Report - the2faces.com/wp-content/download/File

Report Overview

Submitted URL
the2faces.com/wp-content/download/File_pass1234.zip
IP
131.153.56.226
ASN
#19181 CWIE
Submitted
2023-02-05 14:07:56
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
96

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	510 B	22 kB	216.58.207.227
the2faces.com	unknown	2022-08-26T17:11:46Z	2023-02-05T15:07:58Z	36 kB	1.0 MB	131.153.56.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.40.156.208
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.131
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	383 B	44 kB	216.58.207.200
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	370 B	21 kB	142.250.74.46
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	736 B	444 B	216.239.34.36
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	527 B	630 B	142.250.74.74
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-05	medium	the2faces.com/wp-content/download/File_pass1234.zip	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css?ver=1.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5	Malware
2023-02-05	medium	the2faces.com/wp-includes/css/classic-themes.min.css?ver=1	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/dokan-lite/assets/css/style.css?ver=1674724883	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.css?ver=1674724882	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.5.16	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0	Malware
2023-02-05	medium	the2faces.com/wp-content/uploads/2023/01/basel-dynamic-1674414489.css?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/i18n/jed.js?ver=3.7.10	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/dokan-lite/assets/js/helper.js?ver=1674724881	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/jquery.magnific-popup.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/owl.carousel.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/photoswipe.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/photoswipe-ui-default.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/jquery.countdown.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/jquery.autocomplete.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/threesixty.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/jquery.nanoscroller.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/jquery.parallax.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/moment-timezone-with-data.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/fastclick.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/jquery.parallax-scroll.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/device.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/waypoints.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/functions.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-includes/js/underscore.min.js?ver=1.13.4	Malware
2023-02-05	medium	the2faces.com/wp-includes/js/wp-util.min.js?ver=6.1.1	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0	Malware
2023-02-05	medium	the2faces.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/sweetalert2/sweetalert2.all.min.js?ver=1674724881	Malware
2023-02-05	medium	the2faces.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/js/moment.min.js?ver=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.2	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/fonts/Simple-Line-Icons.woff?v=5.3.0	Malware
2023-02-05	medium	the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2	Malware
2023-02-05	medium	the2faces.com/wp-content/download/File_pass1234.zip	Malware
2023-02-05	medium	the2faces.com/wp-content/themes/basel/style.min.css?ver=5.3.0	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (64)

	URL	Size	First Seen	Last Seen
	the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0	36 kB	2023-03-07	2024-03-14
Pretty URL the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:34 Last Seen2024-03-14 13:54:49 Times Seen1216 Hash 0a0625a36f124f9a5d733f16e1741808 9da1965e9beb82247acb76cf66f7a2445d84d91d 9ed53f10c98b8962d3e9bb775fa781c0659347825c7018b70e063eff94e8a640 Loading...

	the2faces.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0	20 kB	2023-03-07	2024-04-25
Pretty URL the2faces.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:46 Last Seen2024-04-25 23:20:19 Times Seen2129 Hash 6ce179ee275d3bd58d0407b79d6366cd fb1393daafde2f3e85f31777543c3194a4ab11d0 1bd0097cd9d76a31566f4236a1aaa31cdd43c5857a9502679805fddbc7599a54 Loading...

	the2faces.com/wp-content/themes/basel/js/fastclick.min.js?ver=5.3.0	7.8 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/fastclick.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen34 Hash 6c754ebb16498dafcd60b23c2aee511e 94f93c68b74511b2729be83b3f3df9b3f4f76ad5 93c54cc6849599fb6f2243abe8334f86b8e84688f98005ac16842bf8ac0360eb Loading...

	the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/sweetalert2/sweetalert2.all.min.js?ver=1674724881	68 kB	2023-03-08	2024-02-26
Pretty URL the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/sweetalert2/sweetalert2.all.min.js?ver=1674724881 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:47:58 Last Seen2024-02-26 12:28:56 Times Seen148 Hash 344a15d30065c3c07d10934292b34a10 9cd5c15712ea4e50a29dc4424165b30ecbbe964e cb632d00ef7e69108e1f6121aa3859bcdf21e66e0e2dc0b089330c1bed25d442 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	152 B	2023-03-07	2024-04-27
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-27 03:45:15 Times Seen19940 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	the2faces.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.2	165 kB	2023-03-08	2024-04-27
Pretty URL the2faces.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.2 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:50:13 Last Seen2024-04-27 01:04:55 Times Seen6107 Hash 0a7176e860c4303f557950b75fb8a898 c292eb1b902ed06fccd65a684d6b311e1290caa9 c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094 Loading...

	the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.3.0	14 kB	2023-03-08	2024-04-26
Pretty URL the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-26 00:33:29 Times Seen631 Hash f749280669d445dfe7a49aadccff5d53 c32ad75d2cfdaf073842e1bf4f4375e0f56d8a58 bf8c713d2545b889e4ce9390e47c47a4a146649320f91ca11006bc948944ec4e Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	632 B	2023-03-13	2023-03-13
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:40:23 Last Seen2023-03-13 17:41:19 Times Seen1 Hash 76e9df9e16022d5734d90993e4a6c638 c5cc57d109d1638154d3c799262d4f9eb3b26aee cc3aec5a180139ab4564517f1e5a848011e7e8e2f3f7e0237da5faca64f21afd Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	258 B	2023-03-13	2023-03-13
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:40:23 Last Seen2023-03-13 17:41:19 Times Seen1 Hash 1004bb9dfd7396e472608161d6759197 785d6c027e3d9b84fca336fb2ada59d8069b36d2 7619b1e6b93d0d621a7a8d45a3096e42513695e7a867572d20617453b4d9d712 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	2.8 kB	2023-03-13	2023-03-13
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:40:23 Last Seen2023-03-13 17:41:19 Times Seen1 Hash 55b5b92c66e6cbaa87f3133fe5a40c83 2a67e092b80057b50d66a02081658eb08100b7c1 2b4d239d595c96163a24a9582231b21fcd164136d99e56c2f04b5c91536f8a02 Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.magnific-popup.min.js?ver=5.3.0	21 kB	2023-03-07	2024-04-25
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.magnific-popup.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-25 21:53:59 Times Seen2407 Hash be3333626c57af03599abcb59b325e09 3824067348f6485d6b07d3a43660804e3731b21a ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc Loading...

	the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.js?ver=3.7.10	26 kB	2023-03-08	2024-02-26
Pretty URL the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.js?ver=3.7.10 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:12:50 Last Seen2024-02-26 12:28:56 Times Seen149 Hash 5e61d1b427617b5e8b0f2e838a04533c 0a098dd2a0937d498ab5897e0ed96772fa2bedb5 ced29b1d2eff1f78419fb1c2c5224e6ad6c484eb59c3e535e67b43257e3b358f Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.justifiedGallery.min.js?ver=5.3.0	10 kB	2023-03-08	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.justifiedGallery.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:31:10 Last Seen2024-03-24 08:31:59 Times Seen63 Hash b845553890a6c0afd5c842fd9c8ff563 af6b3bd743cfc35848f7cf483b3503fdf95298f8 0e2946c95e45d540c2a8e56a80ca942b40d73da93eecac12a9df2997d7e4b627 Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.pjax.min.js?ver=5.3.0	8.2 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.pjax.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen24 Hash ca28300ba0cc1071dea2d4a9a51a0e91 49e0f0b44d78b2364439abb4bb4dfbb44ae650da e0a05948b77f5f0143c4ff0a7b232fe92e1ad75a0c5ad9d1ea7051471ccd175c Loading...

	the2faces.com/wp-includes/js/underscore.min.js?ver=1.13.4	19 kB	2023-03-08	2024-04-27
Pretty URL the2faces.com/wp-includes/js/underscore.min.js?ver=1.13.4 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-27 01:43:17 Times Seen41525 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.parallax-scroll.min.js?ver=5.3.0	3.1 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.parallax-scroll.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen34 Hash 00b2095a33ebf5f0fd248a89d6a814be b4a7ab71a0547735a0239aa66e1e08316cda34c9 d95e6092e0a499d87dfc59b6daa43fc73be7a31549404ab2da9454a0ce5ab025 Loading...

	the2faces.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.2	406 kB	2023-03-08	2023-12-28
Pretty URL the2faces.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.2 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:50:13 Last Seen2023-12-28 08:16:39 Times Seen28 Hash f8a1bfe9e1cb34b834ab3311c744847c 08df5481a64d189d2c9af23b6240b54a501bb4bf 0d94145f9d71de66f23f7557a9fdd8da8b3295d8336846ca7301f6831d81d6a5 Loading...

	the2faces.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3	11 kB	2023-03-09	2024-04-25
Pretty URL the2faces.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:22:20 Last Seen2024-04-25 23:20:18 Times Seen8868 Hash 7f0734e228d3f1a255a8b817a5005b8e 3dfca70a7a3e298fc392f2393ca60d350eebb5fd 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228 Loading...

	the2faces.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-27
Pretty URL the2faces.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-27 01:43:20 Times Seen31839 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	298 B	2023-03-13	2023-03-13
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:40:23 Last Seen2023-03-13 17:41:19 Times Seen1 Hash b010389e875c9bc11d31ead175a44630 61ef6db4a8d7592824bb8089180f084370853c52 856230b55c269be18e119b00f159fc148e99c28cef621b6912e6a8f12ad782f0 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	75 B	2023-03-07	2023-10-20
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2023-10-20 23:45:22 Times Seen4 Hash 1899ac995001d7902751e8f47e77c56f e69e0da1227a3d5bcc95908828db42592ba9d797 ae56c768b2cca9f5b6c39ae146d0ebeaa98adcbfd1e0dd48928aa8d3636adc73 Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.panr.min.js?ver=5.3.0	1.3 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.panr.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen32 Hash 42c88f066e605f5c783f34b67d54c397 b047b64506c839e1d9778fe0c374d31ed325daa5 1750e4d5dc5242b0374e990878270389318f736cafd50975414bbb83000ff58d Loading...

	the2faces.com/wp-content/themes/basel/js/device.min.js?ver=5.3.0	3.1 kB	2023-03-07	2024-04-15
Pretty URL the2faces.com/wp-content/themes/basel/js/device.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:24 Last Seen2024-04-15 23:26:16 Times Seen215 Hash 42d2a84f8934933796892821e3b90391 06aaac64bfbf121dc2bf9e28b6c404e3c52fd27f 4f164ac673a1beee85461fe53f89f12d69c2ed5a6adff3d4d69f762c6f766411 Loading...

	the2faces.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0	9.5 kB	2023-03-08	2024-04-26
Pretty URL the2faces.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:31 Last Seen2024-04-26 23:19:41 Times Seen14391 Hash 4ffc462852340d9e6b5b7b29276fcb71 5e04050e09e3f7d8107ef3b9aa9313be618c460e 18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526 Loading...

	the2faces.com/wp-content/themes/basel/js/slick.min.js?ver=5.3.0	33 kB	2023-03-07	2024-04-17
Pretty URL the2faces.com/wp-content/themes/basel/js/slick.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:55 Last Seen2024-04-17 09:32:31 Times Seen527 Hash ebcbc22f8c948f222c19e6bde99a776d c625977ba906660be3757d831d6466c9e24113df 8ac889108f5a29918a940026d4f198e2bc28bf8434b2127493bd78472f076e92 Loading...

	the2faces.com/wp-content/themes/basel/js/imagesloaded.pkgd.min.js?ver=5.3.0	6.9 kB	2023-03-07	2024-04-26
Pretty URL the2faces.com/wp-content/themes/basel/js/imagesloaded.pkgd.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:40 Last Seen2024-04-26 00:19:45 Times Seen1783 Hash 511ef2f6ee750edc32bb5c8d5d324e7e 4bccbca87d32236ed7a6f37129cc1accf20d2a8f 37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902 Loading...

	the2faces.com/wp-content/themes/basel/js/threesixty.min.js?ver=5.3.0	7.6 kB	2023-03-07	2024-04-03
Pretty URL the2faces.com/wp-content/themes/basel/js/threesixty.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:22 Last Seen2024-04-03 01:53:41 Times Seen103 Hash 69133807158adb645fe96d787eef4597 b3b2163d05d3fa84d3050d48458b34cbccac55b9 5c93f8dff4b0150637b082b470b67ca6147485186eb4edcf8486f0fae25d4ea1 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	294 B	2023-03-13	2023-03-13
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:40:23 Last Seen2023-03-13 17:41:19 Times Seen1 Hash d7eb27cbf746daba16636f61027d7abf 66b93dc52949142967932f4f617340976bd75898 5958913f8c8bff8a661ef72db24dff2a3b91889105a961dc7cebef2ba2bd830e Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	482 B	2023-03-07	2024-04-02
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:24 Last Seen2024-04-02 17:15:15 Times Seen314 Hash fea3970d3abe53a88b209e8bf27ed8d3 133c87d30a45d9ade53fda3916eab4edee63b8ee 6b4b60b1961ce0bd2c350666273a2cc15738634587c8d9877fff2a77f4ddbcd6 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	131 B	2023-03-13	2023-03-13
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:41:19 Last Seen2023-03-13 17:41:19 Times Seen1 Hash 25126155fd4270b5dd543dc6a5bdecd3 723e3c706121b23be279397586171def4b3d36b4 e21166e0ca9b7b6777605e538e81078cd83239060beebd4ad8b4bcf55f60a297 Loading...

	the2faces.com/wp-content/themes/basel/js/vivus.min.js?ver=5.3.0	11 kB	2023-03-07	2024-04-16
Pretty URL the2faces.com/wp-content/themes/basel/js/vivus.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:46 Last Seen2024-04-16 04:06:50 Times Seen161 Hash 4ed9320807addb0a2a66496aa1a14744 d5bf6bf3e6c162d9755d9fd1310a815d05ccc243 c8ba883081228dba298f542e12035565d7c6f01ec66b31ffc1d309a9dfe7495e Loading...

	the2faces.com/wp-content/themes/basel/js/functions.min.js?ver=5.3.0	90 kB	2023-03-13	2024-01-21
Pretty URL the2faces.com/wp-content/themes/basel/js/functions.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:40:23 Last Seen2024-01-21 18:39:25 Times Seen13 Hash a37b95301e84e53f58e5a1f0fdeefdf5 984877b60cec5731712eb70fd3ef8564aeaa3028 5b6fad2049ec67e7af637937dd12d81e6ab47ffd107f327842f5343dd6c6690b Loading...

	the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0	2.9 kB	2023-03-07	2024-04-26
Pretty URL the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-26 23:19:40 Times Seen13992 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	96 B	2023-03-07	2024-04-27
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-27 00:16:42 Times Seen10637 Hash eb3a538fd2a39c22198e72c3b9f498a7 c966ebdbd2701a0980a85671126664f3892d4f1e ac233233e7bcaf806041b243578fab081dced8a045d9a82756410da9ea2382a1 Loading...

	www.googletagmanager.com/gtag/js?id=G-Z4SEZ08TMD&l=dataLayer&cx=c	185 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-Z4SEZ08TMD&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:41:19 Last Seen2023-03-13 17:41:19 Times Seen1 Hash 5a905927127680de98a7f7d8c6154047 288add640f6af508eb68aace46003f839f75eef0 93f443efc3d563c1f0be7a117263316ab25b97796e9f3f6560e59d691ce65ce9 Loading...

	the2faces.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-27
Pretty URL the2faces.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen68686 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	the2faces.com/wp-content/themes/basel/js/waypoints.min.js?ver=5.3.0	8.0 kB	2023-03-07	2024-04-26
Pretty URL the2faces.com/wp-content/themes/basel/js/waypoints.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:43 Last Seen2024-04-26 05:11:45 Times Seen743 Hash b72a7b8d3d65ebc954b5b3103fdff409 c0c0d473a9bc5a9739f8f44158027d34e31bd642 d271120b283f037391dcecfb7e65de5ac6d4feaf3a990ba2a4a2d5289a40333e Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	332 B	2023-03-07	2024-04-27
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-27 00:37:31 Times Seen9167 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	135 B	2023-03-07	2024-04-27
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-27 03:45:16 Times Seen26613 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0	2.1 kB	2023-03-07	2024-04-27
Pretty URL the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-27 03:45:21 Times Seen22416 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.countdown.min.js?ver=5.3.0	3.8 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.countdown.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen40 Hash 91d933a246c4f0bb8ffacbed78809090 bd128d52a16cb5145e1fe3c3f74a866ce0c385fa 6de01bd50dbe13165a75ffed762f5b9d6908d07bdfeb1e0dfe0e00a569899b9a Loading...

	the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/i18n/jed.js?ver=3.7.10	38 kB	2023-03-07	2024-02-26
Pretty URL the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/i18n/jed.js?ver=3.7.10 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-02-26 12:28:56 Times Seen146 Hash 8390027ea5f7c29dfc8e57ffa84d367a 7336079bbd911abbdd8ec054de2498933d423720 25d0fc809bbe377000840cb28d6eb044800991a6e12a71c1f69da7f06af00f6f Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.parallax.min.js?ver=5.3.0	559 B	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.parallax.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen32 Hash 1b1821804c55f95e993652998b4ab390 27275c70dfd8ee198a9491e234a4a099efe45b0c 03b1625f677108a5cfcd566aa415c6fd4fcd5725bf8acda096c17c353ff30751 Loading...

	the2faces.com/wp-includes/js/wp-util.min.js?ver=6.1.1	1.4 kB	2023-03-08	2024-04-27
Pretty URL the2faces.com/wp-includes/js/wp-util.min.js?ver=6.1.1 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-27 01:33:02 Times Seen24471 Hash 19d386c9004e54941c1cc61d357efa5d 0a77594006c8d86fdcc0adbc2b9aecaef3869586 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95 Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.autocomplete.min.js?ver=5.3.0	13 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.autocomplete.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen50 Hash 29a37cf65b136b355675c1b5ad8e1904 63e56dcf4f4827d3fef0f956950bf3b0faf12fbb 9048a345c3c7a31ab850a70a8cdf7c9e6dfba60ded8e5a27f1e4b50f679222a9 Loading...

	the2faces.com/wp-content/themes/basel/js/jquery.nanoscroller.min.js?ver=5.3.0	10 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/jquery.nanoscroller.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen37 Hash 1dbbad4b0a18467ba6665aecf33b94f9 abf77460f75199e331c2abdcc2d216750d7de977 03915227c708496ef318b35837b79b4c4ebc270afa0402e20e9aff63e2ca8f26 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	127 B	2023-03-13	2023-03-13
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:40:23 Last Seen2023-03-13 17:41:19 Times Seen1 Hash 29e3854b4e7b5b9dc5a4449b94c151e2 8967b72832930d2d826f76330031e5223c0cb0be d011d5d49f6692036d44135aca8521960ffda9dd6e2334a40c33cee015b092e1 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	the2faces.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3	13 kB	2023-03-13	2024-04-24
Pretty URL the2faces.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:30:08 Last Seen2024-04-24 15:15:08 Times Seen1706 Hash c324038c8d6cd7e9990ff50520625008 a707f321bad9f20c442b776efa6812c8acadb8c0 af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f Loading...

	the2faces.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.16	8.2 kB	2023-03-13	2024-04-18
Pretty URL the2faces.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.16 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:09:20 Last Seen2024-04-18 13:38:35 Times Seen414 Hash 1214a727b057f647347550399057cae3 43dc87f981c3806229c225db639e6814e4fdff02 02469d206bab1af403af054a82e7c016cc7914f6701d62d75879f0521f216bed Loading...

	the2faces.com/wp-content/themes/basel/js/owl.carousel.min.js?ver=5.3.0	43 kB	2023-03-07	2024-04-26
Pretty URL the2faces.com/wp-content/themes/basel/js/owl.carousel.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:02 Last Seen2024-04-26 15:27:04 Times Seen1096 Hash 6473747d818f47587036ccde48050d82 75560ff8e721a6344a927f369debcf80004c9d24 63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1 Loading...

	the2faces.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4	58 kB	2023-03-08	2024-04-26
Pretty URL the2faces.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:03 Last Seen2024-04-26 01:56:03 Times Seen387 Hash 8424b037edd84d8e1f1cf5559de50390 2740e3cb33901d827781ed5e930764b9d0ad1857 b5702b438e090e76b34ab322434f020b4a54c1aee477aaa2749f386e7d060e51 Loading...

	the2faces.com/wp-content/themes/basel/js/TweenMax.min.js?ver=5.3.0	109 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/TweenMax.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen40 Hash 3eb2644710619c4775d1579dff5554d0 56a654d0b6f3f8e28dbb7a09d5837de544db7b12 c11955839bf069ad99210f7748832c10690f107f7a3d3680bc9fad9ba0dc04f1 Loading...

	the2faces.com/wp-content/themes/basel/js/photoswipe.min.js?ver=5.3.0	32 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/photoswipe.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen136 Hash bcdf33eac62d9b05818b4b0bcebd3c0d 0eff83b8a6b3de9c026feb4343340ad32dd9eb46 8d1839f75f49b5265a259c92a9910c995c6e6802de978c3b9f57c4cf76fde538 Loading...

	the2faces.com/wp-content/themes/basel/js/photoswipe-ui-default.min.js?ver=5.3.0	9.8 kB	2023-03-07	2024-03-24
Pretty URL the2faces.com/wp-content/themes/basel/js/photoswipe-ui-default.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:01 Last Seen2024-03-24 08:31:59 Times Seen119 Hash 65fe6ffafd6b9bead87a69ec185b1851 7cc4588e4d4f19610f1d7839e02db5417efbfd53 0f3985bd180518d18af54572f8d4550ae3b3a57a342cdd593da65fb9052da7b0 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	1.4 kB	2023-03-13	2023-03-13
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:41:19 Last Seen2023-03-13 17:41:19 Times Seen1 Hash 3bd498f45b7a1b4c5db426d50205fb32 c87ef560091a199ca22b584a69c13a422dd34e04 5a25c59a1730dd6286c17ad8012e5a7b20d6f6d6c5341c6ba1b2a5b04c5d34f5 Loading...

	the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0	3.0 kB	2023-03-08	2024-04-26
Pretty URL the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:31 Last Seen2024-04-26 23:19:41 Times Seen11379 Hash f449e3e4a7c058f7c48f57e05c788fb0 e7b0c58a1a14c14a92e452cc544b312ed91fa52e bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	2.3 kB	2023-03-07	2024-04-27
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2024-04-27 01:04:48 Times Seen7948 Hash f0bef95e258d5b84f82c5d4e29252176 eac5936c555c039bc38816d0916e13c0b364d797 a6c3ffec54ef5f2ca033b1fcdf84e1feac93437a3d8d4439667e9276ca2a9836 Loading...

	the2faces.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0	1.8 kB	2023-03-07	2024-04-26
Pretty URL the2faces.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-26 23:19:41 Times Seen21612 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	the2faces.com/wp-content/plugins/dokan-lite/assets/js/helper.js?ver=1674724881	7.8 kB	2023-03-09	2024-01-01
Pretty URL the2faces.com/wp-content/plugins/dokan-lite/assets/js/helper.js?ver=1674724881 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:03:39 Last Seen2024-01-01 12:27:06 Times Seen59 Hash 8ded488d24d5ceb7f1a61f8863e03421 44b28b08a92200cd371bf47c6ddff5f803646a43 9c6243d7fe21be374ac2522a02a77e3240bb5da38debbbdd348c962e977e85b3 Loading...

	the2faces.com/wp-content/themes/basel/js/moment.min.js?ver=5.3.0	52 kB	2023-03-07	2024-04-26
Pretty URL the2faces.com/wp-content/themes/basel/js/moment.min.js?ver=5.3.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:47 Last Seen2024-04-26 22:48:09 Times Seen1940 Hash aeb7908241d9f6d5a45e504cc4f2ec15 32fdf6730be34538e09378ec6cc55229d9a70151 d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238 Loading...

	the2faces.com/wp-content/download/File_pass1234.zip	535 B	2023-03-08	2023-11-28
Pretty URL the2faces.com/wp-content/download/File_pass1234.zip IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:37:06 Last Seen2023-11-28 09:29:46 Times Seen9 Hash b2fa9e338356969ceb735c0b901da6a0 9ab6e234255055e695f738dc24d0ca3e9f65672d b25fc2a8f3fc1351d472ae131ff7d424c3aad25f770aa3cd657dd6fbbd91f616 Loading...

	the2faces.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0	992 B	2023-03-07	2024-04-25
Pretty URL the2faces.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0 IP 131.153.56.226 ASN #19181 CWIE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 23:20:18 Times Seen6816 Hash 787fe4f547a6cb7f4ce4934641085910 c2dee88d5bdfef214ce9c56f71a1df51cda0f328 654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79 Loading...

	www.googletagmanager.com/gtag/js?id=UA-239049377-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-239049377-1 IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:41:19 Last Seen2023-03-13 17:41:19 Times Seen1 Hash cdebfdbbaf56ff287a1a872f49ad3d05 f90ebfda16599325dd9c55bc1450bd76b542a501 669c76e3066f8abce2a1d211c81b18fc016ed7a50742ee5b28154393064fc5ce Loading...

HTTP Transactions (106)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13988
Expires: Sun, 05 Feb 2023 18:00:53 GMT
Date: Sun, 05 Feb 2023 14:07:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3271
Expires: Sun, 05 Feb 2023 15:02:16 GMT
Date: Sun, 05 Feb 2023 14:07:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 13:36:18 GMT
content-type: application/json
age: 1887
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10690
Expires: Sun, 05 Feb 2023 17:05:55 GMT
Date: Sun, 05 Feb 2023 14:07:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xbzilvJu6ttFraXoc09pGaBVdvNVpmgHC33YE6UeEqQb4WriR/I362IkGhVXCz8obxr4cTyiplPgKUQURkdC/w==
x-amz-request-id: NE55YWM8KE1BG3TS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 13:53:18 GMT
age: 867
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

the2faces.com/wp-content/download/File_pass1234.zip

131.153.56.226

301 Moved Permanently

707 B

URL HTTP/1.1
the2faces.com/wp-content/download/File_pass1234.zip
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/download/File_pass1234.zip HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 05 Feb 2023 14:07:45 GMT
location: https://the2faces.com/wp-content/download/File_pass1234.zip
vary: User-Agent

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:07:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 13:49:07 GMT
age: 1118
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15549
Expires: Sun, 05 Feb 2023 18:26:55 GMT
Date: Sun, 05 Feb 2023 14:07:46 GMT
Connection: keep-alive

push.services.mozilla.com/

52.40.156.208

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.156.208:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kBfn5JarEhoDlIxyLT2SYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YVheNbUPmfGcpQaO4UV2LmvQNiM=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:07:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:07:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-239049377-1

216.58.207.200

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-239049377-1
IP
216.58.207.200:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (43889 bytes)
Hash
39bf45a34fb1a33e7325ef0548cf323a
6760dc01935da76520446ab8ac9c9d1614afed5d
a70cd829396c123183beea2fc45459d96bdc4f0c759d61561f14dbac15b33205

HTTP Headers

GET /gtag/js?id=UA-239049377-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 14:07:46 GMT
expires: Sun, 05 Feb 2023 14:07:46 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43889
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:07:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:07:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

the2faces.com/wp-includes/css/dashicons.min.css?ver=6.1.1

131.153.56.226

200 OK

35 kB

URL HTTP/2
the2faces.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (58981)
Size
35 kB (35110 bytes)
Hash
54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Thu, 04 Mar 2021 09:46:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 35110
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=5.3.1

131.153.56.226

200 OK

326 B

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=5.3.1
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (1411)
Size
326 B (326 bytes)
Hash
e6024e94f2cdf7ff1da4c708978b252b
b394f60cab9b6c954550837e9c458444bb76ab21
bc6f40d1dc3dcb37a83cfae77f5612830ed9790683dc91f22d943d9180713d2e

HTTP Headers

GET /wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=5.3.1 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 09:28:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 326
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css?ver=1.0

131.153.56.226

200 OK

2.0 kB

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css?ver=1.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (5886)
Size
2.0 kB (1995 bytes)
Hash
17e267eebc51d0724b1d98c64e8a97f7
3451904e9f7b8068a59796b9743088f8f10e65b5
e9c0a8c94cadfa2c65c401f158d39a7014bc5c199ce72ee81f4007a4414ae7d7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce-payments/dist/upe-blocks-checkout.css?ver=1.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Thu, 02 Feb 2023 09:28:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1995
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

131.153.56.226

200 OK

12 kB

URL HTTP/2
the2faces.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 02:47:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11616
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5

131.153.56.226

200 OK

1.8 kB

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (10435), with no line terminators
Size
1.8 kB (1754 bytes)
Hash
f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=9.1.5 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Fri, 13 Jan 2023 07:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1754
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5

131.153.56.226

200 OK

23 kB

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size
23 kB (23279 bytes)
Hash
7764ef0866edd9e19f3bae0b3774154c
2a8091abd24aa9434f9c4374a34a584af19106c8
47c6e34db110643e3578fa035f62d990d69575305f466756efc84527fb0fa604

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=9.1.5 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Fri, 13 Jan 2023 07:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 23279
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-includes/css/classic-themes.min.css?ver=1

131.153.56.226

200 OK

144 B

URL HTTP/2
the2faces.com/wp-includes/css/classic-themes.min.css?ver=1
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text
Size
144 B (144 bytes)
Hash
fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 03:38:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 144
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/dokan-lite/assets/css/style.css?ver=1674724883

131.153.56.226

200 OK

24 kB

URL HTTP/2
the2faces.com/wp-content/plugins/dokan-lite/assets/css/style.css?ver=1674724883
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text
Size
24 kB (23478 bytes)
Hash
4ec594fda54ccfaaec77c4799b6e68bd
d0773f0dfdab53fb6fed186158c1eb1a171a6d5a
ef64264bd92fe3648900acd7da8ea66baa0ac55723e23cc9abd4f1c16ea184f7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/dokan-lite/assets/css/style.css?ver=1674724883 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 09:21:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 23478
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.css?ver=1674724882

131.153.56.226

200 OK

15 kB

URL HTTP/2
the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.css?ver=1674724882
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (65454)
Size
15 kB (15326 bytes)
Hash
cbaa659a636c37cef5cef02fc46a9b86
7a266273b2bbb897595e9e1db3284a11dabea848
eb0a7f1174de4b2ab05d7531b47bc4f81f3ac212b41aa0a98c81237e6e2cddef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.css?ver=1674724882 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 09:21:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 15326
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/font-awesome/font-awesome.min.css?ver=3.7.10

131.153.56.226

200 OK

12 kB

URL HTTP/2
the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/font-awesome/font-awesome.min.css?ver=3.7.10
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (59101)
Size
12 kB (12368 bytes)
Hash
521bdc9476b6af8d6df53302ba71d5c1
a2b0b9ae01c0bbdbd4f904e90fe213ee660e8151
6f9c8f02e0d415656a77d2008fae57203d91d192139c36597657d17351f7b5d1

HTTP Headers

GET /wp-content/plugins/dokan-lite/assets/vendors/font-awesome/font-awesome.min.css?ver=3.7.10 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 09:21:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12368
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.5.16

131.153.56.226

200 OK

3.9 kB

URL HTTP/2
the2faces.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.5.16
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (15269), with no line terminators
Size
3.9 kB (3926 bytes)
Hash
b0063cc514a5a3d65b9f77d0caadbf6f
1d5f3c1f0ec5a6021aa4fe58b910bc05b97fc168
6a6c6e25ecc2ddbe2d7960a0f2f295a599d6435f31ca13a70e8a02fd22b7cbd2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.5.16 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Tue, 24 Jan 2023 07:03:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3926
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/css/bootstrap.min.css?ver=5.3.0

131.153.56.226

200 OK

6.6 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/css/bootstrap.min.css?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (35650)
Size
6.6 kB (6584 bytes)
Hash
026d844d282821b5a413f0868741b8bb
efe182122ea695755b439729b26cc06b7d13ac06
fbb2f79b1f9dbb3c30a87955224ccdadc8cd252bb811ece01f70f33a3d1a1c5a

HTTP Headers

GET /wp-content/themes/basel/css/bootstrap.min.css?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Wed, 14 Sep 2022 13:46:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6584
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel-child/style.css?ver=5.3.0

131.153.56.226

200 OK

144 B

URL HTTP/2
the2faces.com/wp-content/themes/basel-child/style.css?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text
Size
144 B (144 bytes)
Hash
0816bf54f1164028fac8042937dcb3f4
09f54b8da4bc35e4092787f3532807373a2d0bf3
fd69ad4801fef76e5f128f5197180720190c69a31b696b51f04096d74c27963f

HTTP Headers

GET /wp-content/themes/basel-child/style.css?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Wed, 14 Sep 2022 13:45:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 144
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0

131.153.56.226

200 OK

4.0 kB

URL HTTP/2
the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (34217)
Size
4.0 kB (3952 bytes)
Hash
e00926a3c189b2f2396d96d90ac77785
f61219b1a1e4924051c4e5c7acb70cd925173bdb
30a6fd0e5a3610d5074e2a634513348ff8a5a92510d45c6c2621d6bda6b2fd27

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Wed, 14 Sep 2022 13:59:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3952
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0

131.153.56.226

200 OK

12 kB

URL HTTP/2
the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (56243)
Size
12 kB (11779 bytes)
Hash
bc62c79810f6d9ff2023a3ce01fb17e8
c176d3254f491913c5567d35c85d0d02c6c9300a
abe49ff5c57ab5013f8eac78076ef149837282fce42df3f0f526cb440e3d155b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Wed, 14 Sep 2022 13:59:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11779
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/uploads/2023/01/basel-dynamic-1674414489.css?ver=5.3.0

131.153.56.226

200 OK

4.5 kB

URL HTTP/2
the2faces.com/wp-content/uploads/2023/01/basel-dynamic-1674414489.css?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (29994)
Size
4.5 kB (4460 bytes)
Hash
86d00c01feae86a039890384b47b2786
a4f5f8d30604d073f83d4921dc98868280a48407
2492b3e877dc679c45d4906dc4a010a56d4fb151948a5895c7cc76175a7857e8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2023/01/basel-dynamic-1674414489.css?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Sun, 22 Jan 2023 19:08:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4460
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

131.153.56.226

200 OK

4.0 kB

URL HTTP/2
the2faces.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 21:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.js?ver=3.7.10

131.153.56.226

200 OK

6.3 kB

URL HTTP/2
the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.js?ver=3.7.10
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (26121)
Size
6.3 kB (6294 bytes)
Hash
91ce159caf50998948319127c37c4e7d
6f46beccb340c70479677bc46351b303e0af36b3
fdb861bc3a04bb7cb3d6c3020fd76a608cd3040cb6232bffabb690e156de81f0

HTTP Headers

GET /wp-content/plugins/dokan-lite/assets/vendors/izimodal/iziModal.min.js?ver=3.7.10 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 09:21:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6294
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/i18n/jed.js?ver=3.7.10

131.153.56.226

200 OK

11 kB

URL HTTP/2
the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/i18n/jed.js?ver=3.7.10
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
C source, ASCII text, with very long lines (2360)
Size
11 kB (10647 bytes)
Hash
a5aa56e6e343546b92a297db83df0330
d498ed3e33e9758731ae4d2a91cf8bc249d0703b
0840e77aa17acafce66967f8c8718dc2bed26d678a0c97397e2991f59bbe7016

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/dokan-lite/assets/vendors/i18n/jed.js?ver=3.7.10 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 09:21:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10647
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/dokan-lite/assets/js/helper.js?ver=1674724881

131.153.56.226

200 OK

2.2 kB

URL HTTP/2
the2faces.com/wp-content/plugins/dokan-lite/assets/js/helper.js?ver=1674724881
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text
Size
2.2 kB (2169 bytes)
Hash
d39e7b4992194f7797d6c5cfb1f6654f
3be4b07cee18084d472a677618139e0c41c52812
e36d1ea6250f81b8d09e74a37ed7251bae282e0b01158c45fe5f63f31d98b7de

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/dokan-lite/assets/js/helper.js?ver=1674724881 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 09:21:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2169
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0

131.153.56.226

200 OK

3.2 kB

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (9111)
Size
3.2 kB (3247 bytes)
Hash
078e27719ab2b91e57a3d06d05bf24d8
ee2c8af72d9dbb148d4101a374f6026d0c9c3044
1c8b599f3f7bfa8d7950d95a171f2c873d051960a91c91e22304293596e5b890

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 07:09:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3247
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0

131.153.56.226

200 OK

972 B

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
HTML document, ASCII text, with very long lines (3029), with no line terminators
Size
972 B (972 bytes)
Hash
5ed77e0c59800f40061b5c322cff21fa
ced9d401d300dd1fc676a673bbf7e6360beb402d
3b284b8a096256e6cd0d9cbf2cb4b36505e71c0d7b2227fcd3132dddbeea18cc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 07:09:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 972
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0

131.153.56.226

200 OK

321 B

URL HTTP/2
the2faces.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text
Size
321 B (321 bytes)
Hash
159e4731a0ffba6862ee2a1bbcc8a805
7fb2a5ca7a80d96187fda406d0a1b7db23867fa7
c6f102a76dc397d94cfbadcd292d64bb45acaa29b0391b41a9f1cc68c2274ae2

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:59:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 321
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.2

131.153.56.226

200 OK

12 kB

URL HTTP/2
the2faces.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.2
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
Unicode text, UTF-8 text, with very long lines (12602)
Size
12 kB (11947 bytes)
Hash
cdb90190b5ea021c4ef8063197c44cde
bdfe193197018331389d1fbf71f86142e896628b
7c1f2dc0d2badaa024cf7257448f42bf37ec0d160366d65ff15832ba5fae03e9

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.2 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Thu, 06 Oct 2022 16:53:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11947
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3

131.153.56.226

200 OK

2.9 kB

URL HTTP/2
the2faces.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (10565), with no line terminators
Size
2.9 kB (2911 bytes)
Hash
70f3b9dd6a51a766210411d4ed0752de
5507f795072da10842897292e32c24b8cbf7827d
8ad70d44d761d4e24fdcdd496c7d529c52c68a7c7dce2471104d4efa2d01ca89

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 09:21:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2911
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3

131.153.56.226

200 OK

3.9 kB

URL HTTP/2
the2faces.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
HTML document, ASCII text, with very long lines (12761), with no line terminators
Size
3.9 kB (3876 bytes)
Hash
15650873a686136e7436d22dc1fd1113
d5dcae162c6e16d522f3fb829d69e098b9314c74
9648e9d80b4e797e35d03315f648a2e6f58e6d5c2efb662d3c89e2ab1ed52416

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 09:21:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3876
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0

131.153.56.226

200 OK

899 B

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (1668)
Size
899 B (899 bytes)
Hash
22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 07:09:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 899
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0

131.153.56.226

200 OK

677 B

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (2139), with no line terminators
Size
677 B (677 bytes)
Hash
a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 07:09:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 677
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0

131.153.56.226

200 OK

934 B

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (2938), with no line terminators
Size
934 B (934 bytes)
Hash
cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 07:09:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 934
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.16

131.153.56.226

200 OK

2.6 kB

URL HTTP/2
the2faces.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.16
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (8183), with no line terminators
Size
2.6 kB (2574 bytes)
Hash
dd9f80be12465f5947a4092e7281a4f6
33eb8ea448e4907593f7c298a170a27ffb8b4f41
0c7145959da577724a50b2d350cc2ce3c53465901ed3ce3c47e4978577df3984

HTTP Headers

GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.16 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 07:03:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2574
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0

131.153.56.226

200 OK

9.7 kB

URL HTTP/2
the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (32004)
Size
9.7 kB (9727 bytes)
Hash
a59589dc39fc1194c21e30ba6dc9b38d
7572fdf7363426efc1eae71f22c9a39ce582e8a6
d6854a032133a0b7056be48ce7840a1a650404a728affca98b5a2c76f4cd427a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:59:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9727
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0

131.153.56.226

200 OK

5.4 kB

URL HTTP/2
the2faces.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (20096)
Size
5.4 kB (5444 bytes)
Hash
d385615f80b24edcab28fcd843b10439
d4b636256c5a9220fe54730d739d988eb67362df
e4c4c14bab6df61e63807a474a2e45200369cce7a1f544f45482d80b3f15707f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:59:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5444
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.magnific-popup.min.js?ver=5.3.0

131.153.56.226

200 OK

7.4 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.magnific-popup.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (21014)
Size
7.4 kB (7368 bytes)
Hash
3a40837be19c52858d8bd03b5e50c277
fff22e3b2869a91f3f5ac39beb752805ff71c41f
3cba67c320d0544bd6a7f2fac5b82651393dbbcecc9a847a25189ffde5c84a3a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/jquery.magnific-popup.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7368
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/owl.carousel.min.js?ver=5.3.0

131.153.56.226

200 OK

11 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/owl.carousel.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (32012)
Size
11 kB (10691 bytes)
Hash
e7f534d7847d30ce1f023300bdedccde
025369b6684d983e230bedbdc430aea6d82fdda7
67d07203123b203687b3e2a9c8aabdb06e0d0f16142548f7ba08d43a33045963

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/owl.carousel.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10691
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/photoswipe.min.js?ver=5.3.0

131.153.56.226

200 OK

12 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/photoswipe.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (31568)
Size
12 kB (11805 bytes)
Hash
228f67095641742446fa2c28590088d8
da8b59210ae15f88faba9a8514764767aa59eaa3
021b64bc2c7e549f42386fc209b93bbcbebf3fec1362e6eec15f57789de9e817

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/photoswipe.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11805
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/photoswipe-ui-default.min.js?ver=5.3.0

131.153.56.226

200 OK

3.5 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/photoswipe-ui-default.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
HTML document, ASCII text, with very long lines (9663)
Size
3.5 kB (3538 bytes)
Hash
d0d2710db942b8c17656fd2c0c7ea62a
496b2b699c815afcc80e420952dc275de7a9a0a7
ffb00bef0ad8e5f2a13d3750021bb5e6a99901dd8f6361f958aade9b771d47ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/photoswipe-ui-default.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3538
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/slick.min.js?ver=5.3.0

131.153.56.226

200 OK

8.1 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/slick.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (32254)
Size
8.1 kB (8117 bytes)
Hash
ddf84dc70c8b452d42e62d2a5586c773
d7d945009accdbb768833945bcdce83a349591e6
ea1150ab1386121ad50b153326560ddb35ef06293f1aace38b016721ed64b4b7

HTTP Headers

GET /wp-content/themes/basel/js/slick.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8117
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.justifiedGallery.min.js?ver=5.3.0

131.153.56.226

200 OK

3.3 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.justifiedGallery.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (10292)
Size
3.3 kB (3269 bytes)
Hash
1e95496f427976d8aa9d80cca7f98210
52fe65bf6eaa3bd03555ef9fa9a1707539eeb9c5
a0d4b0eb1f771b91279250798221316e21efa8d4258cbb0930724576a5ed8430

HTTP Headers

GET /wp-content/themes/basel/js/jquery.justifiedGallery.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3269
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/imagesloaded.pkgd.min.js?ver=5.3.0

131.153.56.226

200 OK

2.2 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/imagesloaded.pkgd.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (6832)
Size
2.2 kB (2233 bytes)
Hash
714c62965ea6a282884385a58aa6214b
9e44d8c1ff92cc14254649029f3001c8e7e4af30
509edd584d1bb4be3dc00cbf7276ea2b498ae703f5da5d8a9f8597cd50094831

HTTP Headers

GET /wp-content/themes/basel/js/imagesloaded.pkgd.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2233
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.pjax.min.js?ver=5.3.0

131.153.56.226

200 OK

3.1 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.pjax.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (8226)
Size
3.1 kB (3139 bytes)
Hash
b6567593e8d4e119b250add08d42862e
2ac0ae88446b18a57c381109734e692479e7a384
1d723c00f7113036f43f378b8f84293a60b35fc3c0c299e0ccb3dfdde4d4c19e

HTTP Headers

GET /wp-content/themes/basel/js/jquery.pjax.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3139
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.countdown.min.js?ver=5.3.0

131.153.56.226

200 OK

1.5 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.countdown.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (3811)
Size
1.5 kB (1505 bytes)
Hash
7d22afb240f34ab9ab9a48ce961875af
fc563c95773bcc66133b8338c2bb904920ada2b7
5baabbe0b1401cdd72e13d6635d096ed71e563572d2c599f0554bca8032f5382

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/jquery.countdown.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1505
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/packery-mode.pkgd.min.js?ver=5.3.0

131.153.56.226

200 OK

10 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/packery-mode.pkgd.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (30452)
Size
10 kB (9953 bytes)
Hash
6223bc3e2a8d692f000b7154cfd0b550
3cedf1a9544699e2648ddf69e46ec275dce14aca
bc34b0e7b372928fcdf13ff9a209e29dc98c09b9e466e123f907887953bd21a1

HTTP Headers

GET /wp-content/themes/basel/js/packery-mode.pkgd.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9953
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.autocomplete.min.js?ver=5.3.0

131.153.56.226

200 OK

4.2 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.autocomplete.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (12783)
Size
4.2 kB (4183 bytes)
Hash
b54a02cc0c2a4a93454e7068baae53ae
775244817eb0a43a5d4071b9305c1f3eb378f50d
8e1d72fed1f5f91eeb3c92879f43c0604aac968bc2026cf3d7ba27caa7ef6e44

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/jquery.autocomplete.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4183
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/threesixty.min.js?ver=5.3.0

131.153.56.226

200 OK

2.5 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/threesixty.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (7483)
Size
2.5 kB (2489 bytes)
Hash
3770633436c4bb470b7e3bfc62a85d1f
ad05a38defd31e487aa3984bd2d9efcc7f500508
430514a58d3ec941a9b9db11fd2fa70f851243a99690f5c22c10c43ceb6ff20a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/threesixty.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2489
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.nanoscroller.min.js?ver=5.3.0

131.153.56.226

200 OK

3.2 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.nanoscroller.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (10166)
Size
3.2 kB (3225 bytes)
Hash
9f0070b4fdd55ad221818235ba070935
8b8c3c2bf26604bf81f6981ac0363d14e121fdef
1c3a8f501ffb3cec62c7030a3e89d637dce065b6558bb332dca892d12f2e66c7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/jquery.nanoscroller.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3225
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.panr.min.js?ver=5.3.0

131.153.56.226

200 OK

560 B

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.panr.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (1331)
Size
560 B (560 bytes)
Hash
a4be0a2bf19b0e5db8ec1920b692207b
6cb6aea62dc3e9a89de45bb7d776f29cc7535644
3be6d5a68692ca56de4e2ba4168bb80d3d554eda551345ea0b9ab158b003dd1c

HTTP Headers

GET /wp-content/themes/basel/js/jquery.panr.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 560
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.parallax.min.js?ver=5.3.0

131.153.56.226

200 OK

280 B

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.parallax.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (558)
Size
280 B (280 bytes)
Hash
557a3d596d9d0710571d20bb3189a90c
9d8d366d1cf30e101397caba445efad5d66450fd
58c8c078be07c4b7128e3004e7c0b4dfd4ef28ce1d1d7f350b121a8519e00743

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/jquery.parallax.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 280
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/vivus.min.js?ver=5.3.0

131.153.56.226

200 OK

3.5 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/vivus.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (10993)
Size
3.5 kB (3525 bytes)
Hash
bb8d9156a243646327ca5b3f6d1045ea
9f047d63274fa75983e6d4964e49cfe4b49843e7
5387002ab82bddfd826ba00bfa8cf5861ea019587f76e851f629ef617e700ab6

HTTP Headers

GET /wp-content/themes/basel/js/vivus.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3525
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/moment-timezone-with-data.min.js?ver=5.3.0

131.153.56.226

200 OK

9.0 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/moment-timezone-with-data.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (32503)
Size
9.0 kB (9025 bytes)
Hash
a9287564402df92b22d4318351fa2ed3
06e3163431f4e0e9bf72d83654610f26cd97d9be
98d95e93da6e63775767f96e35861e7fa92c5c07b4c19d4e2751a3ee3e7cf6ce

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/moment-timezone-with-data.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9025
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/fastclick.min.js?ver=5.3.0

131.153.56.226

200 OK

2.3 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/fastclick.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (7767)
Size
2.3 kB (2297 bytes)
Hash
e25fb1e55f8d35c05082b2f2554b428c
18882d6b8ffe2b2a62179d130c24a404bc21c818
7fe3d504393a8506da381d9a780200f831332789eab58b1b0fb7c5676d06c9a8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/fastclick.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2297
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/jquery.parallax-scroll.min.js?ver=5.3.0

131.153.56.226

200 OK

1.2 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/jquery.parallax-scroll.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (3137), with no line terminators
Size
1.2 kB (1234 bytes)
Hash
f4aab89eacc93c750284e5ce7d09140f
3614678e0018490b1cab314eb85b0cfadc108171
5fb231595049cc81ba78f37c62d5c904cd1000ceb9ae2f2a004bd661924edf64

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/jquery.parallax-scroll.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1234
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/device.min.js?ver=5.3.0

131.153.56.226

200 OK

1.1 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/device.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (3061), with no line terminators
Size
1.1 kB (1115 bytes)
Hash
68d6ff45b78bce2cb185f1accc7c8c2c
8d5eca8a131063bcbc2f5f5409e20b92a99eacea
dc68ae48c2ed65b26f9e56a67b414d53dfab95e8b7a736706ce9783fbbc4f243

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/device.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1115
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/waypoints.min.js?ver=5.3.0

131.153.56.226

200 OK

2.5 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/waypoints.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (7808)
Size
2.5 kB (2460 bytes)
Hash
f53208e094eb231fcd21c6bda22490df
d1b02fb04420a00f22a44acce998c17fdbf2b241
be64d68cd4e74961bd733727b7a68fc3e9c6ca38d77fce07225d2e7c067c40b9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/waypoints.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2460
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/functions.min.js?ver=5.3.0

131.153.56.226

200 OK

22 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/functions.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (32021)
Size
22 kB (21788 bytes)
Hash
43803249da6db20edeba74eb13924939
3c80708ada408c7a3babdda471c2bcda546f4be0
219f6f377c0399d37daefafd495d3025ffebaf3007b64d0d4f60746d6f0bf68e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/functions.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21788
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-includes/js/underscore.min.js?ver=1.13.4

131.153.56.226

200 OK

7.2 kB

URL HTTP/2
the2faces.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (18798)
Size
7.2 kB (7179 bytes)
Hash
f4bb18d2e152ba945cb63980362f40e9
925f93a6c4ee411e97d8dc3186f9d66c4b5169ab
16ab496a6c74f5f272f7a5c31e9cb69c753fea994396ef6deacf641180ad317b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:38:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7179
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-includes/js/wp-util.min.js?ver=6.1.1

131.153.56.226

200 OK

690 B

URL HTTP/2
the2faces.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (1391)
Size
690 B (690 bytes)
Hash
ebe552e54e3815c6867913d252ff2a79
4982bd9ba944833e821be18419ad8408290f5d75
8b0aedc73b1d41ab59c0ad42553259c90458cfb72b149946a3bae3298c012e40

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:38:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 690
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.3.0

131.153.56.226

200 OK

3.4 kB

URL HTTP/2
the2faces.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (13880), with no line terminators
Size
3.4 kB (3431 bytes)
Hash
459fba86094e948f2046f4607bc0c02f
5b41f2b77e93fdcd7e8f0f5d1c50dd51b8a45f7c
71feb5b709466deb028daa294a0f3eb5f8f6658cdb912a463162f6d1404d5412

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 07:09:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3431
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0

131.153.56.226

200 OK

42 kB

URL HTTP/2
the2faces.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (65358)
Size
42 kB (42034 bytes)
Hash
6d4b0d5a5a72ede7cb1b41f1888b1472
36bf958ff03d07059e93bd8388f75ba5cbf9044b
f4adbeefd0b26c8c194986bb2f09825ddad65a562ae5718de1e76d7ba653a0d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Wed, 14 Sep 2022 13:59:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 42034
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

131.153.56.226

200 OK

30 kB

URL HTTP/2
the2faces.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:38:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30324
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/sweetalert2/sweetalert2.all.min.js?ver=1674724881

131.153.56.226

200 OK

18 kB

URL HTTP/2
the2faces.com/wp-content/plugins/dokan-lite/assets/vendors/sweetalert2/sweetalert2.all.min.js?ver=1674724881
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (42890)
Size
18 kB (17585 bytes)
Hash
bce5123b1c88ee06bad587768c307904
8ab95da62b9d26e1da5b2364b26031d2c4ed29ae
876d4906504bb7380271c7ab6ee0ddb7eaac4d65ed46913de023eb8d9800d4e5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/dokan-lite/assets/vendors/sweetalert2/sweetalert2.all.min.js?ver=1674724881 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 09:21:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 17585
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4

131.153.56.226

200 OK

18 kB

URL HTTP/2
the2faces.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (57929), with no line terminators
Size
18 kB (18191 bytes)
Hash
adc8e5e289033608a7aae2bda440d515
5cc51f365289bcd3224089d0ac42bda85d1b0be6
224103b39dd02aedf6b1197021b0abf49991cb2a1ba16983a901abc71a7ae08b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/vendor/moment.min.js?ver=2.29.4 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 03:38:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18191
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/TweenMax.min.js?ver=5.3.0

131.153.56.226

200 OK

35 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/TweenMax.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
35 kB (35204 bytes)
Hash
720453b24b12d3415eea7fa3cf152e38
94da835bd2b6b8122facc7a5f4c711ad503b8ce8
fcf382a17b24e35dc672e0b8de33bbdf468fac9834bef504ab3ae51d658330dc

HTTP Headers

GET /wp-content/themes/basel/js/TweenMax.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 35204
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/js/moment.min.js?ver=5.3.0

131.153.56.226

200 OK

17 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/js/moment.min.js?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (32013)
Size
17 kB (16697 bytes)
Hash
c2c3d81ef3fea8f495f441190ab79a59
d0af7f627f648b6f1925047152d04fb0f8be9fe0
944f814ff450e31700bbf59311bb71d71b456b39190d436c14bd42dc1d793076

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/js/moment.min.js?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Wed, 14 Sep 2022 13:46:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16697
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.2

131.153.56.226

200 OK

101 kB

URL HTTP/2
the2faces.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.2
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
ASCII text, with very long lines (64288)
Size
101 kB (101419 bytes)
Hash
f0c6dcea1ad106d9d868e404f2b53471
b88cc8ed95ae068c81dd617fe25776ebaac077bf
5dd56a73b90c84e85337750b768e7f2d6da617c8e2fb398ae2969588bb8fd4e0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.2 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 21:55:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 101419
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/uploads/2022/10/The2Faces-Logo1a-1.png

131.153.56.226

200 OK

90 kB

URL HTTP/2
the2faces.com/wp-content/uploads/2022/10/The2Faces-Logo1a-1.png
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
PNG image data, 900 x 383, 8-bit/color RGBA, non-interlaced\012- data
Size
90 kB (89505 bytes)
Hash
377c793106bb0aeb96399f865ac4a5bd
7e3a0d7a7ccc75184c463d81cb7f6ac928418217
63bdde344a828a47e603d674cee7a9547d0531b07b164982c2e55080e9317bd3

HTTP Headers

GET /wp-content/uploads/2022/10/The2Faces-Logo1a-1.png HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: image/png
last-modified: Mon, 31 Oct 2022 20:31:13 GMT
accept-ranges: bytes
content-length: 89505
date: Sun, 05 Feb 2023 14:07:46 GMT
vary: User-Agent
X-Firefox-Spdy: h2

the2faces.com/wp-content/uploads/2022/10/The2FacesLogo.png

131.153.56.226

200 OK

50 kB

URL HTTP/2
the2faces.com/wp-content/uploads/2022/10/The2FacesLogo.png
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
PNG image data, 600 x 507, 8-bit/color RGBA, non-interlaced\012- data
Size
50 kB (49624 bytes)
Hash
c646b3af231c0f19795dd4d3a6f5d4df
047ed4f9bcb338bf6228bbb66c8dbebb09d7a8e6
67c6ba71a192de60a39a507b155910f33c2795d8b9749e648619ea1ce1d7b59b

HTTP Headers

GET /wp-content/uploads/2022/10/The2FacesLogo.png HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: image/png
last-modified: Mon, 31 Oct 2022 20:17:29 GMT
accept-ranges: bytes
content-length: 49624
date: Sun, 05 Feb 2023 14:07:46 GMT
vary: User-Agent
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5164
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 14:07:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5164
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 14:07:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5164
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 14:07:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5014 bytes)
Hash
5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:24:01 GMT
age: 9826
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12967 bytes)
Hash
8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 37488
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:05:45 GMT
age: 57722
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9579 bytes)
Hash
b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: 377c182d-43e8-4251-8731-6364d29fb955
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRFs0oAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-1ad3e68f50fc15707ec0406a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sUtUjqOLpq42m22bLgmLggmPbtatZC01og_xzkVI1o8rJtAnvhvqHA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:15:26 GMT
age: 85941
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6202 bytes)
Hash
251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:30:31 GMT
age: 9436
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8909 bytes)
Hash
a032104cf4ccc6ea31f163ca16386487
a0573916c3d72f0554928963c0a74413fdcb3558
8ba7b6e9b3fa28f6fd27f5f006cedac10f50d7da6c109155a2476cf04f4df932

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8909
x-amzn-requestid: 29f57721-99ae-4927-b324-b0a40668e2f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqEPuIAMFqpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-156c25027894630b61e5770c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6-RtedWR4ubEBwe85bNcobzqb2Cy9aEUzyT3tlhJ95zD5SgiuS7coA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:18:03 GMT
age: 56984
etag: "a0573916c3d72f0554928963c0a74413fdcb3558"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:07:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2

216.58.207.227

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21248, version 1.0\012- data
Size
21 kB (21248 bytes)
Hash
481105857aba99f91faa3cd9a360e8e1
a2d8dcb59555878d359c2bebbc8be6985d26d7d2
f8c2240958cb1fff47d921ca0f3097f9e7403ada01af2382477ef42c404c38d4

HTTP Headers

GET /s/karla/v23/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://the2faces.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:14:49 GMT
expires: Sat, 03 Feb 2024 10:14:49 GMT
cache-control: public, max-age=31536000
age: 186778
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:07:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2

131.153.56.226

200 OK

76 kB

URL HTTP/2
the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636\012- data
Size
76 kB (75760 bytes)
Hash
832f6e62aaf3909d6b94c8a9c1e4dd51
4a06418cb56a66af5a1c0f59791469dea1dc87fa
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:47 GMT
content-type: font/woff2
last-modified: Wed, 14 Sep 2022 13:59:46 GMT
accept-ranges: bytes
content-length: 75760
date: Sun, 05 Feb 2023 14:07:47 GMT
vary: User-Agent
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:07:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

the2faces.com/wp-content/themes/basel/fonts/basel-font.woff?v=5.3.0

131.153.56.226

200 OK

8.1 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/fonts/basel-font.woff?v=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
Web Open Font Format, TrueType, length 8096, version 1.0\012- data
Size
8.1 kB (8096 bytes)
Hash
86b8298a7cbf60b3f3794c0420ba8ff1
7700471e85f1319e14e1024b62ad6778ba4a33bb
43ac0e033311820c6d1208caffb7672ee831e82fad2d4d333cf5b2ac43412478

HTTP Headers

GET /wp-content/themes/basel/fonts/basel-font.woff?v=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://the2faces.com/wp-content/uploads/2023/01/basel-dynamic-1674414489.css?ver=5.3.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:47 GMT
content-type: font/woff
last-modified: Wed, 14 Sep 2022 13:46:07 GMT
accept-ranges: bytes
content-length: 8096
date: Sun, 05 Feb 2023 14:07:47 GMT
vary: User-Agent
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/fonts/Simple-Line-Icons.woff?v=5.3.0

131.153.56.226

200 OK

53 kB

URL HTTP/2
the2faces.com/wp-content/themes/basel/fonts/Simple-Line-Icons.woff?v=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
Web Open Font Format, TrueType, length 53444, version 2.0\012- data
Size
53 kB (53444 bytes)
Hash
0bbfc705e37a927ce2ae72b749b3154d
c7f8307972e263ccb2de346cfd4890ae3ad15c7e
72bbd904eec22882287e50b2f64987560c8646abc0b8e942366a272a4fe7cd39

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/fonts/Simple-Line-Icons.woff?v=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://the2faces.com/wp-content/uploads/2023/01/basel-dynamic-1674414489.css?ver=5.3.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:47 GMT
content-type: font/woff
last-modified: Wed, 14 Sep 2022 13:46:08 GMT
accept-ranges: bytes
content-length: 53444
date: Sun, 05 Feb 2023 14:07:47 GMT
vary: User-Agent
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2

131.153.56.226

200 OK

75 kB

URL HTTP/2
the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
Web Open Font Format (Version 2), TrueType, length 75368, version 330.32636\012- data
Size
75 kB (75368 bytes)
Hash
859c4002d9954718cac1ddea5555698f
2392ce297c92bcf2c7d5a4c461a582dadc8039c8
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://the2faces.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:47 GMT
content-type: font/woff2
last-modified: Wed, 14 Sep 2022 13:59:46 GMT
accept-ranges: bytes
content-length: 75368
date: Sun, 05 Feb 2023 14:07:47 GMT
vary: User-Agent
X-Firefox-Spdy: h2

the2faces.com/wp-content/uploads/2022/11/favico2fa1.png

131.153.56.226

200 OK

20 kB

URL HTTP/2
the2faces.com/wp-content/uploads/2022/11/favico2fa1.png
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19582 bytes)
Hash
fc578fb38830e5d30649ca5afdf15d7c
b43cef8e9f77751492f5f1711834ee1f9747741d
8b944702fd41b1ea683fa899ecababedf5e961381afc4cc49850f112341d1295

HTTP Headers

GET /wp-content/uploads/2022/11/favico2fa1.png HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:47 GMT
content-type: image/png
last-modified: Tue, 01 Nov 2022 16:58:11 GMT
accept-ranges: bytes
content-length: 19582
date: Sun, 05 Feb 2023 14:07:47 GMT
vary: User-Agent
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 13:45:20 GMT
expires: Sun, 05 Feb 2023 15:45:20 GMT
cache-control: public, max-age=7200
age: 1348
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

the2faces.com/?wc-ajax=get_refreshed_fragments

131.153.56.226

200 OK

284 B

URL HTTP/2
the2faces.com/?wc-ajax=get_refreshed_fragments
IP
131.153.56.226:0
ASN
#19181 CWIE

File type
JSON data\012- , ASCII text, with very long lines (570), with no line terminators
Size
284 B (284 bytes)
Hash
afa72a9de169557010693a4ce454acf5
467e6806be68eae67172c01dfa3d262c0fe6ead1
a02dbf8ed811e732d91dbc094714eccd93550dda8e24bf0d2958438fbf161764

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://the2faces.com
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://the2faces.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 284
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 05 Feb 2023 14:07:48 GMT
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-Z4SEZ08TMD&gtm=45je3210&_p=912283657&gdid=dZTNiMT&cid=879202572.1675606109&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675606108&sct=1&seg=0&dl=https%3A%2F%2Fthe2faces.com%2Fwp-content%2Fdownload%2FFile_pass1234.zip&dt=P%C3%A1gina%20no%20encontrada%20%E2%80%93%20The2Faces&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-Z4SEZ08TMD&gtm=45je3210&_p=912283657&gdid=dZTNiMT&cid=879202572.1675606109&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675606108&sct=1&seg=0&dl=https%3A%2F%2Fthe2faces.com%2Fwp-content%2Fdownload%2FFile_pass1234.zip&dt=P%C3%A1gina%20no%20encontrada%20%E2%80%93%20The2Faces&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-Z4SEZ08TMD&gtm=45je3210&_p=912283657&gdid=dZTNiMT&cid=879202572.1675606109&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675606108&sct=1&seg=0&dl=https%3A%2F%2Fthe2faces.com%2Fwp-content%2Fdownload%2FFile_pass1234.zip&dt=P%C3%A1gina%20no%20encontrada%20%E2%80%93%20The2Faces&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://the2faces.com
Connection: keep-alive
Referer: https://the2faces.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://the2faces.com
date: Sun, 05 Feb 2023 14:07:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

the2faces.com/wp-content/download/File_pass1234.zip

131.153.56.226

404 Not Found

0 B

URL HTTP/2
the2faces.com/wp-content/download/File_pass1234.zip
IP
131.153.56.226:0
ASN
#19181 CWIE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/download/File_pass1234.zip HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://the2faces.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sun, 05 Feb 2023 14:07:46 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Karla%3A400%2C400italic%2C700%2C700italic%7CLato%3A100%2C100italic%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=5.3.0

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Karla%3A400%2C400italic%2C700%2C700italic%7CLato%3A100%2C100italic%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=5.3.0
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Karla%3A400%2C400italic%2C700%2C700italic%7CLato%3A100%2C100italic%2C300%2C300italic%2C400%2C400italic%2C700%2C700italic%2C900%2C900italic&ver=5.3.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 14:07:46 GMT
date: Sun, 05 Feb 2023 14:07:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

the2faces.com/wp-content/themes/basel/style.min.css?ver=5.3.0

131.153.56.226

200 OK

0 B

URL HTTP/2
the2faces.com/wp-content/themes/basel/style.min.css?ver=5.3.0
IP
131.153.56.226:0
ASN
#19181 CWIE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/basel/style.min.css?ver=5.3.0 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: text/css
last-modified: Wed, 14 Sep 2022 13:46:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 113551
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

the2faces.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.2

131.153.56.226

200 OK

0 B

URL HTTP/2
the2faces.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.2
IP
131.153.56.226:0
ASN
#19181 CWIE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.2 HTTP/1.1
Host: the2faces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://the2faces.com/wp-content/download/File_pass1234.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 14:07:46 GMT
content-type: application/javascript
last-modified: Thu, 06 Oct 2022 22:20:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 59937
date: Sun, 05 Feb 2023 14:07:46 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (64)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML