web.track4face.com/
85.214.167.154301 Moved Permanently 303 B IP 85.214.167.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f8130c485c868977ce0916ddef8ce799
b1bc3f5e44d4f3d0c4ec652bf6a6f7f0f27560e7
49aeba9838171f22aef3d58aede536e655607a480afa7800582a95fd3ca06976
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: web.track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 05:19:22 GMT
Server: Apache
Location: https://web.track4face.com/
Content-Length: 303
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2998
Expires: Thu, 26 Jan 2023 06:09:20 GMT
Date: Thu, 26 Jan 2023 05:19:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2448
Expires: Thu, 26 Jan 2023 06:00:10 GMT
Date: Thu, 26 Jan 2023 05:19:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 04:35:15 GMT
content-type: application/json
age: 2647
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9029
Expires: Thu, 26 Jan 2023 07:49:51 GMT
Date: Thu, 26 Jan 2023 05:19:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2Uuvg5BbtDh6pUT9sQCFeBy7/ngFmVSRhR2a73BfUaUGb5kbz7kO2ZhqmAGkBfOTABLYwidihmg=
x-amz-request-id: 8252PYD0PE736XCK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 04:48:50 GMT
age: 1832
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 05:19:22 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f4f49b6fa9b4cec355213fbc0b0575ab
01e4c3d6019be06dbcf3d0cdab76ddad077c4fa0
e1fdd08560cba6aa8333a85c3cc2c176b459db3d403880b7d301d14b176a83cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1FDD08560CBA6AA8333A85C3CC2C176B459DB3D403880B7D301D14B176A83CC"
Last-Modified: Tue, 24 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21498
Expires: Thu, 26 Jan 2023 11:17:41 GMT
Date: Thu, 26 Jan 2023 05:19:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 04:41:40 GMT
age: 2263
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
web.track4face.com/
85.214.167.154301 Moved Permanently 0 B IP 85.214.167.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: web.track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://track4face.com/
X-Powered-By: PHP/7.3.33, PleskLin
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d1305f1d3e2f6b4a0032a81043b8006d
adb0ce60eae94c08faecf496b7939bfc5761d72d
15b229022bf637955a63d5082dd6a7767867cb125e3c7a180b11c3367e6dbd79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15B229022BF637955A63D5082DD6A7767867CB125E3C7A180B11C3367E6DBD79"
Last-Modified: Wed, 25 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Thu, 26 Jan 2023 11:19:08 GMT
Date: Thu, 26 Jan 2023 05:19:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20786
Expires: Thu, 26 Jan 2023 11:05:49 GMT
Date: Thu, 26 Jan 2023 05:19:23 GMT
Connection: keep-alive
track4face.com/
85.214.167.154200 OK 16 kB IP 85.214.167.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2788), with CRLF, LF line terminators
Hash 88b691d5cd5ff65389b844aed2fb60f5
a35617e2d19520c600ac900f627bd39f8f5d2e7f
d6fc09d80eabf94e26f96ccad18908df750b24d3b09fa4f88643234f121ed602
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Wed, 25 Jan 2023 07:43:12 GMT
ETag: "13925-5f311c8d15cda-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 15993
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
track4face.com/wp-includes/css/dashicons.min.css?ver=6.0.3
85.214.167.154200 OK 36 kB URL HTTP/1.1 track4face.com/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "e688-5e41d9997db23-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 35730
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (12784), with no line terminators
Hash 079ec719b83eb7ccd0a797522f932e1c
ac7d7878d6194d8d24d3a3caead247eddbb6c2d2
97375050dbf77b0b5d4d5d5332a8e3ecbb53c14c946fea69aea118b1b23cf81d
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "31f0-5ee3909a78f98-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2355
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0
85.214.167.154200 OK 3.5 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (17306), with no line terminators
Hash fb72d808bd2724524dd9363774e5a9b0
05b7012b31b69c6074f6dfc19ac47ec1df5458fb
1e7c2c7e02ee5502ea741c96e9ebc264560394e28ac3d0b686bbe8b6748eb34d
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "439a-5ee3909a7a320-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
85.214.167.154200 OK 995 B URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 85.214.167.154:0
Hash a81b8fb4af6a0bfef4d8fb610b7e3fd2
54ac8812d0ee99a38e33f734f34179a77e95e547
6a391fc773bce731189bf93ecf097629718030c411493a92842b12939bee8479
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 15:33:01 GMT
ETag: "af3-5f0e5156c5bc5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 995
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2
85.214.167.154200 OK 351 B URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (815), with no line terminators
Hash a13956f69577ca337f027c988424cfed
13fd1d4c866969bce2032e04997819f869b646fd
2b035611bb4e8f78229b53d6ee08081a3e264549778c39c4c153deb74c98a794
GET /wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:05 GMT
ETag: "32f-5ee3909a6244f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 351
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
85.214.167.154200 OK 21 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (65317)
Hash 88e86ee445f68f6886c681359e37ab99
f8dd93c67bee8aeca28eb8a7aa641891154a6082
3a36c188775116edca6f0dcfbeec0f04081109b20aad3ee0f15a142feaf01e86
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:05 GMT
ETag: "18d4d-5ee3909a5e1e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 20747
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3
85.214.167.154200 OK 124 B URL HTTP/1.1 track4face.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with CRLF, CR line terminators
Hash 893dd4d34591cb544851b5a41747cdfd
e8585a3187cfaa2288f0cb48e5696929306b7615
1de5e3983dd9d63c6d92bc1543a4ae8978b38fbaa8d79fbbc2035c62a68cd7cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 06:54:08 GMT
ETag: "13c-5e71f6174a371-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 124
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TY4/ixT3B8YSKnVLrAciZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ebfrjeGWWLL8x0hzdBLrLnWkin8=
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4
85.214.167.154200 OK 16 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (26678), with no line terminators
Hash 96f047f2d846f2ed046432a3db5efd25
8ffc1540379ba3303d4175a33bdd368f4b66c014
a8c14a2183c5ae62eacf0eb3dd49b516826624c19059e6b6654ecb383abc2484
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "6836-5ee3909a7b2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16083
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6
85.214.167.154200 OK 817 B URL HTTP/1.1 track4face.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6
IP 85.214.167.154:0
Hash acb1ca96c3af9a9dadfff5495182ab8d
5ea2bd06354f3b03ca74f28a4ea98b13ad600985
89dedebaac821c638da0e023753c5a2ce5852a9f472c876e40313e7ebeeae5cb
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 06:46:56 GMT
ETag: "a6b-5e7e872173791-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 817
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
85.214.167.154200 OK 713 B URL HTTP/1.1 track4face.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (2723), with no line terminators
Hash 7e67979bdd7b91ff88c5113cd3db186e
1ef16fddac63946359c3d47b46d1985c3961ea26
10f99207a897bca4be545b3a4a330907e90e0dc49326c774946393ed4adcd83c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 08:32:23 GMT
ETag: "aa3-5e9e0d54b2cc3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
85.214.167.154200 OK 13 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash b519a21e842ed2a5ef25dd4e672f2b07
6ef5ae70007332f52e98a2b6075e019f663cf45e
ce51ceb46e7bc646f8212ed1f8a0089f5e3abc5236d0e323749e575b41ad27f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "ea95-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12635
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
85.214.167.154200 OK 324 B URL HTTP/1.1 track4face.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (1463)
Hash 003e878cbefe183c4b539589b1b7c197
21a119cd156b0b458e042fc4b1e1d446f65e5c6c
335231715a0685b94d368e9201e549fe894fb579971483994a2d02966e39ef8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:58 GMT
ETag: "5b8-5b5c72a65fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 324
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
85.214.167.154200 OK 11 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 421e33e62e4ea1b59a2e7529e6ddc298
78687bb8e27bb5426aef6b39e80e8f68186cb503
ab4f6fab4c03192f5ff3ebefd22ec1991992fe8a457a9f33aedb8860fb0facef
GET /wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "10497-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10860
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css
85.214.167.154200 OK 7.1 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "7918-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7053
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
85.214.167.154200 OK 4.9 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (22932)
Hash d62df1ab27a8942df10213d55213d8a0
3ee31e22b08ab52c7d8686e25ad7a9c014ffdcbe
680153ad00086a5c9ade347df9abe6ab564f77b43300e61ebe9a829bf09a03d8
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "5f4f-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4873
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
85.214.167.154200 OK 46 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (65358)
Hash 2fe906250b403a8535d316cdf1e8a808
7b84d27dd294fe145beec5801fc2d8d5a00d611b
655f96cc6f8ea662c046fd64382639c7a9b5c9a936645beb200653b4880e51e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "76828-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 45790
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
85.214.167.154200 OK 10 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (56219)
Hash c382473eaa9b8fa36e1c7ed1fa5e6297
f35a8506e5a9b332969d9e38b22bed137b9a3682
732d8e0451539ca235c19ad8aa4ee5d32522726e50d0ea60620a78742f68908b
GET /wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "ddcb-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10449
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
85.214.167.154200 OK 5.8 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
IP 85.214.167.154:0
File type ASCII text, with CRLF line terminators
Hash 364348532497274e79e5f445baffcdc2
b96f882564d89d5b915236bc8261544ad73e8272
5062be02a19036880c15eef6c91c7967c529c2ca0c77eca6752a52ca44ed69be
GET /wp-content/themes/ave/assets/vendors/fresco/css/fresco.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:23 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "9013-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5792
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
85.214.167.154200 OK 1.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (3324)
Hash 68701206290364f6fa17cf3091c0b0a5
2f0f35c59b9b7cfd42d0cc6295cca0b514d1e98c
5f72c1c862a81b47765b2c6ad27e9172413c626e4aa459a3b51037b00a255e20
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "d37-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1016
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/style.css
85.214.167.154200 OK 939 B URL HTTP/1.1 track4face.com/wp-content/themes/ave/style.css
IP 85.214.167.154:0
Hash 01809d5540603f71d7b6636ee0444a46
849a952ee2cd4786d3af6595c9b882901d1825c7
3e73f3793c2f2fc50e142c447106b465a3cdca52f7caadc51b16c2181aaf23ff
GET /wp-content/themes/ave/style.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "a73-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 939
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1674632591&ver=6.0.3
85.214.167.154200 OK 9.7 kB URL HTTP/1.1 track4face.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1674632591&ver=6.0.3
IP 85.214.167.154:0
Hash 6d08df2cffbd8a1d3c79eacad2194b0d
e8e721fcdc6a3ec2a47f69a440232c638b3071f8
839e103f25b4174a797aff447275d30683fb0c19de668f5bdfacf367bf6a0fdd
GET /wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1674632591&ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2023 05:17:24 GMT
ETag: "145fd-5f323dd391445-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 9724
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
85.214.167.154200 OK 4.2 kB URL HTTP/1.1 track4face.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "2bd8-5e41d999af035-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4169
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/css/theme.min.css
85.214.167.154200 OK 63 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/css/theme.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7609aff32f25e19a4264ad454d538ef4
9de492b94f339a2cecd1e66fc2766996d3fea3c0
cf2074cb0d74ee812a44497d909fabf9eb2202a74df9e680fc2d732123f6b6b3
GET /wp-content/themes/ave/assets/css/theme.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "5e624-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 62968
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (5404)
Hash 44b792c238f3501d1b4b963ac9623d8c
7764cc96ca92912d26a43d8fa6da50a18d774e2f
2df606867783ce8f7233a310f998ad891f0c1ab06e776c9077ea362c482c027c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/modernizr.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "15ce-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2446
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
85.214.167.154200 OK 31 kB URL HTTP/1.1 track4face.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "15db1-5e41d999b07a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 30908
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/inline.js?ver=1.0
85.214.167.154200 OK 0 B URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/inline.js?ver=1.0
IP 85.214.167.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/inline.js?ver=1.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "0-5bae40f62db40"
Accept-Ranges: bytes
Content-Length: 0
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
85.214.167.154200 OK 45 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
IP 85.214.167.154:0
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 093bc5236e1d2dac0687190591816376
a00cc34c822166c88d68744f65fb4274ab5509da
821f75e48e46128443a39eb58aba687be440465b600424fa3bf5fb2cffe166ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "1d25a-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 45119
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
85.214.167.154200 OK 5.0 kB URL HTTP/1.1 track4face.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "48b9-5e41d999c9616-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5009
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
85.214.167.154200 OK 12 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (56243)
Hash 56ff26e4540fe0eb470200be12da9539
e55c1cf13307417eb0721280047dfe0a7e870752
41bd8b382a880ae6ec59d84506d7b5ba03c23eb9dd5b4044eb8f50e182fb39f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "dc69-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12251
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2
85.214.167.154200 OK 4.3 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (34217)
Hash ff23202f1227d35b13635501c86b2156
31c5de356f90da7a53468ef8ed0a9237cdaa67ce
c4b5a8cbcaef7b3a6d4d2f1a3d68cfac3a2ccb7fbfcd7ae212bf2c39fc85ed42
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "865f-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4260
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
85.214.167.154200 OK 1.6 kB URL HTTP/1.1 track4face.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
IP 85.214.167.154:0
Hash 62c642c72a7a6f14e1537dbf13c38fc3
e34220a94267a2ba69e2eb20570cd51e92dc1ef6
f41feba544c18f3faa2ec91a3edcb553ec456530791f2d827ec6afb4fc578202
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 06:54:08 GMT
ETag: "1f8a-5e71f617493d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1617
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
85.214.167.154200 OK 4.1 kB URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 85.214.167.154:0
File type HTML document, ASCII text, with very long lines (12652), with no line terminators
Hash 5a8a35c9ae8f9e0fc3dbf35fba73b13a
10d0f2fde01006234322517ef3b4d4b9b6d230bd
913435232b007746db89fde662ff6a8e4bb8c7eea164a785b321fccf39a3e1fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 15:33:01 GMT
ETag: "316c-5f0e5156c500d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4084
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
85.214.167.154200 OK 3.0 kB URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 20d191fbcefaf143ff6d9f0234b3afd4
85c302c0f4d2393bd1c3fb724a03741a14860b3a
0398c654fccf925b52ce33037cf350414bc27efc9da7db916ee7dbe646541f7a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 15:33:01 GMT
ETag: "2945-5f0e5156c7eed-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3040
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
85.214.167.154200 OK 7.1 kB URL HTTP/1.1 track4face.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "4ac6-5e41d999abd6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7095
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
85.214.167.154200 OK 2.5 kB URL HTTP/1.1 track4face.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 85.214.167.154:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "194b-5e41d999a9e2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2457
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2
85.214.167.154200 OK 507 B URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (999), with no line terminators
Hash 22f32f77e17fa7640cda0a401c2b0844
019765feeed7ea2a9e9e506ce000978ea3ecd171
269c0f075ceb9464731b25afc21ae41536b76ef76bf0cf856c42e3e6311ec6ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Wed, 28 Dec 2022 15:33:01 GMT
ETag: "3e7-5f0e5156b4e3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 507
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
85.214.167.154200 OK 2.9 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6485)
Hash d74b132d612e4d48644b3d2e94126668
0f14ca438d1caac87cfdc815b8ac941c740e24dd
7228b214ba7d6c784c6b0b6486ed5afc6c393f48ae1eb47bcb57463613dd6622
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "19c9-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2895
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/fresco/js/fresco.js
85.214.167.154200 OK 16 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fresco/js/fresco.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (65351)
Hash fd584a0e4070600f9746ac2c965f793a
30bb8cf454f96b6e18d1e8347ab6ddd7c35e94be
5ce92f55b576be6bdc095b7ecdad6153e0c76ba2bd318ef1a16136f28c7561fa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fresco/js/fresco.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "121cf-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16259
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
85.214.167.154200 OK 5.8 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (20420)
Hash e8be176bc921ba9b9fc61c8e772eda55
aaad6760bd966f8883fd3f6447bc1d417ae22dda
91a255f6e4a1a0442206789b2cb71b3b4c834653f3e6bddb57624db4ff6a5c78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "509f-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5825
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
85.214.167.154200 OK 3.7 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (8499)
Hash 2ef06a44f7748a6a0fb05f14c2aa7b5c
c0fe4fa5f090985eb554496d71cc9bf430ef1569
42670d6e73486f23491d99917a5ffd19b1ca73aca1018e792cb54b17ae352112
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "232c-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3743
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842
85.214.167.154200 OK 3.1 kB URL HTTP/1.1 track4face.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842
IP 85.214.167.154:0
Hash ad314d2db2c48594aa8b09710bc3079d
1950b9c4c3340bbbaa98f46356f97022168fc90d
7f8ff5c122f2e7541f68a7cdb54b120a4d2ee50206a26df7be33a1c71ad640e0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Fri, 02 Dec 2022 03:30:42 GMT
ETag: "29ed-5eecff66493df-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3086
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/vivus.min.js
85.214.167.154200 OK 4.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/vivus.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (11871)
Hash 1eb4007fcae41795efce53b86dbc528a
48ad1996d9771e06a9c0f629a57960b2e030acde
23382c89a808ca1a932966faabdbde13ef681fccc35fcc9dd50cfee8176c5a88
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/vivus.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "2ef6-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3975
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
85.214.167.154200 OK 7.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (26402)
Hash 16e18d529c46ab688020513c4ba84520
67374012c1416073e0ee4fdbb13dcb2fec2a7aca
a0d132048e8963e669e7a27c4a20fe999945954fa74253ecc3364d622e44391a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "68af-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7224
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
85.214.167.154200 OK 2.6 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6765)
Hash 3b5b72390b2ee4f25583c53ca4cfc91c
28050a0d22ec4d857182fd8c79bcffaaa0236473
db670df9389dffa7acc4a05cc3941874204dc4996f14aa2cbb1e06c0dc715e0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/intersection-observer.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "1cd8-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2641
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fff9bdad400b1ce70fec862e7b9907c
3fc9bdc0c98d437b80d4e15203897b5758e2c526
c6496464907294115c950af4aa76fa55ae7d8239f4aca375d65537b3bacd0a26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6422
Cache-Control: max-age=117266
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Etag: "63d11b58-117"
Expires: Fri, 27 Jan 2023 13:53:50 GMT
Last-Modified: Wed, 25 Jan 2023 12:06:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
track4face.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
85.214.167.154200 OK 1.8 kB URL HTTP/1.1 track4face.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "15fd-5e41d999ac924-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1834
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
85.214.167.154200 OK 30 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (32482)
Hash 22d2613b2c9183365806419244ca2fa7
805745a47582e3ecd41e5c205088efcb358c813b
fbe6441d283a0ba340faf5f87e328484790a93657f137b007b9b4ee4c054b4c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "1a3a8-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 29851
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/anime.min.js
85.214.167.154200 OK 7.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/anime.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (17169)
Hash 6b775f5a553f15b26598a3a7a4681f38
d2e2e17783d72a4d25d475ae8deba7192598bcbe
388357780250aec928ffe5141bcd26f0fe0c457844c5765573ec0eb11f78d122
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/anime.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4378-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6976
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
85.214.167.154200 OK 6.1 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (17329)
Hash df0a3fe3812df69e308b78d09c259b38
6d4d38af412d5ba2a2c65392b608fb77469f94d3
9ecad2704bf1341e76d4e8e285c63fc7e7b302117caa66f3dd665be7038dd400
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4416-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6060
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fff9bdad400b1ce70fec862e7b9907c
3fc9bdc0c98d437b80d4e15203897b5758e2c526
c6496464907294115c950af4aa76fa55ae7d8239f4aca375d65537b3bacd0a26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6422
Cache-Control: max-age=117266
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Etag: "63d11b58-117"
Expires: Fri, 27 Jan 2023 13:53:50 GMT
Last-Modified: Wed, 25 Jan 2023 12:06:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cc2b9a26cf016c0cf9e73531f6004051
408990c14ea8af4c979a277da755c89771672356
36e955bd017c3febc7623ad388bb260757294ca612b94ae5417de6cc04073a82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
85.214.167.154200 OK 2.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (1031)
Hash 6571b1c666b4a16227a30c90297202d2
8f0944bab38c3010140fae08923b594201908447
22e9cfa85e0c34d752c7168a80175f4c37c84fa92ebd95367715c4badddd390f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fontfaceobserver.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "16fc-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2200
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6342)
Hash a1868686d0085f8ac4924a4d0c23fc9d
47d46ea30f131aeb0872eb088a4bc6667c5a2457
e7db67a7207a0f24ee95bd6bda57cd83bc0dec71dbfa970972efb66cd4ed115c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lazyload.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "18c7-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2387
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/js/theme.min.js
85.214.167.154200 OK 40 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/js/theme.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (31973)
Hash 4ce1782d837af56e1b1ad44ec2d62124
0caaaa068b2dd22acf929b5bb99eadb5fdab502b
6d806b605d4bd510b2687e7543869c153d3a440c6a33961597dd081adc1e1396
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/js/theme.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "3068e-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 39579
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
85.214.167.154200 OK 5.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (14677)
Hash d1cf4e234cc58dff036e036e7a281061
a2cd07181f3eaea1c2368b29e3ef2d222f085187
e4e40521c1a34232c308420d0e956ef8e5a2c777646177db3668b91698309568
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/tinycolor-min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "39bc-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5243
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png
85.214.167.154200 OK 600 B URL HTTP/1.1 track4face.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png
IP 85.214.167.154:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 06:46:56 GMT
ETag: "258-5e7e87218e92a"
Accept-Ranges: bytes
Content-Length: 600
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fff9bdad400b1ce70fec862e7b9907c
3fc9bdc0c98d437b80d4e15203897b5758e2c526
c6496464907294115c950af4aa76fa55ae7d8239f4aca375d65537b3bacd0a26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6422
Cache-Control: max-age=117266
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Etag: "63d11b58-117"
Expires: Fri, 27 Jan 2023 13:53:50 GMT
Last-Modified: Wed, 25 Jan 2023 12:06:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
track4face.com/wp-content/uploads/2022/05/logo-color-.png
85.214.167.154200 OK 19 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/logo-color-.png
IP 85.214.167.154:0
File type PNG image data, 982 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 52cbfdc4555a13fb709c10c9e02271bb
c3bfd2f54d2f407a683f8ee68f69a048bdd66de0
8300b429b11dd5c7f573cef0a6a6e2c15d2425bb2f9a91a3336c0f76f4f1503f
GET /wp-content/uploads/2022/05/logo-color-.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:51 GMT
ETag: "4927-5dfe7cbade681"
Accept-Ranges: bytes
Content-Length: 18727
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/white-copia.png
85.214.167.154200 OK 17 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/white-copia.png
IP 85.214.167.154:0
File type PNG image data, 982 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 96cd47d3fe31da9172460a61a9f63b1e
b1126c6677dc033e53fb40933e27bb23f4cf05dc
56c7e42a7a89eee8538e8332f1d94be0ab46ecd585bf9f8a3aa5c7abdffcec13
GET /wp-content/uploads/2022/05/white-copia.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:53 GMT
ETag: "430f-5dfe7cbd1ba73"
Accept-Ranges: bytes
Content-Length: 17167
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/white-copia-300x60.png
85.214.167.154200 OK 8.2 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/white-copia-300x60.png
IP 85.214.167.154:0
File type PNG image data, 300 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c07631cf5b93d1fa7f083bf4c86a3fe
d015b0383bab3a8dd4c5fa503a6ca9f246d96c4c
0269f74c8fd75159b32f3b51ee61975e5ea74e8f9015c03b2bf8653480d60ec4
GET /wp-content/uploads/2022/05/white-copia-300x60.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:53 GMT
ETag: "1ff8-5dfe7cbd515d4"
Accept-Ranges: bytes
Content-Length: 8184
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/08/umbrella-beach-solid-1.svg
85.214.167.154200 OK 960 B URL HTTP/1.1 track4face.com/wp-content/uploads/2022/08/umbrella-beach-solid-1.svg
IP 85.214.167.154:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e7b30864d3328a982c302ae9681e68e3
f5d732d6c0b5a506ea02d7c052c5c0e532b0212b
1d52995faad5c954417f3d572ad621b16d971d0d9acd54a4c4a57b7cf03be4fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/umbrella-beach-solid-1.svg HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Wed, 24 Aug 2022 10:34:12 GMT
ETag: "3c0-5e6fa38cc2c26"
Accept-Ranges: bytes
Content-Length: 960
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/svg+xml
track4face.com/wp-content/uploads/2022/06/FONDO-HOME.png?id=5241
85.214.167.154200 OK 19 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/06/FONDO-HOME.png?id=5241
IP 85.214.167.154:0
File type PNG image data, 1752 x 1116, 8-bit colormap, non-interlaced\012- data
Hash f09e0d1007183df93074bcaff2e8b7b2
dfc9c52588b7c0058518eedcf62e3ce04c8b617f
231e85f97993afe8ce8afe8e50f3f05da9f9be7ed4ee9f325470df561f55e6e2
GET /wp-content/uploads/2022/06/FONDO-HOME.png?id=5241 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Wed, 29 Jun 2022 10:15:34 GMT
ETag: "4948-5e2936f0f1d58"
Accept-Ranges: bytes
Content-Length: 18760
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
85.214.167.154200 OK 14 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
IP 85.214.167.154:0
File type Web Open Font Format (Version 2), TrueType, length 13564, version 330.32636\012- data
Hash e7d4bfa72a1f7d352fa6605501a3e2f2
afd94b571eff9da7d85490bdb4c9874419cd260d
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "34fc-5b5c72a7540c0"
Accept-Ranges: bytes
Content-Length: 13564
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/spacegrotesk/v15/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
142.250.74.35200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/spacegrotesk/v15/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21096, version 1.0\012- data
Hash edd1beac8f00071cab3e2db58647ff94
8e8128a2cecf6524557cce4a32eb751f5dbe261d
a3298dd9c080ba992e6b3afd31430a7ec37869a5ecda45b854672ec069af4aab
GET /s/spacegrotesk/v15/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://track4face.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 10:25:54 GMT
expires: Mon, 22 Jan 2024 10:25:54 GMT
cache-control: public, max-age=31536000
age: 327210
last-modified: Thu, 15 Dec 2022 21:08:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 05:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
85.214.167.154200 OK 76 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
IP 85.214.167.154:0
File type Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636\012- data
Hash 832f6e62aaf3909d6b94c8a9c1e4dd51
4a06418cb56a66af5a1c0f59791469dea1dc87fa
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "127f0-5b5c72a7540c0"
Accept-Ranges: bytes
Content-Length: 75760
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12989
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 05:19:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12989
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 05:19:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12989
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 05:19:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12989
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 05:19:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12989
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 05:19:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 27043
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 78331
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f3b2cec-c481-45f0-9a3f-1b2524aae46e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f3b2cec-c481-45f0-9a3f-1b2524aae46e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df3e17e51228c67116f656ebd07d80d2
3135b1a0597a970913ef6dbe1110f244eddd5cf9
493524ea7aef2fa6c99701fde6ef96e5a05cfa95ff0421ab33fa47a797646404
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f3b2cec-c481-45f0-9a3f-1b2524aae46e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10039
x-amzn-requestid: f7454b15-532e-4224-8f43-a9e085c417d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGngFvtIAMF6Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8496-201fde6e675cfc2d26cd0c62;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:11:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uMUb8tOr-oBignR8ujv5gp-2ycgOCWUsPEmaY_uAEtyuOMNFaeisYg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:48:44 GMT
age: 77441
etag: "3135b1a0597a970913ef6dbe1110f244eddd5cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 26817
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wjUfYG_uxTe4x91OXaKxABbPpmQ1rmscm3ANlGqW20OyarNjJFcjVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:34:47 GMT
age: 78278
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ec40bb9-f318-4da0-a722-dc708559d104.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ec40bb9-f318-4da0-a722-dc708559d104.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c25f176fc34ce8c9e12c7545d1e0fa77
824f17fe3f066f361cd1ade88d5dbbee47db786f
1c31699af9c98bab822f7c375dccd54e90dc998e0b68256149fb4219dc525194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ec40bb9-f318-4da0-a722-dc708559d104.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3716
x-amzn-requestid: 8ae20145-a58a-4f5f-b9b0-d3b39239be1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYULGzmoAMFXfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e7-699c9cc012197fa62a95a3d4;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IWUsfno-zBv7hDICyupuzRCvMH7JPgtaOh1oZJgLtX6TVV_VasR0Ow==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:50:50 GMT
age: 26915
etag: "824f17fe3f066f361cd1ade88d5dbbee47db786f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff
85.214.167.154200 OK 322 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff
IP 85.214.167.154:0
File type Web Open Font Format, TrueType, length 322084, version 0.0\012- data
Size 322 kB (322084 bytes)
Hash 25095e48e20fcc644d6543c7c0878a15
a31898850576c23a5dae1d916a529d0409eba70d
2078f53ec18edf07a69cca137de279cd7fbe36c2fc5f06499db1ab4fd84aaa43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4ea24-5bae40f62db40"
Accept-Ranges: bytes
Content-Length: 322084
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/font-woff
track4face.com/wp-content/uploads/2022/07/dibujo.png
85.214.167.154200 OK 150 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/07/dibujo.png
IP 85.214.167.154:0
File type PNG image data, 1494 x 1648, 8-bit/color RGBA, non-interlaced\012- data
Size 150 kB (150479 bytes)
Hash 400e6bb50a0d67fbf8ea5a634ecc9388
2fd1bcf455ecbcba93d3a0579835e13f60850c9e
1008ff82845bc1a036f6ca5db05e8264b91f20bcaf73c60186f756caa4763b1f
GET /wp-content/uploads/2022/07/dibujo.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:25 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2022 09:07:23 GMT
ETag: "24bcf-5e2f710657e64"
Accept-Ranges: bytes
Content-Length: 150479
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/08/controll3-1-copia.png
85.214.167.154200 OK 160 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/08/controll3-1-copia.png
IP 85.214.167.154:0
File type PNG image data, 591 x 787, 8-bit/color RGBA, non-interlaced\012- data
Size 160 kB (160312 bytes)
Hash 7bfb47f7960b11cffb046629e6e8fb6c
9da20d45cef5a3ae90cf18c6756c786a799e7bbc
13c2856323d9aa3e42cb2930b26fe7776cb6cbf007fe59272a24b6e9e9792705
GET /wp-content/uploads/2022/08/controll3-1-copia.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:25 GMT
Server: Apache
Last-Modified: Thu, 11 Aug 2022 15:05:05 GMT
ETag: "27238-5e5f87d9a2ffc"
Accept-Ranges: bytes
Content-Length: 160312
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 15:41:18 GMT
expires: Wed, 24 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
age: 135487
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track4face.com/wp-content/uploads/2022/07/favicon.ico
85.214.167.154200 OK 1.2 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/07/favicon.ico
IP 85.214.167.154:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 11267b0c60503804cde6d561286c653f
3a72060addeca0386bbb102d9771c0a74fedf96d
daaf4cb8ac2235812e7b9c3d28f974a8609c154276f513940bee0cbc9dce71dd
GET /wp-content/uploads/2022/07/favicon.ico HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:25 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 15:55:40 GMT
ETag: "47e-5e3da0ccba40e"
Accept-Ranges: bytes
Content-Length: 1150
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
85.214.167.154200 OK 282 B URL HTTP/1.1 track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
IP 85.214.167.154:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 50ae5ec897d58f6fd5af4b5cc55df96f
5a7bd3f69865ca93124d199fbd15a3eb2edf5296
34c9648a0621679bff22c3c10b01efded5838d866bf7ae2be73ff13095496ca4
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:25 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Link: <https://track4face.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Allow: GET
Vary: Origin
X-Powered-By: PHP/7.3.33, PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
fonts.googleapis.com/css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20
IP 142.250.74.106:0
GET /css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 05:19:24 GMT
date: Thu, 26 Jan 2023 05:19:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v6.1.2/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 05:19:24 GMT
content-type: text/css
x-amz-id-2: C0WmmdoKwpX/NLMmRIagGyYROJib19/dUnJXuCLjHkUolMjhvvKdePPUgUyooMI1fZl3Iegh+0I=
x-amz-request-id: GJ9XJ620BWW5BHHW
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
etag: W/"32c0dd1e392a9b1b3b8e8a0ef2e89fdd"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pz8hJRc97uTCGaLZBiGszI37yeE%2B2KBKBeBYOUR5cbPAbloikCxLwXer%2Fhxbp0sIp%2BVv4wtZB0EqcS81iB%2BZYZavtpZdY4EPlJbwsgvDNN8HsVe37hNeT0qcusYqSwdzt4qloQdY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f6cb213f5c7556-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v6.1.2/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v6.1.2/css/all.css
IP 172.64.132.15:0
GET /releases/v6.1.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 05:19:24 GMT
content-type: text/css
x-amz-id-2: uIJiw/6t+tEwhW6SvVv9Ds9ZSlplzaEetGRJg+gwS7sN4nWi2EdiTi6NktJRnAviMaLutSOukQU=
x-amz-request-id: GJ9KA27GYMH1V4CQ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
etag: W/"8ef777107c4620d4ddd4f8c4bb14a36c"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrGfTLIiiJzSMFk06OqKcuq8V7hKRotXLMKyhTibovWz2xE69C0K%2BpC%2BJRbCGN5OwjZm9g4g6xVBWbZJ%2FsR9H4HObGIsSAhAE5PpBJdLY0HvHk%2FiEmeUFfLsHr1ITV9h5VP3oINh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f6cb216f897556-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
track4face.com/wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3
85.214.167.154200 OK 0 B URL HTTP/1.1 track4face.com/wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3
IP 85.214.167.154:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 05:19:24 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:58 GMT
ETag: "7e9-5b5c72a65fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 892
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 05:19:24 GMT
date: Thu, 26 Jan 2023 05:19:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2