web.track4face.com/
85.214.167.154301 Moved Permanently 303 B IP 85.214.167.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f8130c485c868977ce0916ddef8ce799
b1bc3f5e44d4f3d0c4ec652bf6a6f7f0f27560e7
49aeba9838171f22aef3d58aede536e655607a480afa7800582a95fd3ca06976
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: web.track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 07:19:12 GMT
Server: Apache
Location: https://web.track4face.com/
Content-Length: 303
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2647
Expires: Tue, 29 Nov 2022 08:03:19 GMT
Date: Tue, 29 Nov 2022 07:19:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1510
Cache-Control: max-age=99439
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:12 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 10:56:31 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8267
Expires: Tue, 29 Nov 2022 09:36:59 GMT
Date: Tue, 29 Nov 2022 07:19:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 07:17:52 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 80
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xxlgHIBy1PC/DgW5TyBFIXDmIxuF9Klb8NCd7zHYcM5nEWNum9fG9YEegW4HPVuVv6iQNO1h4VQ=
x-amz-request-id: NK2B1G59AYWKRSW4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 06:45:21 GMT
age: 2031
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 07:19:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0987f640bf7e2ca524775877a390ecc7
e62d90070cce8f32eb2abdbd38f01ffd79265e9c
dbbb23d700ef07eac1c3582df1d9b4bdfa934248ed9f0e8d08bc142cb616b529
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBBB23D700EF07EAC1C3582DF1D9B4BDFA934248ED9F0E8D08BC142CB616B529"
Last-Modified: Tue, 29 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Tue, 29 Nov 2022 13:19:03 GMT
Date: Tue, 29 Nov 2022 07:19:12 GMT
Connection: keep-alive
web.track4face.com/
85.214.167.154301 Moved Permanently 0 B IP 85.214.167.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: web.track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 07:19:12 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://track4face.com/
X-Powered-By: PHP/7.3.33, PleskLin
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 07:11:13 GMT
cache-control: public,max-age=3600
age: 480
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5b03ff9847a9a65e74d4023ac477b9f9
aca84435ac14b5627bd6f704bcaede6a9fd6b6d3
2ac1535728b11a54ccee3d89b2c4700e48ade46cd3fb12ecbe5645a4a628aa0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AC1535728B11A54CCEE3D89B2C4700E48ADE46CD3FB12ECBE5645A4A628AA0E"
Last-Modified: Tue, 29 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 29 Nov 2022 13:19:13 GMT
Date: Tue, 29 Nov 2022 07:19:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5302
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:13 GMT
Last-Modified: Tue, 29 Nov 2022 05:50:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
track4face.com/
85.214.167.154200 OK 16 kB IP 85.214.167.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2781), with CRLF, LF line terminators
Hash 8a638ad5a33650f5d5a5c72abfc3774f
aa0fc86206167ff3f281517fa19783a204da2c78
e05517f001722923e551fcd6b563c7695bc7d91b5096c2433a583b3c6aec6175
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Mon, 28 Nov 2022 05:14:07 GMT
ETag: "138f5-5ee80f0d7f5a2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 15978
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
track4face.com/wp-includes/css/dashicons.min.css?ver=6.0.3
85.214.167.154200 OK 36 kB URL HTTP/1.1 track4face.com/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "e688-5e41d9997db23-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 35730
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (12784), with no line terminators
Hash 079ec719b83eb7ccd0a797522f932e1c
ac7d7878d6194d8d24d3a3caead247eddbb6c2d2
97375050dbf77b0b5d4d5d5332a8e3ecbb53c14c946fea69aea118b1b23cf81d
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "31f0-5ee3909a78f98-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2355
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
85.214.167.154200 OK 972 B URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 85.214.167.154:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 16:50:01 GMT
ETag: "aab-5eb65fff39df4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 972
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0
85.214.167.154200 OK 3.5 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (17306), with no line terminators
Hash fb72d808bd2724524dd9363774e5a9b0
05b7012b31b69c6074f6dfc19ac47ec1df5458fb
1e7c2c7e02ee5502ea741c96e9ebc264560394e28ac3d0b686bbe8b6748eb34d
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "439a-5ee3909a7a320-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2
85.214.167.154200 OK 351 B URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (815), with no line terminators
Hash a13956f69577ca337f027c988424cfed
13fd1d4c866969bce2032e04997819f869b646fd
2b035611bb4e8f78229b53d6ee08081a3e264549778c39c4c153deb74c98a794
GET /wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:05 GMT
ETag: "32f-5ee3909a6244f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 351
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
52.88.25.203101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.25.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e/icwQT4DSNf013aCR9+UQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IGxsJvub6h+Cctxs8Y+pSgY78g4=
track4face.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
85.214.167.154200 OK 21 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (65317)
Hash 88e86ee445f68f6886c681359e37ab99
f8dd93c67bee8aeca28eb8a7aa641891154a6082
3a36c188775116edca6f0dcfbeec0f04081109b20aad3ee0f15a142feaf01e86
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:05 GMT
ETag: "18d4d-5ee3909a5e1e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 20747
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3
85.214.167.154200 OK 124 B URL HTTP/1.1 track4face.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with CRLF, CR line terminators
Hash 893dd4d34591cb544851b5a41747cdfd
e8585a3187cfaa2288f0cb48e5696929306b7615
1de5e3983dd9d63c6d92bc1543a4ae8978b38fbaa8d79fbbc2035c62a68cd7cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 06:54:08 GMT
ETag: "13c-5e71f6174a371-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 124
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4
85.214.167.154200 OK 16 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (26678), with no line terminators
Hash 96f047f2d846f2ed046432a3db5efd25
8ffc1540379ba3303d4175a33bdd368f4b66c014
a8c14a2183c5ae62eacf0eb3dd49b516826624c19059e6b6654ecb383abc2484
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "6836-5ee3909a7b2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16083
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
85.214.167.154200 OK 13 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash b519a21e842ed2a5ef25dd4e672f2b07
6ef5ae70007332f52e98a2b6075e019f663cf45e
ce51ceb46e7bc646f8212ed1f8a0089f5e3abc5236d0e323749e575b41ad27f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "ea95-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12635
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6
85.214.167.154200 OK 817 B URL HTTP/1.1 track4face.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6
IP 85.214.167.154:0
Hash acb1ca96c3af9a9dadfff5495182ab8d
5ea2bd06354f3b03ca74f28a4ea98b13ad600985
89dedebaac821c638da0e023753c5a2ce5852a9f472c876e40313e7ebeeae5cb
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 06:46:56 GMT
ETag: "a6b-5e7e872173791-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 817
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
85.214.167.154200 OK 713 B URL HTTP/1.1 track4face.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (2723), with no line terminators
Hash 7e67979bdd7b91ff88c5113cd3db186e
1ef16fddac63946359c3d47b46d1985c3961ea26
10f99207a897bca4be545b3a4a330907e90e0dc49326c774946393ed4adcd83c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 08:32:23 GMT
ETag: "aa3-5e9e0d54b2cc3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
85.214.167.154200 OK 324 B URL HTTP/1.1 track4face.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (1463)
Hash 003e878cbefe183c4b539589b1b7c197
21a119cd156b0b458e042fc4b1e1d446f65e5c6c
335231715a0685b94d368e9201e549fe894fb579971483994a2d02966e39ef8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:58 GMT
ETag: "5b8-5b5c72a65fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 324
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css
85.214.167.154200 OK 7.1 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "7918-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7053
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
85.214.167.154200 OK 11 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 421e33e62e4ea1b59a2e7529e6ddc298
78687bb8e27bb5426aef6b39e80e8f68186cb503
ab4f6fab4c03192f5ff3ebefd22ec1991992fe8a457a9f33aedb8860fb0facef
GET /wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "10497-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10860
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
85.214.167.154200 OK 10 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (56219)
Hash c382473eaa9b8fa36e1c7ed1fa5e6297
f35a8506e5a9b332969d9e38b22bed137b9a3682
732d8e0451539ca235c19ad8aa4ee5d32522726e50d0ea60620a78742f68908b
GET /wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "ddcb-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10449
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
85.214.167.154200 OK 4.9 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (22932)
Hash d62df1ab27a8942df10213d55213d8a0
3ee31e22b08ab52c7d8686e25ad7a9c014ffdcbe
680153ad00086a5c9ade347df9abe6ab564f77b43300e61ebe9a829bf09a03d8
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "5f4f-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4873
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
85.214.167.154200 OK 46 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (65358)
Hash 2fe906250b403a8535d316cdf1e8a808
7b84d27dd294fe145beec5801fc2d8d5a00d611b
655f96cc6f8ea662c046fd64382639c7a9b5c9a936645beb200653b4880e51e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "76828-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 45790
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
85.214.167.154200 OK 1.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (3324)
Hash 68701206290364f6fa17cf3091c0b0a5
2f0f35c59b9b7cfd42d0cc6295cca0b514d1e98c
5f72c1c862a81b47765b2c6ad27e9172413c626e4aa459a3b51037b00a255e20
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "d37-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1016
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
85.214.167.154200 OK 5.8 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
IP 85.214.167.154:0
File type ASCII text, with CRLF line terminators
Hash 364348532497274e79e5f445baffcdc2
b96f882564d89d5b915236bc8261544ad73e8272
5062be02a19036880c15eef6c91c7967c529c2ca0c77eca6752a52ca44ed69be
GET /wp-content/themes/ave/assets/vendors/fresco/css/fresco.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "9013-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5792
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/style.css
85.214.167.154200 OK 939 B URL HTTP/1.1 track4face.com/wp-content/themes/ave/style.css
IP 85.214.167.154:0
Hash 01809d5540603f71d7b6636ee0444a46
849a952ee2cd4786d3af6595c9b882901d1825c7
3e73f3793c2f2fc50e142c447106b465a3cdca52f7caadc51b16c2181aaf23ff
GET /wp-content/themes/ave/style.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "a73-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 939
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1669612446&ver=6.0.3
85.214.167.154200 OK 9.7 kB URL HTTP/1.1 track4face.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1669612446&ver=6.0.3
IP 85.214.167.154:0
Hash 6d08df2cffbd8a1d3c79eacad2194b0d
e8e721fcdc6a3ec2a47f69a440232c638b3071f8
839e103f25b4174a797aff447275d30683fb0c19de668f5bdfacf367bf6a0fdd
GET /wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1669612446&ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 29 Nov 2022 06:46:01 GMT
ETag: "145fd-5ee9657559e98-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 9724
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
85.214.167.154200 OK 4.2 kB URL HTTP/1.1 track4face.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "2bd8-5e41d999af035-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4169
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
85.214.167.154200 OK 31 kB URL HTTP/1.1 track4face.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "15db1-5e41d999b07a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 30908
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
85.214.167.154200 OK 45 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
IP 85.214.167.154:0
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 093bc5236e1d2dac0687190591816376
a00cc34c822166c88d68744f65fb4274ab5509da
821f75e48e46128443a39eb58aba687be440465b600424fa3bf5fb2cffe166ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "1d25a-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 45119
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/css/theme.min.css
85.214.167.154200 OK 63 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/css/theme.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7609aff32f25e19a4264ad454d538ef4
9de492b94f339a2cecd1e66fc2766996d3fea3c0
cf2074cb0d74ee812a44497d909fabf9eb2202a74df9e680fc2d732123f6b6b3
GET /wp-content/themes/ave/assets/css/theme.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "5e624-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 62968
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (5404)
Hash 44b792c238f3501d1b4b963ac9623d8c
7764cc96ca92912d26a43d8fa6da50a18d774e2f
2df606867783ce8f7233a310f998ad891f0c1ab06e776c9077ea362c482c027c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/modernizr.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "15ce-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2446
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
85.214.167.154200 OK 5.0 kB URL HTTP/1.1 track4face.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "48b9-5e41d999c9616-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5009
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3
85.214.167.154200 OK 892 B URL HTTP/1.1 track4face.com/wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (2025), with no line terminators
Hash 1851a6fcd8f93b31aec2b9385c08b1dc
82af3ef16e19130490ee48af2c73be8401a0531e
795e34433e30791c3c3e97c1db060d467bac103ef78c5ecad17e25f360787e6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:58 GMT
ETag: "7e9-5b5c72a65fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 892
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2
85.214.167.154200 OK 4.3 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (34217)
Hash ff23202f1227d35b13635501c86b2156
31c5de356f90da7a53468ef8ed0a9237cdaa67ce
c4b5a8cbcaef7b3a6d4d2f1a3d68cfac3a2ccb7fbfcd7ae212bf2c39fc85ed42
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "865f-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4260
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
85.214.167.154200 OK 12 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (56243)
Hash 56ff26e4540fe0eb470200be12da9539
e55c1cf13307417eb0721280047dfe0a7e870752
41bd8b382a880ae6ec59d84506d7b5ba03c23eb9dd5b4044eb8f50e182fb39f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "dc69-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12251
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
85.214.167.154200 OK 84 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
IP 85.214.167.154:0
File type ASCII text, with very long lines (64268)
Hash 832e7ee9644c8e7cdb5d9add8be524f3
127ddec0392e3876cd6b08a6f2a72bf0a6c07300
322186ed7a97a958e5b3d64eaff2a2c3b955b760e9da0b7e44d305b4cf2f9f9e
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:13 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "4fd58-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
track4face.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
85.214.167.154200 OK 2.9 kB URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 16:50:01 GMT
ETag: "26d1-5eb65fff3b94c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2937
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
85.214.167.154200 OK 4.0 kB URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 85.214.167.154:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 16:50:01 GMT
ETag: "3016-5eb65fff3923c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3957
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
85.214.167.154200 OK 1.6 kB URL HTTP/1.1 track4face.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
IP 85.214.167.154:0
Hash 62c642c72a7a6f14e1537dbf13c38fc3
e34220a94267a2ba69e2eb20570cd51e92dc1ef6
f41feba544c18f3faa2ec91a3edcb553ec456530791f2d827ec6afb4fc578202
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 06:54:08 GMT
ETag: "1f8a-5e71f617493d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1617
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
85.214.167.154200 OK 2.5 kB URL HTTP/1.1 track4face.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 85.214.167.154:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "194b-5e41d999a9e2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2457
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
85.214.167.154200 OK 7.1 kB URL HTTP/1.1 track4face.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "4ac6-5e41d999abd6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7095
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
85.214.167.154200 OK 2.9 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6485)
Hash d74b132d612e4d48644b3d2e94126668
0f14ca438d1caac87cfdc815b8ac941c740e24dd
7228b214ba7d6c784c6b0b6486ed5afc6c393f48ae1eb47bcb57463613dd6622
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "19c9-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2895
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/fresco/js/fresco.js
85.214.167.154200 OK 16 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fresco/js/fresco.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (65351)
Hash fd584a0e4070600f9746ac2c965f793a
30bb8cf454f96b6e18d1e8347ab6ddd7c35e94be
5ce92f55b576be6bdc095b7ecdad6153e0c76ba2bd318ef1a16136f28c7561fa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fresco/js/fresco.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "121cf-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16259
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
85.214.167.154200 OK 5.8 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (20420)
Hash e8be176bc921ba9b9fc61c8e772eda55
aaad6760bd966f8883fd3f6447bc1d417ae22dda
91a255f6e4a1a0442206789b2cb71b3b4c834653f3e6bddb57624db4ff6a5c78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "509f-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5825
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
85.214.167.154200 OK 3.7 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (8499)
Hash 2ef06a44f7748a6a0fb05f14c2aa7b5c
c0fe4fa5f090985eb554496d71cc9bf430ef1569
42670d6e73486f23491d99917a5ffd19b1ca73aca1018e792cb54b17ae352112
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "232c-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3743
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664383209
85.214.167.154200 OK 3.1 kB URL HTTP/1.1 track4face.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664383209
IP 85.214.167.154:0
Hash d267bd35ccf6033cb8e9837358eb9856
a3497f6e883b3ad6d7c24241d8cf27a12b207b18
7b085d8f0972e8a90636d785ea53496c27bd7b73335aafd6003d847a835d8e7e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664383209 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 16:40:09 GMT
ETag: "29ed-5e9bf69f4aec1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3086
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf8ecd10767275bde2cfc6fac62a1329
72ac83e974b6d65b421294b350668f0db2c03f21
b1547428138008b38f530c906d8d64fd8836fa42aaafa923f1671aa14bb29c67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4577
Cache-Control: max-age=108234
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Etag: "6384a45b-117"
Expires: Wed, 30 Nov 2022 13:23:08 GMT
Last-Modified: Mon, 28 Nov 2022 12:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
track4face.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
85.214.167.154200 OK 1.8 kB URL HTTP/1.1 track4face.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "15fd-5e41d999ac924-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1834
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
85.214.167.154200 OK 7.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (26402)
Hash 16e18d529c46ab688020513c4ba84520
67374012c1416073e0ee4fdbb13dcb2fec2a7aca
a0d132048e8963e669e7a27c4a20fe999945954fa74253ecc3364d622e44391a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "68af-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7224
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/vivus.min.js
85.214.167.154200 OK 4.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/vivus.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (11871)
Hash 1eb4007fcae41795efce53b86dbc528a
48ad1996d9771e06a9c0f629a57960b2e030acde
23382c89a808ca1a932966faabdbde13ef681fccc35fcc9dd50cfee8176c5a88
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/vivus.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "2ef6-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3975
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
85.214.167.154200 OK 2.6 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6765)
Hash 3b5b72390b2ee4f25583c53ca4cfc91c
28050a0d22ec4d857182fd8c79bcffaaa0236473
db670df9389dffa7acc4a05cc3941874204dc4996f14aa2cbb1e06c0dc715e0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/intersection-observer.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "1cd8-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2641
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/anime.min.js
85.214.167.154200 OK 7.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/anime.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (17169)
Hash 6b775f5a553f15b26598a3a7a4681f38
d2e2e17783d72a4d25d475ae8deba7192598bcbe
388357780250aec928ffe5141bcd26f0fe0c457844c5765573ec0eb11f78d122
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/anime.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4378-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6976
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf8ecd10767275bde2cfc6fac62a1329
72ac83e974b6d65b421294b350668f0db2c03f21
b1547428138008b38f530c906d8d64fd8836fa42aaafa923f1671aa14bb29c67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4577
Cache-Control: max-age=108234
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Etag: "6384a45b-117"
Expires: Wed, 30 Nov 2022 13:23:08 GMT
Last-Modified: Mon, 28 Nov 2022 12:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
85.214.167.154200 OK 30 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (32482)
Hash 22d2613b2c9183365806419244ca2fa7
805745a47582e3ecd41e5c205088efcb358c813b
fbe6441d283a0ba340faf5f87e328484790a93657f137b007b9b4ee4c054b4c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "1a3a8-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 29851
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
85.214.167.154200 OK 2.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (1031)
Hash 6571b1c666b4a16227a30c90297202d2
8f0944bab38c3010140fae08923b594201908447
22e9cfa85e0c34d752c7168a80175f4c37c84fa92ebd95367715c4badddd390f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fontfaceobserver.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "16fc-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2200
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
85.214.167.154200 OK 5.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (14677)
Hash d1cf4e234cc58dff036e036e7a281061
a2cd07181f3eaea1c2368b29e3ef2d222f085187
e4e40521c1a34232c308420d0e956ef8e5a2c777646177db3668b91698309568
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/tinycolor-min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "39bc-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5243
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6342)
Hash a1868686d0085f8ac4924a4d0c23fc9d
47d46ea30f131aeb0872eb088a4bc6667c5a2457
e7db67a7207a0f24ee95bd6bda57cd83bc0dec71dbfa970972efb66cd4ed115c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lazyload.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "18c7-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2387
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
85.214.167.154200 OK 6.1 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (17329)
Hash df0a3fe3812df69e308b78d09c259b38
6d4d38af412d5ba2a2c65392b608fb77469f94d3
9ecad2704bf1341e76d4e8e285c63fc7e7b302117caa66f3dd665be7038dd400
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4416-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6060
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash eabeb282ab0b0bf88eadca3a0ece531b
1b18d337f99d82cab6c78aeea8ea6817a1adae0b
79b4e6caeb036524799091bf8b537ef4a7ac5f308dc03f1d440aa2fffc32f0ed
GET /recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 29 Nov 2022 07:19:14 GMT
date: Tue, 29 Nov 2022 07:19:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track4face.com/wp-content/themes/ave/assets/js/theme.min.js
85.214.167.154200 OK 40 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/js/theme.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (31973)
Hash 4ce1782d837af56e1b1ad44ec2d62124
0caaaa068b2dd22acf929b5bb99eadb5fdab502b
6d806b605d4bd510b2687e7543869c153d3a440c6a33961597dd081adc1e1396
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/js/theme.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "3068e-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 39579
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf8ecd10767275bde2cfc6fac62a1329
72ac83e974b6d65b421294b350668f0db2c03f21
b1547428138008b38f530c906d8d64fd8836fa42aaafa923f1671aa14bb29c67
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4577
Cache-Control: max-age=108234
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Etag: "6384a45b-117"
Expires: Wed, 30 Nov 2022 13:23:08 GMT
Last-Modified: Mon, 28 Nov 2022 12:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
track4face.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png
85.214.167.154200 OK 600 B URL HTTP/1.1 track4face.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png
IP 85.214.167.154:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 06:46:56 GMT
ETag: "258-5e7e87218e92a"
Accept-Ranges: bytes
Content-Length: 600
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/white-copia.png
85.214.167.154200 OK 17 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/white-copia.png
IP 85.214.167.154:0
File type PNG image data, 982 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 96cd47d3fe31da9172460a61a9f63b1e
b1126c6677dc033e53fb40933e27bb23f4cf05dc
56c7e42a7a89eee8538e8332f1d94be0ab46ecd585bf9f8a3aa5c7abdffcec13
GET /wp-content/uploads/2022/05/white-copia.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:53 GMT
ETag: "430f-5dfe7cbd1ba73"
Accept-Ranges: bytes
Content-Length: 17167
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/white-copia-300x60.png
85.214.167.154200 OK 8.2 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/white-copia-300x60.png
IP 85.214.167.154:0
File type PNG image data, 300 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c07631cf5b93d1fa7f083bf4c86a3fe
d015b0383bab3a8dd4c5fa503a6ca9f246d96c4c
0269f74c8fd75159b32f3b51ee61975e5ea74e8f9015c03b2bf8653480d60ec4
GET /wp-content/uploads/2022/05/white-copia-300x60.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:53 GMT
ETag: "1ff8-5dfe7cbd515d4"
Accept-Ranges: bytes
Content-Length: 8184
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/logo-color-.png
85.214.167.154200 OK 19 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/logo-color-.png
IP 85.214.167.154:0
File type PNG image data, 982 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 52cbfdc4555a13fb709c10c9e02271bb
c3bfd2f54d2f407a683f8ee68f69a048bdd66de0
8300b429b11dd5c7f573cef0a6a6e2c15d2425bb2f9a91a3336c0f76f4f1503f
GET /wp-content/uploads/2022/05/logo-color-.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:51 GMT
ETag: "4927-5dfe7cbade681"
Accept-Ranges: bytes
Content-Length: 18727
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/08/umbrella-beach-solid-1.svg
85.214.167.154200 OK 960 B URL HTTP/1.1 track4face.com/wp-content/uploads/2022/08/umbrella-beach-solid-1.svg
IP 85.214.167.154:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e7b30864d3328a982c302ae9681e68e3
f5d732d6c0b5a506ea02d7c052c5c0e532b0212b
1d52995faad5c954417f3d572ad621b16d971d0d9acd54a4c4a57b7cf03be4fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/umbrella-beach-solid-1.svg HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Wed, 24 Aug 2022 10:34:12 GMT
ETag: "3c0-5e6fa38cc2c26"
Accept-Ranges: bytes
Content-Length: 960
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/svg+xml
track4face.com/wp-content/uploads/2022/06/FONDO-HOME.png?id=5241
85.214.167.154200 OK 19 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/06/FONDO-HOME.png?id=5241
IP 85.214.167.154:0
File type PNG image data, 1752 x 1116, 8-bit colormap, non-interlaced\012- data
Hash f09e0d1007183df93074bcaff2e8b7b2
dfc9c52588b7c0058518eedcf62e3ce04c8b617f
231e85f97993afe8ce8afe8e50f3f05da9f9be7ed4ee9f325470df561f55e6e2
GET /wp-content/uploads/2022/06/FONDO-HOME.png?id=5241 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Wed, 29 Jun 2022 10:15:34 GMT
ETag: "4948-5e2936f0f1d58"
Accept-Ranges: bytes
Content-Length: 18760
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
85.214.167.154200 OK 14 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
IP 85.214.167.154:0
File type Web Open Font Format (Version 2), TrueType, length 13564, version 330.32636\012- data
Hash e7d4bfa72a1f7d352fa6605501a3e2f2
afd94b571eff9da7d85490bdb4c9874419cd260d
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "34fc-5b5c72a7540c0"
Accept-Ranges: bytes
Content-Length: 13564
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21096, version 1.0\012- data
Hash edd1beac8f00071cab3e2db58647ff94
8e8128a2cecf6524557cce4a32eb751f5dbe261d
a3298dd9c080ba992e6b3afd31430a7ec37869a5ecda45b854672ec069af4aab
GET /s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://track4face.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 01:00:16 GMT
expires: Thu, 23 Nov 2023 01:00:16 GMT
cache-control: public, max-age=31536000
age: 541138
last-modified: Tue, 23 Aug 2022 18:43:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
85.214.167.154200 OK 76 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
IP 85.214.167.154:0
File type Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636\012- data
Hash 832f6e62aaf3909d6b94c8a9c1e4dd51
4a06418cb56a66af5a1c0f59791469dea1dc87fa
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "127f0-5b5c72a7540c0"
Accept-Ranges: bytes
Content-Length: 75760
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff
85.214.167.154200 OK 322 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff
IP 85.214.167.154:0
File type Web Open Font Format, TrueType, length 322084, version 0.0\012- data
Size 322 kB (322084 bytes)
Hash 25095e48e20fcc644d6543c7c0878a15
a31898850576c23a5dae1d916a529d0409eba70d
2078f53ec18edf07a69cca137de279cd7fbe36c2fc5f06499db1ab4fd84aaa43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4ea24-5bae40f62db40"
Accept-Ranges: bytes
Content-Length: 322084
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/font-woff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6797
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6797
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6797
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6797
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6797
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 07:19:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 9240
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9fRfgj9_S00P8fI_T-tVt7khJ1kYZux_55K_yLYUsiyVEoiWRM9QAw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:07:26 GMT
age: 33109
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faf3524970b0c3256eb5708f4ccf11ce
47295f2cf1b039c4b85cbe463d7893671a563989
ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8402
x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYeaGbgoAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:17:21 GMT
age: 10914
etag: "47295f2cf1b039c4b85cbe463d7893671a563989"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 85273
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 34340
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e2bc1651b37b8e0467c2a6cb860fb3
3348f081a3357490a704592d105d02e81886df89
751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NqtaziEIRl6auIGehos7TAJfBAY3CtGJX0vC-pWhjs377L_rEyM6hg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:14:18 GMT
age: 75897
etag: "3348f081a3357490a704592d105d02e81886df89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track4face.com/wp-content/uploads/2022/07/dibujo.png
85.214.167.154200 OK 150 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/07/dibujo.png
IP 85.214.167.154:0
File type PNG image data, 1494 x 1648, 8-bit/color RGBA, non-interlaced\012- data
Size 150 kB (150479 bytes)
Hash 400e6bb50a0d67fbf8ea5a634ecc9388
2fd1bcf455ecbcba93d3a0579835e13f60850c9e
1008ff82845bc1a036f6ca5db05e8264b91f20bcaf73c60186f756caa4763b1f
GET /wp-content/uploads/2022/07/dibujo.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:15 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2022 09:07:23 GMT
ETag: "24bcf-5e2f710657e64"
Accept-Ranges: bytes
Content-Length: 150479
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/08/controll3-1-copia.png
85.214.167.154200 OK 160 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/08/controll3-1-copia.png
IP 85.214.167.154:0
File type PNG image data, 591 x 787, 8-bit/color RGBA, non-interlaced\012- data
Size 160 kB (160312 bytes)
Hash 7bfb47f7960b11cffb046629e6e8fb6c
9da20d45cef5a3ae90cf18c6756c786a799e7bbc
13c2856323d9aa3e42cb2930b26fe7776cb6cbf007fe59272a24b6e9e9792705
GET /wp-content/uploads/2022/08/controll3-1-copia.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:15 GMT
Server: Apache
Last-Modified: Thu, 11 Aug 2022 15:05:05 GMT
ETag: "27238-5e5f87d9a2ffc"
Accept-Ranges: bytes
Content-Length: 160312
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/07/favicon.ico
85.214.167.154200 OK 1.2 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/07/favicon.ico
IP 85.214.167.154:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 11267b0c60503804cde6d561286c653f
3a72060addeca0386bbb102d9771c0a74fedf96d
daaf4cb8ac2235812e7b9c3d28f974a8609c154276f513940bee0cbc9dce71dd
GET /wp-content/uploads/2022/07/favicon.ico HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:15 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 15:55:40 GMT
ETag: "47e-5e3da0ccba40e"
Accept-Ranges: bytes
Content-Length: 1150
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 208391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
85.214.167.154200 OK 282 B URL HTTP/1.1 track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
IP 85.214.167.154:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5ddca22f9ecb6180cdcae7aefb1a7a4c
00daef0d5ba748a000e75149214bda7d0d06294c
4c906a9ccf67c6b3350fd6bd1592d5e03ca36e098bcdcfb47fe8ebe075975b2a
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:14 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Link: <https://track4face.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Vary: Origin
X-Powered-By: PHP/7.3.33, PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 240437
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
85.214.167.154200 OK 282 B URL HTTP/1.1 track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
IP 85.214.167.154:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5ddca22f9ecb6180cdcae7aefb1a7a4c
00daef0d5ba748a000e75149214bda7d0d06294c
4c906a9ccf67c6b3350fd6bd1592d5e03ca36e098bcdcfb47fe8ebe075975b2a
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:19:15 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Link: <https://track4face.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Vary: Origin
X-Powered-By: PHP/7.3.33, PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
fonts.googleapis.com/css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 07:19:14 GMT
date: Tue, 29 Nov 2022 07:19:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20
IP 142.250.74.10:0
GET /css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 07:19:14 GMT
date: Tue, 29 Nov 2022 07:19:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v6.1.2/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v6.1.2/css/all.css
IP 172.64.133.15:0
GET /releases/v6.1.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:19:14 GMT
content-type: text/css
x-amz-id-2: RKhgfKkL5OipWaVOjDZYFnayaYno7VYE/6Fmzwy6QCzSRAjeDJ/c8F6sGXtDRlWOg8ZOUYUbz6A=
x-amz-request-id: 976A524Y8F3XW8AS
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
etag: W/"8ef777107c4620d4ddd4f8c4bb14a36c"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z2JpC5SD2m4SeZ7mQ6oeMUFYjO3dBys51Z0ybaZJHeZxmNsAKBTT6DSsnmSgEhlM27SKRMkRtgu%2Br9Sakv2ju3AGXWI2ksxAVwKB8jdp8z0nNWCu4nAfpS6mPDOAd7j%2Fbq3PHBR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771992e9dfcc7777-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2