT
etag: "105e-5c961ce3ca527-gzip"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-32x32.png
217.160.0.10200 OK 877 B URL HTTP/2 work2live.de/wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-32x32.png
IP 217.160.0.10:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bcefe27ce5bde6c003bb1de63684b9a
3bf475b8751959c96f8feaafcedd4e8f6d68d2e7
14625da7cda7f8995d171ceb2dc834820af28a1b7ceb16ac6be6bd1843a09930
GET /wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-32x32.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 877
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Sat, 10 Oct 2020 10:44:14 GMT
etag: "36d-5b14ebf069b80"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-192x192.png
217.160.0.10200 OK 12 kB URL HTTP/2 work2live.de/wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-192x192.png
IP 217.160.0.10:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 12d2f4fd0dc4d6e304d408d9de41cac0
71a6ff9fa67832fb4cde07f0162c81e0b5e14d83
1f63554d704f803ee1486c3671c6c3e54b425880c74cd04c066b4fa3710fa40c
GET /wp-content/uploads/2020/10/cropped-Transparent-Logo_Work2live2_png-192x192.png HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://work2live.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 11461
date: Wed, 28 Sep 2022 05:57:46 GMT
server: Apache
last-modified: Sat, 10 Oct 2020 10:44:14 GMT
etag: "2cc5-5b14ebf069b80"
accept-ranges: bytes
cache-control: max-age=2419200
expires: Wed, 26 Oct 2022 05:57:46 GMT
X-Firefox-Spdy: h2
work2live.de/
217.160.0.10200 OK 0 B IP 217.160.0.10:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 05:57:44 GMT
server: Apache
link: <https://work2live.de/wp-json/>; rel="https://api.w.org/", <https://work2live.de/wp-json/wp/v2/pages/40>; rel="alternate"; type="application/json", <https://work2live.de/>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2
www.work2live.de/
217.160.0.10301 Moved Permanently 0 B IP 217.160.0.10:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.work2live.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://work2live.de/
date: Wed, 28 Sep 2022 05:57:44 GMT
server: Apache
x-redirect-by: WordPress
X-Firefox-Spdy: h2