web.track4face.com/
85.214.167.154301 Moved Permanently 303 B IP 85.214.167.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f8130c485c868977ce0916ddef8ce799
b1bc3f5e44d4f3d0c4ec652bf6a6f7f0f27560e7
49aeba9838171f22aef3d58aede536e655607a480afa7800582a95fd3ca06976
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: web.track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 05:19:12 GMT
Server: Apache
Location: https://web.track4face.com/
Content-Length: 303
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8924
Expires: Fri, 09 Dec 2022 07:47:56 GMT
Date: Fri, 09 Dec 2022 05:19:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2582
Expires: Fri, 09 Dec 2022 06:02:14 GMT
Date: Fri, 09 Dec 2022 05:19:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 05:08:17 GMT
content-type: application/json
age: 656
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19212
Expires: Fri, 09 Dec 2022 10:39:25 GMT
Date: Fri, 09 Dec 2022 05:19:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1yeTI4B23XO7/gUYLUrI4kLAPTRAPdYs3ur6NqgjETgj6931lxR5nCW0acB9+AS1uXUDe8GwyYw=
x-amz-request-id: KVQ6JBYDBX434WN4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 04:50:07 GMT
age: 1746
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 05:19:13 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2278bd484dffcc9d4f02161a12241bf5
52733051f979f5c666d8fb18c607d22b452c5a20
18cf08d75dce38b29055f3a04d22d5fea0e62e2e9b1bb1a0c70cd3aaaed92204
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18CF08D75DCE38B29055F3A04D22D5FEA0E62E2E9B1BB1A0C70CD3AAAED92204"
Last-Modified: Thu, 08 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 11:19:13 GMT
Date: Fri, 09 Dec 2022 05:19:13 GMT
Connection: keep-alive
web.track4face.com/
85.214.167.154301 Moved Permanently 0 B IP 85.214.167.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: web.track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://track4face.com/
X-Powered-By: PHP/7.3.33, PleskLin
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 05:07:55 GMT
age: 678
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b21d59a6f8b3e39aeda7f4ad03921a1b
4826030b60558c1cd0043b8204ac42f8dcf8c4f6
6bd1b301dc53b9c3433364a2db79dcafbbed1be56a501459a2e59c9f65ace989
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BD1B301DC53B9C3433364A2DB79DCAFBBED1BE56A501459A2E59C9F65ACE989"
Last-Modified: Thu, 08 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 11:19:13 GMT
Date: Fri, 09 Dec 2022 05:19:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2203
Cache-Control: max-age=102262
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:13 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:43:35 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
track4face.com/
85.214.167.154200 OK 16 kB IP 85.214.167.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2780), with CRLF, LF line terminators
Hash 555752706557186034af66d38a09df5d
a05b998b3ffba4aa4b703ead76b45b3df5cc60ad
db56364a8426bf4a975f43e454b7ccfc9cd1b18bd3d1928e5b69f6218062704b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Thu, 08 Dec 2022 04:07:34 GMT
ETag: "138f4-5ef492d47a056-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 15992
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
track4face.com/wp-includes/css/dashicons.min.css?ver=6.0.3
85.214.167.154200 OK 36 kB URL HTTP/1.1 track4face.com/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "e688-5e41d9997db23-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 35730
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (12784), with no line terminators
Hash 079ec719b83eb7ccd0a797522f932e1c
ac7d7878d6194d8d24d3a3caead247eddbb6c2d2
97375050dbf77b0b5d4d5d5332a8e3ecbb53c14c946fea69aea118b1b23cf81d
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "31f0-5ee3909a78f98-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2355
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0
85.214.167.154200 OK 3.5 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (17306), with no line terminators
Hash fb72d808bd2724524dd9363774e5a9b0
05b7012b31b69c6074f6dfc19ac47ec1df5458fb
1e7c2c7e02ee5502ea741c96e9ebc264560394e28ac3d0b686bbe8b6748eb34d
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "439a-5ee3909a7a320-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
85.214.167.154200 OK 972 B URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 85.214.167.154:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 16:50:01 GMT
ETag: "aab-5eb65fff39df4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 972
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2
85.214.167.154200 OK 351 B URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (815), with no line terminators
Hash a13956f69577ca337f027c988424cfed
13fd1d4c866969bce2032e04997819f869b646fd
2b035611bb4e8f78229b53d6ee08081a3e264549778c39c4c153deb74c98a794
GET /wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:05 GMT
ETag: "32f-5ee3909a6244f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 351
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
85.214.167.154200 OK 21 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (65317)
Hash 88e86ee445f68f6886c681359e37ab99
f8dd93c67bee8aeca28eb8a7aa641891154a6082
3a36c188775116edca6f0dcfbeec0f04081109b20aad3ee0f15a142feaf01e86
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:05 GMT
ETag: "18d4d-5ee3909a5e1e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 20747
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3
85.214.167.154200 OK 124 B URL HTTP/1.1 track4face.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with CRLF, CR line terminators
Hash 893dd4d34591cb544851b5a41747cdfd
e8585a3187cfaa2288f0cb48e5696929306b7615
1de5e3983dd9d63c6d92bc1543a4ae8978b38fbaa8d79fbbc2035c62a68cd7cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 06:54:08 GMT
ETag: "13c-5e71f6174a371-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 124
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6
85.214.167.154200 OK 817 B URL HTTP/1.1 track4face.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6
IP 85.214.167.154:0
Hash acb1ca96c3af9a9dadfff5495182ab8d
5ea2bd06354f3b03ca74f28a4ea98b13ad600985
89dedebaac821c638da0e023753c5a2ce5852a9f472c876e40313e7ebeeae5cb
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 06:46:56 GMT
ETag: "a6b-5e7e872173791-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 817
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4
85.214.167.154200 OK 16 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (26678), with no line terminators
Hash 96f047f2d846f2ed046432a3db5efd25
8ffc1540379ba3303d4175a33bdd368f4b66c014
a8c14a2183c5ae62eacf0eb3dd49b516826624c19059e6b6654ecb383abc2484
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "6836-5ee3909a7b2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16083
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
85.214.167.154200 OK 713 B URL HTTP/1.1 track4face.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (2723), with no line terminators
Hash 7e67979bdd7b91ff88c5113cd3db186e
1ef16fddac63946359c3d47b46d1985c3961ea26
10f99207a897bca4be545b3a4a330907e90e0dc49326c774946393ed4adcd83c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 08:32:23 GMT
ETag: "aa3-5e9e0d54b2cc3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
85.214.167.154200 OK 13 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash b519a21e842ed2a5ef25dd4e672f2b07
6ef5ae70007332f52e98a2b6075e019f663cf45e
ce51ceb46e7bc646f8212ed1f8a0089f5e3abc5236d0e323749e575b41ad27f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:13 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "ea95-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12635
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
85.214.167.154200 OK 324 B URL HTTP/1.1 track4face.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (1463)
Hash 003e878cbefe183c4b539589b1b7c197
21a119cd156b0b458e042fc4b1e1d446f65e5c6c
335231715a0685b94d368e9201e549fe894fb579971483994a2d02966e39ef8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:58 GMT
ETag: "5b8-5b5c72a65fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 324
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
85.214.167.154200 OK 11 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 421e33e62e4ea1b59a2e7529e6ddc298
78687bb8e27bb5426aef6b39e80e8f68186cb503
ab4f6fab4c03192f5ff3ebefd22ec1991992fe8a457a9f33aedb8860fb0facef
GET /wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "10497-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10860
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
35.163.62.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.62.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J/P0yXeZqSNixP7pN5y6cg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6bIlUsN2hv5HeoBH1tlXdIiVOiQ=
track4face.com/wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css
85.214.167.154200 OK 7.1 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "7918-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7053
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
85.214.167.154200 OK 10 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (56219)
Hash c382473eaa9b8fa36e1c7ed1fa5e6297
f35a8506e5a9b332969d9e38b22bed137b9a3682
732d8e0451539ca235c19ad8aa4ee5d32522726e50d0ea60620a78742f68908b
GET /wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "ddcb-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10449
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
85.214.167.154200 OK 4.9 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (22932)
Hash d62df1ab27a8942df10213d55213d8a0
3ee31e22b08ab52c7d8686e25ad7a9c014ffdcbe
680153ad00086a5c9ade347df9abe6ab564f77b43300e61ebe9a829bf09a03d8
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "5f4f-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4873
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
85.214.167.154200 OK 46 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (65358)
Hash 2fe906250b403a8535d316cdf1e8a808
7b84d27dd294fe145beec5801fc2d8d5a00d611b
655f96cc6f8ea662c046fd64382639c7a9b5c9a936645beb200653b4880e51e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "76828-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 45790
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
85.214.167.154200 OK 1.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (3324)
Hash 68701206290364f6fa17cf3091c0b0a5
2f0f35c59b9b7cfd42d0cc6295cca0b514d1e98c
5f72c1c862a81b47765b2c6ad27e9172413c626e4aa459a3b51037b00a255e20
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "d37-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1016
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
85.214.167.154200 OK 5.8 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
IP 85.214.167.154:0
File type ASCII text, with CRLF line terminators
Hash 364348532497274e79e5f445baffcdc2
b96f882564d89d5b915236bc8261544ad73e8272
5062be02a19036880c15eef6c91c7967c529c2ca0c77eca6752a52ca44ed69be
GET /wp-content/themes/ave/assets/vendors/fresco/css/fresco.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "9013-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5792
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/style.css
85.214.167.154200 OK 939 B URL HTTP/1.1 track4face.com/wp-content/themes/ave/style.css
IP 85.214.167.154:0
Hash 01809d5540603f71d7b6636ee0444a46
849a952ee2cd4786d3af6595c9b882901d1825c7
3e73f3793c2f2fc50e142c447106b465a3cdca52f7caadc51b16c2181aaf23ff
GET /wp-content/themes/ave/style.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "a73-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 939
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1670472439&ver=6.0.3
85.214.167.154200 OK 9.7 kB URL HTTP/1.1 track4face.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1670472439&ver=6.0.3
IP 85.214.167.154:0
Hash 6d08df2cffbd8a1d3c79eacad2194b0d
e8e721fcdc6a3ec2a47f69a440232c638b3071f8
839e103f25b4174a797aff447275d30683fb0c19de668f5bdfacf367bf6a0fdd
GET /wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1670472439&ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2022 05:04:39 GMT
ETag: "145fd-5ef5e17380bb3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 9724
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
85.214.167.154200 OK 4.2 kB URL HTTP/1.1 track4face.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "2bd8-5e41d999af035-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4169
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
85.214.167.154200 OK 31 kB URL HTTP/1.1 track4face.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "15db1-5e41d999b07a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 30908
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/css/theme.min.css
85.214.167.154200 OK 63 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/css/theme.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7609aff32f25e19a4264ad454d538ef4
9de492b94f339a2cecd1e66fc2766996d3fea3c0
cf2074cb0d74ee812a44497d909fabf9eb2202a74df9e680fc2d732123f6b6b3
GET /wp-content/themes/ave/assets/css/theme.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "5e624-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 62968
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
85.214.167.154200 OK 45 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
IP 85.214.167.154:0
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 093bc5236e1d2dac0687190591816376
a00cc34c822166c88d68744f65fb4274ab5509da
821f75e48e46128443a39eb58aba687be440465b600424fa3bf5fb2cffe166ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "1d25a-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 45119
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (5404)
Hash 44b792c238f3501d1b4b963ac9623d8c
7764cc96ca92912d26a43d8fa6da50a18d774e2f
2df606867783ce8f7233a310f998ad891f0c1ab06e776c9077ea362c482c027c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/modernizr.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "15ce-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2446
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3
85.214.167.154200 OK 892 B URL HTTP/1.1 track4face.com/wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (2025), with no line terminators
Hash 1851a6fcd8f93b31aec2b9385c08b1dc
82af3ef16e19130490ee48af2c73be8401a0531e
795e34433e30791c3c3e97c1db060d467bac103ef78c5ecad17e25f360787e6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:58 GMT
ETag: "7e9-5b5c72a65fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 892
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
85.214.167.154200 OK 84 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
IP 85.214.167.154:0
File type ASCII text, with very long lines (64268)
Hash 832e7ee9644c8e7cdb5d9add8be524f3
127ddec0392e3876cd6b08a6f2a72bf0a6c07300
322186ed7a97a958e5b3d64eaff2a2c3b955b760e9da0b7e44d305b4cf2f9f9e
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "4fd58-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
track4face.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
85.214.167.154200 OK 5.0 kB URL HTTP/1.1 track4face.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "48b9-5e41d999c9616-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5009
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
85.214.167.154200 OK 12 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (56243)
Hash 56ff26e4540fe0eb470200be12da9539
e55c1cf13307417eb0721280047dfe0a7e870752
41bd8b382a880ae6ec59d84506d7b5ba03c23eb9dd5b4044eb8f50e182fb39f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "dc69-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12251
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
85.214.167.154200 OK 2.9 kB URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 16:50:01 GMT
ETag: "26d1-5eb65fff3b94c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2937
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
85.214.167.154200 OK 4.0 kB URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 85.214.167.154:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 16:50:01 GMT
ETag: "3016-5eb65fff3923c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3957
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
85.214.167.154200 OK 1.6 kB URL HTTP/1.1 track4face.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
IP 85.214.167.154:0
Hash 62c642c72a7a6f14e1537dbf13c38fc3
e34220a94267a2ba69e2eb20570cd51e92dc1ef6
f41feba544c18f3faa2ec91a3edcb553ec456530791f2d827ec6afb4fc578202
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 06:54:08 GMT
ETag: "1f8a-5e71f617493d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1617
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
85.214.167.154200 OK 2.5 kB URL HTTP/1.1 track4face.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 85.214.167.154:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "194b-5e41d999a9e2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2457
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
85.214.167.154200 OK 7.1 kB URL HTTP/1.1 track4face.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "4ac6-5e41d999abd6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7095
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
85.214.167.154200 OK 507 B URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (999), with no line terminators
Hash 22f32f77e17fa7640cda0a401c2b0844
019765feeed7ea2a9e9e506ce000978ea3ecd171
269c0f075ceb9464731b25afc21ae41536b76ef76bf0cf856c42e3e6311ec6ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Wed, 19 Oct 2022 16:50:01 GMT
ETag: "3e7-5eb65fff23e63-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 507
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
85.214.167.154200 OK 2.9 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6485)
Hash d74b132d612e4d48644b3d2e94126668
0f14ca438d1caac87cfdc815b8ac941c740e24dd
7228b214ba7d6c784c6b0b6486ed5afc6c393f48ae1eb47bcb57463613dd6622
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "19c9-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2895
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/fresco/js/fresco.js
85.214.167.154200 OK 16 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fresco/js/fresco.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (65351)
Hash fd584a0e4070600f9746ac2c965f793a
30bb8cf454f96b6e18d1e8347ab6ddd7c35e94be
5ce92f55b576be6bdc095b7ecdad6153e0c76ba2bd318ef1a16136f28c7561fa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fresco/js/fresco.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "121cf-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16259
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
85.214.167.154200 OK 5.8 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (20420)
Hash e8be176bc921ba9b9fc61c8e772eda55
aaad6760bd966f8883fd3f6447bc1d417ae22dda
91a255f6e4a1a0442206789b2cb71b3b4c834653f3e6bddb57624db4ff6a5c78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "509f-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5825
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
85.214.167.154200 OK 3.7 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (8499)
Hash 2ef06a44f7748a6a0fb05f14c2aa7b5c
c0fe4fa5f090985eb554496d71cc9bf430ef1569
42670d6e73486f23491d99917a5ffd19b1ca73aca1018e792cb54b17ae352112
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "232c-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3743
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/vivus.min.js
85.214.167.154200 OK 4.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/vivus.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (11871)
Hash 1eb4007fcae41795efce53b86dbc528a
48ad1996d9771e06a9c0f629a57960b2e030acde
23382c89a808ca1a932966faabdbde13ef681fccc35fcc9dd50cfee8176c5a88
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/vivus.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "2ef6-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3975
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842
85.214.167.154200 OK 3.1 kB URL HTTP/1.1 track4face.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842
IP 85.214.167.154:0
Hash ad314d2db2c48594aa8b09710bc3079d
1950b9c4c3340bbbaa98f46356f97022168fc90d
7f8ff5c122f2e7541f68a7cdb54b120a4d2ee50206a26df7be33a1c71ad640e0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Fri, 02 Dec 2022 03:30:42 GMT
ETag: "29ed-5eecff66493df-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3086
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
85.214.167.154200 OK 7.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (26402)
Hash 16e18d529c46ab688020513c4ba84520
67374012c1416073e0ee4fdbb13dcb2fec2a7aca
a0d132048e8963e669e7a27c4a20fe999945954fa74253ecc3364d622e44391a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "68af-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7224
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
85.214.167.154200 OK 2.6 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6765)
Hash 3b5b72390b2ee4f25583c53ca4cfc91c
28050a0d22ec4d857182fd8c79bcffaaa0236473
db670df9389dffa7acc4a05cc3941874204dc4996f14aa2cbb1e06c0dc715e0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/intersection-observer.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "1cd8-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2641
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
85.214.167.154200 OK 1.8 kB URL HTTP/1.1 track4face.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "15fd-5e41d999ac924-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1834
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/anime.min.js
85.214.167.154200 OK 7.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/anime.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (17169)
Hash 6b775f5a553f15b26598a3a7a4681f38
d2e2e17783d72a4d25d475ae8deba7192598bcbe
388357780250aec928ffe5141bcd26f0fe0c457844c5765573ec0eb11f78d122
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/anime.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4378-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6976
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
85.214.167.154200 OK 30 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (32482)
Hash 22d2613b2c9183365806419244ca2fa7
805745a47582e3ecd41e5c205088efcb358c813b
fbe6441d283a0ba340faf5f87e328484790a93657f137b007b9b4ee4c054b4c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "1a3a8-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 29851
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
6.1 kB URL track4face.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
IP :0
File type gzip compressed data, from Unix\012- data
Hash df0a3fe3812df69e308b78d09c259b38
6d4d38af412d5ba2a2c65392b608fb77469f94d3
9ecad2704bf1341e76d4e8e285c63fc7e7b302117caa66f3dd665be7038dd400
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6342)
Hash a1868686d0085f8ac4924a4d0c23fc9d
47d46ea30f131aeb0872eb088a4bc6667c5a2457
e7db67a7207a0f24ee95bd6bda57cd83bc0dec71dbfa970972efb66cd4ed115c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lazyload.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "18c7-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2387
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
85.214.167.154200 OK 2.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (1031)
Hash 6571b1c666b4a16227a30c90297202d2
8f0944bab38c3010140fae08923b594201908447
22e9cfa85e0c34d752c7168a80175f4c37c84fa92ebd95367715c4badddd390f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fontfaceobserver.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "16fc-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2200
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:14 GMT
Last-Modified: Fri, 09 Dec 2022 04:55:42 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:14 GMT
Last-Modified: Fri, 09 Dec 2022 04:55:42 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
track4face.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
85.214.167.154200 OK 5.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (14677)
Hash d1cf4e234cc58dff036e036e7a281061
a2cd07181f3eaea1c2368b29e3ef2d222f085187
e4e40521c1a34232c308420d0e956ef8e5a2c777646177db3668b91698309568
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/tinycolor-min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "39bc-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5243
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0
142.250.74.164200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash eabeb282ab0b0bf88eadca3a0ece531b
1b18d337f99d82cab6c78aeea8ea6817a1adae0b
79b4e6caeb036524799091bf8b537ef4a7ac5f308dc03f1d440aa2fffc32f0ed
GET /recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Dec 2022 05:19:14 GMT
date: Fri, 09 Dec 2022 05:19:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track4face.com/wp-content/themes/ave/assets/js/theme.min.js
85.214.167.154200 OK 40 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/js/theme.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (31973)
Hash 4ce1782d837af56e1b1ad44ec2d62124
0caaaa068b2dd22acf929b5bb99eadb5fdab502b
6d806b605d4bd510b2687e7543869c153d3a440c6a33961597dd081adc1e1396
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/js/theme.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "3068e-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 39579
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:14 GMT
Last-Modified: Fri, 09 Dec 2022 04:55:42 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
track4face.com/wp-content/uploads/2022/08/umbrella-beach-solid-1.svg
85.214.167.154200 OK 960 B URL HTTP/1.1 track4face.com/wp-content/uploads/2022/08/umbrella-beach-solid-1.svg
IP 85.214.167.154:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e7b30864d3328a982c302ae9681e68e3
f5d732d6c0b5a506ea02d7c052c5c0e532b0212b
1d52995faad5c954417f3d572ad621b16d971d0d9acd54a4c4a57b7cf03be4fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/umbrella-beach-solid-1.svg HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Wed, 24 Aug 2022 10:34:12 GMT
ETag: "3c0-5e6fa38cc2c26"
Accept-Ranges: bytes
Content-Length: 960
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/svg+xml
track4face.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png
85.214.167.154200 OK 600 B URL HTTP/1.1 track4face.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png
IP 85.214.167.154:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 06:46:56 GMT
ETag: "258-5e7e87218e92a"
Accept-Ranges: bytes
Content-Length: 600
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/white-copia-300x60.png
85.214.167.154200 OK 8.2 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/white-copia-300x60.png
IP 85.214.167.154:0
File type PNG image data, 300 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c07631cf5b93d1fa7f083bf4c86a3fe
d015b0383bab3a8dd4c5fa503a6ca9f246d96c4c
0269f74c8fd75159b32f3b51ee61975e5ea74e8f9015c03b2bf8653480d60ec4
GET /wp-content/uploads/2022/05/white-copia-300x60.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:53 GMT
ETag: "1ff8-5dfe7cbd515d4"
Accept-Ranges: bytes
Content-Length: 8184
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/white-copia.png
85.214.167.154200 OK 17 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/white-copia.png
IP 85.214.167.154:0
File type PNG image data, 982 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 96cd47d3fe31da9172460a61a9f63b1e
b1126c6677dc033e53fb40933e27bb23f4cf05dc
56c7e42a7a89eee8538e8332f1d94be0ab46ecd585bf9f8a3aa5c7abdffcec13
GET /wp-content/uploads/2022/05/white-copia.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:53 GMT
ETag: "430f-5dfe7cbd1ba73"
Accept-Ranges: bytes
Content-Length: 17167
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/logo-color-.png
85.214.167.154200 OK 19 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/logo-color-.png
IP 85.214.167.154:0
File type PNG image data, 982 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 52cbfdc4555a13fb709c10c9e02271bb
c3bfd2f54d2f407a683f8ee68f69a048bdd66de0
8300b429b11dd5c7f573cef0a6a6e2c15d2425bb2f9a91a3336c0f76f4f1503f
GET /wp-content/uploads/2022/05/logo-color-.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:51 GMT
ETag: "4927-5dfe7cbade681"
Accept-Ranges: bytes
Content-Length: 18727
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/06/FONDO-HOME.png?id=5241
85.214.167.154200 OK 19 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/06/FONDO-HOME.png?id=5241
IP 85.214.167.154:0
File type PNG image data, 1752 x 1116, 8-bit colormap, non-interlaced\012- data
Hash f09e0d1007183df93074bcaff2e8b7b2
dfc9c52588b7c0058518eedcf62e3ce04c8b617f
231e85f97993afe8ce8afe8e50f3f05da9f9be7ed4ee9f325470df561f55e6e2
GET /wp-content/uploads/2022/06/FONDO-HOME.png?id=5241 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:14 GMT
Server: Apache
Last-Modified: Wed, 29 Jun 2022 10:15:34 GMT
ETag: "4948-5e2936f0f1d58"
Accept-Ranges: bytes
Content-Length: 18760
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
142.250.74.35200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21096, version 1.0\012- data
Hash edd1beac8f00071cab3e2db58647ff94
8e8128a2cecf6524557cce4a32eb751f5dbe261d
a3298dd9c080ba992e6b3afd31430a7ec37869a5ecda45b854672ec069af4aab
GET /s/spacegrotesk/v13/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://track4face.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 01:25:04 GMT
expires: Thu, 07 Dec 2023 01:25:04 GMT
cache-control: public, max-age=31536000
age: 186851
last-modified: Tue, 23 Aug 2022 18:43:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
85.214.167.154200 OK 14 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
IP 85.214.167.154:0
File type Web Open Font Format (Version 2), TrueType, length 13564, version 330.32636\012- data
Hash e7d4bfa72a1f7d352fa6605501a3e2f2
afd94b571eff9da7d85490bdb4c9874419cd260d
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:15 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "34fc-5b5c72a7540c0"
Accept-Ranges: bytes
Content-Length: 13564
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:19:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
85.214.167.154200 OK 76 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
IP 85.214.167.154:0
File type Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636\012- data
Hash 832f6e62aaf3909d6b94c8a9c1e4dd51
4a06418cb56a66af5a1c0f59791469dea1dc87fa
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:15 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "127f0-5b5c72a7540c0"
Accept-Ranges: bytes
Content-Length: 75760
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3704
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 05:19:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3704
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 05:19:15 GMT
Connection: keep-alive
track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff
85.214.167.154200 OK 322 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff
IP 85.214.167.154:0
File type Web Open Font Format, TrueType, length 322084, version 0.0\012- data
Size 322 kB (322084 bytes)
Hash 25095e48e20fcc644d6543c7c0878a15
a31898850576c23a5dae1d916a529d0409eba70d
2078f53ec18edf07a69cca137de279cd7fbe36c2fc5f06499db1ab4fd84aaa43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:15 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4ea24-5bae40f62db40"
Accept-Ranges: bytes
Content-Length: 322084
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/font-woff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb7655c8fe89a83f0096c51684aa21c
4946fcab2a99d926c45abaecf8f97b6214dee0cd
60a3066f2dcc2f696413ecec56ef1d0c1a9392f6845fac5c4319b8b9e02074fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7b1b2f1-0b18-4097-a282-a7ddd9b33b97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: dfcef102-5fc6-4a59-bb21-ff0532c9fdda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlg4GtVIAMFdTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb605-0c2f58da0ae148fb4d698ecc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jQs6m8oGHeWNYbOnPM34f-YW75VuH0yNWU-TzoDMOkYcwGa9BfqBhA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:22 GMT
age: 26873
etag: "4946fcab2a99d926c45abaecf8f97b6214dee0cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06799a30d9977b0845f525ae82355d23
6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea
d7a7eeb42d36167243b3dea7147a61119cbb5d1dcc2e2304c6ddd4a62e41efd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4914
x-amzn-requestid: b709d5ff-617b-480b-8fc3-b1408ee358b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsoEkSIAMF0ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7ea-4150ac397b97d1217cece045;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8DqbjuQMX0JOMpduQ1-wy_B1a957NXgsAHrZc1OwUzsmqJRKfkEpoA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:49:06 GMT
age: 27009
etag: "6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 26871
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ed82780732ed682ee46b2df52b3ca2
0b3fe77e142178561b28c93b94b1aea2e1c395a5
383da5ca2927044c69ff1d10b630fe3439ca48f1845031ef1b6607fcd054c54b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c8ed2c5-144c-4fce-bb57-7d9918c1ab31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4049
x-amzn-requestid: dbde9a26-7609-43b7-a9a5-6e4d2f559989
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRFHIooAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-5f5131b8315a458d18cdc70f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0hIxbSpQqCv6Ud-7HmBaRxkFrdLYrV-Lr2u3nIzd8jPXpQ8E7ahp1g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 64867
etag: "0b3fe77e142178561b28c93b94b1aea2e1c395a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7DwFYUoAI9x-ruRySpsSAXQZnxrXxUACrXp568TGZ2JSppZ1UC0uWg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:09:44 GMT
age: 79771
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1a13d12c326848d5b7adeb2562a35a5
d795c519ea637a213aab1d80daaf44ce5ad19069
f7b99c93b99268e1b2fa438d493cf23cd75a98833710ddd22b5278a76e9f019a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0c11050-5c0c-4d59-80cd-f72cf377a852.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 05f49b7c-7c76-4df4-8258-c270078d8fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctl_TH-KoAMFkWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9fb-1971e1e0359763a96b4d320b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:06:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BEsmH1BkWu_c_-qHStWD1CT1Lx1AZVcw9tnLcoGZCmnjwFWdtB7BRA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:39:43 GMT
age: 67172
etag: "d795c519ea637a213aab1d80daaf44ce5ad19069"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track4face.com/wp-content/uploads/2022/07/dibujo.png
85.214.167.154200 OK 150 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/07/dibujo.png
IP 85.214.167.154:0
File type PNG image data, 1494 x 1648, 8-bit/color RGBA, non-interlaced\012- data
Size 150 kB (150479 bytes)
Hash 400e6bb50a0d67fbf8ea5a634ecc9388
2fd1bcf455ecbcba93d3a0579835e13f60850c9e
1008ff82845bc1a036f6ca5db05e8264b91f20bcaf73c60186f756caa4763b1f
GET /wp-content/uploads/2022/07/dibujo.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:15 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2022 09:07:23 GMT
ETag: "24bcf-5e2f710657e64"
Accept-Ranges: bytes
Content-Length: 150479
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/08/controll3-1-copia.png
85.214.167.154200 OK 160 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/08/controll3-1-copia.png
IP 85.214.167.154:0
File type PNG image data, 591 x 787, 8-bit/color RGBA, non-interlaced\012- data
Size 160 kB (160312 bytes)
Hash 7bfb47f7960b11cffb046629e6e8fb6c
9da20d45cef5a3ae90cf18c6756c786a799e7bbc
13c2856323d9aa3e42cb2930b26fe7776cb6cbf007fe59272a24b6e9e9792705
GET /wp-content/uploads/2022/08/controll3-1-copia.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:15 GMT
Server: Apache
Last-Modified: Thu, 11 Aug 2022 15:05:05 GMT
ETag: "27238-5e5f87d9a2ffc"
Accept-Ranges: bytes
Content-Length: 160312
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/07/favicon.ico
85.214.167.154200 OK 1.2 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/07/favicon.ico
IP 85.214.167.154:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 11267b0c60503804cde6d561286c653f
3a72060addeca0386bbb102d9771c0a74fedf96d
daaf4cb8ac2235812e7b9c3d28f974a8609c154276f513940bee0cbc9dce71dd
GET /wp-content/uploads/2022/07/favicon.ico HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:15 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 15:55:40 GMT
ETag: "47e-5e3da0ccba40e"
Accept-Ranges: bytes
Content-Length: 1150
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
216.58.211.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 142753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
85.214.167.154200 OK 282 B URL HTTP/1.1 track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
IP 85.214.167.154:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5ddca22f9ecb6180cdcae7aefb1a7a4c
00daef0d5ba748a000e75149214bda7d0d06294c
4c906a9ccf67c6b3350fd6bd1592d5e03ca36e098bcdcfb47fe8ebe075975b2a
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:15 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Link: <https://track4face.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Vary: Origin
X-Powered-By: PHP/7.3.33, PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:03 GMT
expires: Fri, 08 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 27073
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
85.214.167.154200 OK 282 B URL HTTP/1.1 track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
IP 85.214.167.154:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5ddca22f9ecb6180cdcae7aefb1a7a4c
00daef0d5ba748a000e75149214bda7d0d06294c
4c906a9ccf67c6b3350fd6bd1592d5e03ca36e098bcdcfb47fe8ebe075975b2a
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 05:19:15 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Link: <https://track4face.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Vary: Origin
X-Powered-By: PHP/7.3.33, PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v6.1.2/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:19:14 GMT
content-type: text/css
x-amz-id-2: lKKQR0f/cGKoHNcTpeeZGOEZHXWMSkf9C5Fjvo8gSccZ7kSgpLiA5+y3RPeM+lG+yh71nKWkSfQ=
x-amz-request-id: W75Y5D2PZKAFCWFJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
etag: W/"32c0dd1e392a9b1b3b8e8a0ef2e89fdd"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2%2BXrHMbt88ZFg6XJRlpL%2FD7uyUR2Dc7vDPb4G29pzIXc5z9RrTZ1xZr7GTGNykCqfi9thqL9xm375C%2F1guHtGwAIDBObkPOFTpK8bDtBGKnTTWWMsS71X5iSdLjnAD6QLKFVF%2FF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b48e358fc74d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v6.1.2/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v6.1.2/css/all.css
IP 172.64.132.15:0
GET /releases/v6.1.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:19:14 GMT
content-type: text/css
x-amz-id-2: iDD0oBMKLOVTOQleF1cZaLfDg8+mqPSuM3Cj4S/DH0xAE79wdjeJhUfG4e3/lRvQGjapGHHBPRY=
x-amz-request-id: W75QMNW74RTN4HQ8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
etag: W/"8ef777107c4620d4ddd4f8c4bb14a36c"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVuyBlaxUfc7Zx3SD%2F7ViWYl1ea4TvEYdn7glD2oFVBTUDEW8GZANR%2FWOe5w0KhLVsiwhnLGfwn8YqMjoU03DfbUfHH85NWuJODdHkSwP%2Fzn0%2B95UZe5hc94yak04NbXOPpjjwkX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b48e3590474d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 05:19:14 GMT
date: Fri, 09 Dec 2022 05:19:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20
IP 142.250.74.106:0
GET /css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 05:19:14 GMT
date: Fri, 09 Dec 2022 05:19:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2