r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12528
Expires: Sat, 22 Oct 2022 09:55:53 GMT
Date: Sat, 22 Oct 2022 06:27:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 05:52:39 GMT
Expires: Sat, 22 Oct 2022 05:59:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qjDKpxp484CzUDtXdf_7yevzCqO6r2tlx4KkxJYrdoOZFmyJq46Gmg==
Age: 2066
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12483
Expires: Sat, 22 Oct 2022 09:55:08 GMT
Date: Sat, 22 Oct 2022 06:27:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KjCGqvjiw6/ewn/6pB1hCqXbEXdaGj9KBe6zJTDxidMgHMzq5ZTiYxms1FJ6AQ6n+ZH+/xxt4vM=
x-amz-request-id: RB3JGPSKFZK6D91Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 06:07:31 GMT
age: 1174
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 06:27:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
trackingafrica.net/cgi-admin/panel/login.php
192.232.218.213301 Moved Permanently 0 B URL HTTP/1.1 trackingafrica.net/cgi-admin/panel/login.php
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /cgi-admin/panel/login.php HTTP/1.1
Host: trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 06:27:05 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Content-Security-Policy: upgrade-insecure-requests
Location: http://www.trackingafrica.net/cgi-admin/panel/login.php
X-Server-Cache: true
X-Proxy-Cache: MISS
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 22 Oct 2022 05:43:40 GMT
Expires: Sat, 22 Oct 2022 05:58:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ERfWCJEUVeg2m-G54L0a1TUgeY5_GThoDbhZuMl-0yxWdIsXnAU31A==
Age: 2605
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5734
Cache-Control: max-age=98115
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:06 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 09:42:21 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.231.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.231.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mzDMH16WxfxOYKu3GfXIwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FsfUL1eCvkv/hpF8PxE1xxC4I6c=
www.trackingafrica.net/cgi-admin/panel/login.php
192.232.218.213404 Not Found 18 kB URL HTTP/1.1 www.trackingafrica.net/cgi-admin/panel/login.php
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8330), with CRLF, LF line terminators
Hash 46dafe74c8295ba85bfd1a2571a2ee57
599a37d6d5c08b5a49f9fb69aa6b7a7f36057a87
6fca8b876ed86af0626fd16991db33bc32ca04529882bc04f8fd416a9d0914cb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /cgi-admin/panel/login.php HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Sat, 22 Oct 2022 06:27:06 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.trackingafrica.net/wp-json/>; rel="https://api.w.org/"
Content-Security-Policy: upgrade-insecure-requests
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 794a6d2df00fc15e8b4ed6ff4992525e
f8d67c7fd506709d7232298859fe2b3daf374f29
02d38690754b5d99178d576fe6df6c1ca881a2bbd806a75c633c371fac0221da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 794a6d2df00fc15e8b4ed6ff4992525e
f8d67c7fd506709d7232298859fe2b3daf374f29
02d38690754b5d99178d576fe6df6c1ca881a2bbd806a75c633c371fac0221da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aba18505b9e6e5914b8c893e7591ed0a
b4ef5d7fdb926b89455b88d67e71250df0845cd6
25950defae95a9d6f4103ec20b14bef778904536b233c74dbd3fe5bd4ef3381e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25950DEFAE95A9D6F4103EC20B14BEF778904536B233C74DBD3FE5BD4EF3381E"
Last-Modified: Fri, 21 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 12:27:07 GMT
Date: Sat, 22 Oct 2022 06:27:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13133
Expires: Sat, 22 Oct 2022 10:06:00 GMT
Date: Sat, 22 Oct 2022 06:27:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4fce6f2d1de4e6f5c6847486e72f482d
3531c162cee2254842fe363f05d04118eb98957d
ed17096fc18f929cadd576ef51df2d3524cdce095624b35060f6e000167c95f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED17096FC18F929CADD576EF51DF2D3524CDCE095624B35060F6E000167C95F8"
Last-Modified: Wed, 19 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 12:27:07 GMT
Date: Sat, 22 Oct 2022 06:27:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc263c0f18e27e8b7f6b841c1e400069
06e91c12abd2c7182991312a4ca0a71c8c0b898d
98b8a8d1c1b279424ac967d0f6e333b5ba981450c3a5823695c5f4490f6d7330
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9534
x-amzn-requestid: ad6b6fb0-d36e-4aa4-abba-a931a040b0f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-czHZgoAMFX2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353111e-40f2629721fa12570aa1eb86;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:37:34 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CT7cukYC2rFTB2Je5RYw1qQBAzBSeb2sZMCdBNNCsZ346Lb89-Q_6Q==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:08:29 GMT
age: 29919
etag: "06e91c12abd2c7182991312a4ca0a71c8c0b898d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qZ8wiQp_Cnx6_fT-TrOCKmkrcpYHyhByOvYpgE9XWkA0VUGxjs6cSw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:06:06 GMT
age: 30062
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mq7h4TJkHKd-I9c01ao1yJ3izpJLRiMG_Sk3_e2pQDGCyunY2RlI3Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 30276
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97e9c05ece38dedeaa752c612029c78d
715f72710799f828e2c06932c33919d8f23844f5
29408c0bd34660a836f59a7abb61c7c2b1f864b31194787ddf4d178314184b96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8639
x-amzn-requestid: e598ff88-e152-4b9e-af16-aa30dcf452a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-m5HlMoAMFvjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353115f-7f17a59522afc40e64ac216d;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sGxdiTeIFErXZkMgV8fvRZINC3dtZ1kue349gMCvWptL_ZJvgGRWHA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:27 GMT
age: 30401
etag: "715f72710799f828e2c06932c33919d8f23844f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f7337c-5083-4ab6-8ca1-af76462469cb.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f7337c-5083-4ab6-8ca1-af76462469cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbd033382cf8e2a10252a9226655da87
b594145cd6bde0986fbdd4cf8d00f247662882fe
f4cc8aa9a6271e4a3ca944abece369520f17c437f73e20672d27dab3f368f26c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f7337c-5083-4ab6-8ca1-af76462469cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4699
x-amzn-requestid: 2a8f5f74-621b-4140-a9dd-76125fe9be84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV-2xGO2oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635244f7-487d97a351455cf2293cee5c;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:06:31 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hv6c7I1IVjkcXHqBqzIAi0bMizzVcbkEGyTAjP22jIwCbyP01Q3RtQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 07:14:00 GMT
age: 83588
etag: "b594145cd6bde0986fbdd4cf8d00f247662882fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ef386b42bd6b9efb747cfeb3d64fb7a
db63f62383d513348c1ef231ea4fb58d7e1e044e
988cb73f0fef893d2d65a66fad0b171350102f4496fa5ba22e415d5929373d0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10684
x-amzn-requestid: 643c8e7b-15e9-4241-8ba1-e3f4a4592373
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okE7AoAMFjDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-705159c619bc23880acd4d42;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CWLtJnrAc5b0j1aPGbuOaGuPRYzwNM0xGGP1muEwkPsih8c0iryoGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 30071
etag: "db63f62383d513348c1ef231ea4fb58d7e1e044e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4fce6f2d1de4e6f5c6847486e72f482d
3531c162cee2254842fe363f05d04118eb98957d
ed17096fc18f929cadd576ef51df2d3524cdce095624b35060f6e000167c95f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED17096FC18F929CADD576EF51DF2D3524CDCE095624B35060F6E000167C95F8"
Last-Modified: Wed, 19 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Sat, 22 Oct 2022 12:26:22 GMT
Date: Sat, 22 Oct 2022 06:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aba18505b9e6e5914b8c893e7591ed0a
b4ef5d7fdb926b89455b88d67e71250df0845cd6
25950defae95a9d6f4103ec20b14bef778904536b233c74dbd3fe5bd4ef3381e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25950DEFAE95A9D6F4103EC20B14BEF778904536B233C74DBD3FE5BD4EF3381E"
Last-Modified: Fri, 21 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Sat, 22 Oct 2022 12:26:55 GMT
Date: Sat, 22 Oct 2022 06:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aba18505b9e6e5914b8c893e7591ed0a
b4ef5d7fdb926b89455b88d67e71250df0845cd6
25950defae95a9d6f4103ec20b14bef778904536b233c74dbd3fe5bd4ef3381e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25950DEFAE95A9D6F4103EC20B14BEF778904536B233C74DBD3FE5BD4EF3381E"
Last-Modified: Fri, 21 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 12:27:08 GMT
Date: Sat, 22 Oct 2022 06:27:08 GMT
Connection: keep-alive
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=1.0
192.232.218.213200 OK 4.4 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=1.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26516)
Hash fdd462f58aee3f9349eabdefb5ca0b57
bb6e017d5537630516ccb98952593690a8c69864
ca51806fcedbe90dd613c4c28673af8693381806a5cb3b43dce2ea4f43e8b314
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=1.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4436
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/uploads/elementor/css/post-9.css?ver=1663437532
192.232.218.213200 OK 395 B URL HTTP/2 www.trackingafrica.net/wp-content/uploads/elementor/css/post-9.css?ver=1663437532
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1274), with no line terminators
Hash 0ded88ba23578521efab2d1feaea2b1b
7d8351c800018ec3d904576ba3c189733eb62f75
14becb20aa48f860712d279f84f37e1b5b37689ad674ee5e6dd06f4bc540ed2b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/uploads/elementor/css/post-9.css?ver=1663437532 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:58:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 395
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/css/slick-carousal.css?ver=6.0.3
192.232.218.213200 OK 2.5 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/css/slick-carousal.css?ver=6.0.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 4bae982647c21dda166a7153814ced38
6889070808889f76b1c24d5588fcedba719f1657
6bd7f2de33ae9aebc749f20206e3673bdce7e903d0eb8ce2ef65a76d2eaadea1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-carousel-for-elementor/css/slick-carousal.css?ver=6.0.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:57:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2485
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6
192.232.218.213200 OK 5.1 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash fb2c5b117dcdb66d7a6b6173bb1b8f8d
14c63b319a54fa9475a786da0a4995133677606f
3e9c67704130e98758c2dffe3600c8a2e690c9a89cbac41c4dbb654a303457e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/LayerSlider/static/layerslider/css/layerslider.css?ver=6.7.6 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Jul 2021 20:02:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5085
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.3
192.232.218.213200 OK 299 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 299
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/css/all.css?ver=6.0.3
192.232.218.213200 OK 623 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/css/all.css?ver=6.0.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (307)
Hash bd8992a5f4d5a4e5292ae9161b121baf
3611c5e8137f7cdcc9499496f2ceb0a26c4e70d6
0b1427c87e791c44662576e71ff5f684e8277b9eb67ff4df40bc078ce8c811b2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/css/all.css?ver=6.0.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:57:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 623
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
192.232.218.213200 OK 17 kB URL HTTP/2 www.trackingafrica.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 12 Jul 2022 21:36:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16594
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/uploads/elementor/css/post-584.css?ver=1663437533
192.232.218.213200 OK 381 B URL HTTP/2 www.trackingafrica.net/wp-content/uploads/elementor/css/post-584.css?ver=1663437533
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1640), with no line terminators
Hash 0c858818e20d6e2e1a4d800252f937b0
b9c2afefc64c897cef5582dd8e25b74ed4cd4ba4
8bc4229be2519785ab770fae5d1ac824eb42767fa59426c5429420c030ec640d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/elementor/css/post-584.css?ver=1663437533 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:58:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 381
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/uploads/elementor/css/post-14.css?ver=1663437533
192.232.218.213200 OK 2.1 kB URL HTTP/2 www.trackingafrica.net/wp-content/uploads/elementor/css/post-14.css?ver=1663437533
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6280)
Hash 241d5e56de7271e9f13b937893e67c78
2d3f006b422c3510382692dcf2fbc0ad561bbc7d
6771ddbc502a98e495d58c96aab4cd2760466641bd07cdb5e965801c6f21a4aa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/uploads/elementor/css/post-14.css?ver=1663437533 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:58:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2053
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/uploads/elementor/css/global.css?ver=1663437532
192.232.218.213200 OK 4.0 kB URL HTTP/2 www.trackingafrica.net/wp-content/uploads/elementor/css/global.css?ver=1663437532
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28319)
Hash 4d5f48477d381ba2f6d7fa56679ac45b
a906fd7c4cc59a73f77e645a08defa4f91291b2d
dfc53b8f7562fd91584e9c95bf84e471f228b282e5b07eb0dfd04ce50807c5f8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1663437532 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:58:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4020
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/uploads/master-slider/custom.css?ver=2.8
192.232.218.213200 OK 177 B URL HTTP/2 www.trackingafrica.net/wp-content/uploads/master-slider/custom.css?ver=2.8
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a8da736f1b83c203c7b388d3ffe5ba3f
6fa59697e85c2e0866275b7244e3fc926f57d4ee
2e77c9cd8ff5c55ac7f7bf6eed95be8e41d78790b7bfec7792904c83c161fd8e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/uploads/master-slider/custom.css?ver=2.8 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:57:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 177
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
192.232.218.213200 OK 308 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (491)
Hash 851fd514d412b7e854365f20a4227c8a
08bf47072f70af1816450cc85a5efb3b8f9114d2
a9449e3cc7c003e5ed6b93bae7b0bba3e4f1713c52214f41d3591692a759b9d7
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 308
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.232.218.213200 OK 4.6 kB URL HTTP/2 www.trackingafrica.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 18 Nov 2020 20:36:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
192.232.218.213200 OK 13 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12577
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
192.232.218.213200 OK 308 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 308
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
192.232.218.213200 OK 309 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 309
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
192.232.218.213200 OK 323 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b24c24b7da3ffeed6ae8ade102a4d317
c4445b3977ce704b927508108e100213eea67a3c
5421ad49b70f379553eaceec744d753e74d4b065966c08aa7c7dd949553ca9a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 323
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6
192.232.218.213200 OK 3.6 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (23514)
Hash 5a5e39ce4b39452f116eb0dc64a6f942
f83917e8fa5c8afdd8af5763c1580fe57b017eb4
b4e953166c1366edb908048019e3a48cbb69b76d2413941321864c481ebf442b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.transitions.js?ver=6.7.6 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Jul 2021 20:02:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3626
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=6.0.3
192.232.218.213200 OK 309 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=6.0.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=6.0.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 309
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/js/custom-tm.js?ver=6.0.3
192.232.218.213200 OK 544 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/js/custom-tm.js?ver=6.0.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 24e99bfb806904bbb5d960bf2dabcbd5
764c5291bfa6454b1635aeffa5325e4c40415005
da7bf93ed6d29763c10c2d04486ebf606a7a2e91233448a0b867dbc7ef14ab8e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-carousel-for-elementor/js/custom-tm.js?ver=6.0.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:57:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 544
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/vegas.min.css?ver=2.4.0
192.232.218.213200 OK 1.3 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/vegas.min.css?ver=2.4.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9460)
Hash c3080a9ba2ff056f6e0788b8c05f824c
02da59f5f0968092f6c69d09366ac1f807d6497f
5e8d41b0de0436dbd4af7efadf6d0a793f7049b19623dac26941ffe808a9f7bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/vegas.min.css?ver=2.4.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1288
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/animated-main.min.js?ver=1.0
192.232.218.213200 OK 770 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/animated-main.min.js?ver=1.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2267), with no line terminators
Hash 34fda3271a0ed85e2798d3d8b008326d
4134842f61d2487b01eccaccd2cf0ba6a9647df9
a751900d3b88adda23868e7141780497c3b418f096f82125fd48f441a125999f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/animated-main.min.js?ver=1.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 770
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6
192.232.218.213200 OK 2.3 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash b1aa8dffeb0e5cc114885d8380b049eb
50fb4980147661b85a802f2b933fa5ef7b21251b
eb91f6ee38baff1520a24b10c74caababb5263561c6b603294c379f4e952e037
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2313
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
192.232.218.213200 OK 12 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash e56098a703c5beb99abc9c3a870be594
76e54634e0628ab91310c760d619360151e26be1
0eb4438e57550f2c2a321d45a5cb1c92fb22d58f6dbcc9c189fc3bd1e4f78b8f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.13 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11654
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
192.232.218.213200 OK 4.0 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19233)
Hash 2701214b028ad24fa347df8335b36d12
156bc8a7ad2657f00881890637f07c6052636499
9a6e62615ceeec7a9763e4f9614e4715d04fd87873b23db2b3ead06c996cad27
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4008
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
192.232.218.213200 OK 3.7 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3747
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1
192.232.218.213200 OK 16 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 702c9616ffa9b019c09c6fba10e1e7d6
7ed782b7abc1b3059d5b255f45f04ceace8ed220
6729f453adf8f5c598a67bf26a962952fa930128369af0dca7a360a1cfa97837
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.8.1 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:56:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16025
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
192.232.218.213200 OK 8.2 kB URL HTTP/2 www.trackingafrica.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash a0a1c8194f131320e1798f90a7b1262a
3346d35be1f2e4886f19e7fcc0cc96ee4753d9ed
7f618ab13cec0933ec2c61fa2b580ad77ca41522028649677494219fa9ce56db
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 24 May 2022 21:33:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8169
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/vegas.min.js?ver=2.4.0
192.232.218.213200 OK 3.6 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/vegas.min.js?ver=2.4.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9875)
Hash dd9a52d498b00d7e2619bcb4a58cb0b6
32b945863f58b7f77cc466f3f51885004caa89d3
48b3b2278ce7d11f7bce1ddc1506c5e58c95979c83b634a4967025754f496215
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/vegas.min.js?ver=2.4.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3638
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=1.0
192.232.218.213200 OK 4.4 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=1.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14869)
Hash 7bab7ad64ffbd7846dd6819250b93e2e
c924918d540389aff62220088b6761f38a5da272
045250efe67364c953a91f6a60cf407ebb5cfdb2da04e84c3d98e5bab5eca9ba
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=1.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4359
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1.0
192.232.218.213200 OK 13 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59158)
Hash e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=1.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12862
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
192.232.218.213200 OK 5.3 kB URL HTTP/2 www.trackingafrica.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 24 May 2022 21:33:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13
192.232.218.213200 OK 6.4 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1a7cae61a8acbbcbd0eee38e317f0252
9234b65965a461535a05fc527c9ab420d13e5da0
54e1cad5404f393f2edf04a7c90a79acdec2eeaae6d7cf167701f952dc8d7e9b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6389
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/particles.min.js?ver=2.0.0
192.232.218.213200 OK 7.4 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/particles.min.js?ver=2.0.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (22712), with no line terminators
Hash 8352a3d3b3bda8a73843dbdb1e9fbacf
4115f92acadf12e89ce8efcb8a95c730eccfd561
68449c906aa693fc2efbff2a6a360397e5bc5779b63ac50d8804721a4d07c262
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/particles.min.js?ver=2.0.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7376
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/magnific.min.js?ver=1.1.0
192.232.218.213200 OK 9.0 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/magnific.min.js?ver=1.1.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19887), with no line terminators
Hash b3700f97137ef4f947ce69e85d96d94b
892ceacd51800abdeead22e5cefb78af8e7ddfc5
00d112efb6b6dbe046b87d996aa4337b0bb12717b37679a904a167390f82cc83
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/magnific.min.js?ver=1.1.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9000
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/themes/twentytwenty/assets/js/index.js?ver=2.0
192.232.218.213200 OK 9.1 kB URL HTTP/2 www.trackingafrica.net/wp-content/themes/twentytwenty/assets/js/index.js?ver=2.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2467a38ae4f0dbdd955f2c479874a3ba
14fb820245a28bc8ebd233b4e13c2f93b2dfa31f
756e12a09ec49849cd8ed87df1204642cbaffbe115fda7d83e661efd0f109074
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/twentytwenty/assets/js/index.js?ver=2.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:51:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9092
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/eae.min.js?ver=1.11.15
192.232.218.213200 OK 13 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/eae.min.js?ver=1.11.15
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45481), with no line terminators
Hash 446bc3a2c17e693842d80b8c20cef271
2537aad5adf6ebe63e62bea61448db92fc9df820
7d1c621794152b195004ed7bb455da6cbe8801fcaa4cdf7b1169f6e181d36d4e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/eae.min.js?ver=1.11.15 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12778
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6
192.232.218.213200 OK 13 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 1ea3b142a2cfb959f7d8888bda8b814c
90808c045a76bbd97ec35d0d922486cb75441d8e
0d20ffb7ead5466ae8c403979b92fb3845b74e4fbd688db04146a6ed76f574d9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13281
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6
192.232.218.213200 OK 16 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40474)
Hash 71e3344c64c07e805cfb44c4903cde26
d2fd0152311bd1bf8d4618876bd3251a38821465
6e0dc5336339cd40405097e3619c6e2eda0c3df61c394c81dd0cebe1388d1a9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16152
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/gtranslate/flags/24/fr.png
192.232.218.213200 OK 637 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/gtranslate/flags/24/fr.png
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 930f08c6829077e96cf25d58f26bd6d3
0dfa244548435053bbebd2ed5914e2785f0f3dc3
594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/gtranslate/flags/24/fr.png HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:56 GMT
accept-ranges: bytes
content-length: 637
content-type: image/png
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/gtranslate/flags/24/ar.png
192.232.218.213200 OK 1.5 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/gtranslate/flags/24/ar.png
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7fec8a94e0af73b8647803e1ff9887be
aca14e7523e0bff0a9399a0998b49387d636da9e
f093a618390e4ef10ee984262dd3334074536f565eb0ecf6cbd0939597073b3d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/gtranslate/flags/24/ar.png HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:56 GMT
accept-ranges: bytes
content-length: 1480
content-type: image/png
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/gtranslate/flags/24/en.png
192.232.218.213200 OK 1.8 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/gtranslate/flags/24/en.png
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ec7233b5c80e5db85f7733b2ec25203f
d4c36fff06dc7d920b10eb13b58ea9cd9321b430
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/gtranslate/flags/24/en.png HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:56 GMT
accept-ranges: bytes
content-length: 1767
content-type: image/png
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/uploads/2021/04/logo-150x67-1.jpg
192.232.218.213200 OK 21 kB URL HTTP/2 www.trackingafrica.net/wp-content/uploads/2021/04/logo-150x67-1.jpg
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Macintosh), datetime=2018:07:25 14:50:12], progressive, precision 8, 150x67, components 3\012- data
Hash 61cd1b928d17c1447c007dccc55dad63
d8844ff9f59673f7f41a0895ed004254fce3c250
3b35dc997bbca423007aa491a2291a4395d8e751b590872e3f45d60a86b62a58
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2021/04/logo-150x67-1.jpg HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.trackingafrica.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 28 Apr 2021 09:43:04 GMT
accept-ranges: bytes
content-length: 21392
content-type: image/jpeg
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 14:07:32 GMT
expires: Thu, 19 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 231577
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/js/slick.js?ver=6.0.3
192.232.218.213200 OK 38 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/js/slick.js?ver=6.0.3
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f541c46758a0f52ba6d21a3488b0fd45
3012b897c8b0bd8ed2bcb979e499a70d75dd3d80
d9906c6e9607dd40036798cb8380f8f096f368aa204e76f3ba282e5734fdd24f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-carousel-for-elementor/js/slick.js?ver=6.0.3 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:57:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:40:23 GMT
expires: Thu, 19 Oct 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 211606
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 211981
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/antic/v19/TuGfUVB8XY5DRZZMq9k.woff2
216.58.207.195200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/antic/v19/TuGfUVB8XY5DRZZMq9k.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13600, version 1.0\012- data
Hash c2572d29a57a5601cb5a63554cc95079
71faad9352e35494321327bafcb04afb2c616e62
0176504491001ceef8c408e33132b91158574bd334890561f8ccc8080ec6f48f
GET /s/antic/v19/TuGfUVB8XY5DRZZMq9k.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:59:12 GMT
expires: Thu, 19 Oct 2023 19:59:12 GMT
cache-control: public, max-age=31536000
age: 210477
last-modified: Tue, 19 Apr 2022 19:32:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 06:27:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
192.232.218.213200 OK 77 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
content-length: 76764
content-type: font/woff2
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
192.232.218.213200 OK 78 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
content-length: 78196
content-type: font/woff2
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
192.232.218.213200 OK 224 kB URL HTTP/2 www.trackingafrica.net/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 223892, version 1.0\012- data
Size 224 kB (223892 bytes)
Hash 2f136faf2d0ef6368898d1a515ab707c
81dbe45ccd7fae3a0a298c5c166b4317c985f538
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:51:41 GMT
accept-ranges: bytes
content-length: 223892
content-type: font/woff2
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/themes/twentytwenty/print.css?ver=2.0
192.232.218.213200 OK 1.0 kB URL HTTP/2 www.trackingafrica.net/wp-content/themes/twentytwenty/print.css?ver=2.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 9a55a3719720b54c29db552082e264e4
26f71c474c79204894d71285f30ca0c31bdedf55
b28eabdaf9788ff5920bacb747677671597f7931c2d1317be9507c3189b91434
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/twentytwenty/print.css?ver=2.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:51:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1044
content-type: text/css
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/uploads/2021/04/home-igeotek-web-3.png
192.232.218.213200 OK 380 kB URL HTTP/2 www.trackingafrica.net/wp-content/uploads/2021/04/home-igeotek-web-3.png
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 600 x 651, 8-bit/color RGBA, non-interlaced\012- data
Size 380 kB (380207 bytes)
Hash fd520f733971fdfc074e5bdebf0c96f0
5dd4677f8d566de10f9536cc6cd8761f22921da8
0b40d01eede5281e03cc3fbf7964f234c19accae475357b72bcc43a3aa43ca23
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2021/04/home-igeotek-web-3.png HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.trackingafrica.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 28 Apr 2021 16:36:21 GMT
accept-ranges: bytes
content-length: 380207
content-type: image/png
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6
192.232.218.213200 OK 141 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 141 kB (140698 bytes)
Hash c65ea1dcdd4f61edc7d01b915d327530
1ce80efd7d717846288a41e5b5b985efe6725e0b
20cf97399101faf6af21711db27b77b2866d028833ef297c64f3c3f33c68e116
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/LayerSlider/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.7.6 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Jul 2021 20:02:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.46200 OK 27 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.46:0
File type ASCII text, with very long lines (560)
Hash f86a1b1d0fd6fcb5882ab1d6974667bd
cf9db759d775f26020036db08680f39dcfb76296
6e65059101b7b2292e5ffaba14a0501f3ca43c39c49ab3e14e4398ec880711e8
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 22 Oct 2022 06:27:07 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+680; expires=Mon, 21-Oct-2024 06:27:07 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf
192.232.218.213200 OK 140 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 13 tables, 1st "FFTM", 2037 names, language 0xab5, type 19061 string\012- data
Size 140 kB (140371 bytes)
Hash da49939c08667053721345320e76fafc
98561e9aa9a59558c80921977dfb9f117fb2532e
b95f34a77ffc03153404af687b463739417078c0393ce206d97a6bc43a8cfa9c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
content-type: font/ttf
content-length: 134040
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
x-server-cache: true
x-proxy-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
216.58.207.234200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 216.58.207.234:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.trackingafrica.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 22 Oct 2022 06:27:09 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Sat, 22 Oct 2022 06:27:09 GMT
set-cookie: NID=511=Yxd29HXQlKwOuB0NpL-0kcxtSBlSbIpABW8nbnqjVb16_99wxgPszy9AszR6OW11cdc6Qjnc_bp0nBN9Knh4ZTxIjL-N0YLKk0OMZ8viymqJyUPXXalSL_JtplQiftpEtP4HOiD79P_DVJFA_zpNpMuSMNO-jZcXmwabMxqSDvY; expires=Sun, 23-Apr-2023 06:27:09 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+859; expires=Mon, 21-Oct-2024 06:27:09 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff
192.232.218.213200 OK 131 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 101652, version 331.-31261\012- data
Size 131 kB (130714 bytes)
Hash f534de20c0536ba368b21ee1aba819fa
37ef2d9a97c2f93bddd1932572009e7a114d006b
11c795147430aba7ad45dbdaaead1fe0d5a85a9a617b879343012774c97456eb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
content-length: 101652
content-type: font/woff
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff
192.232.218.213206 Partial Content 69 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d709e67093df6a940449c22cfb305b89
6717adc66541cc1b7e59e7090cb0a10117975f91
5eb0e3edc9d0b204ad866aab6a076cf1e8bd2185174f8846c0e2f8ddcf6f8d21
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=32750-
If-Range: Sat, 17 Sep 2022 17:54:56 GMT
TE: trailers
HTTP/2 206 Partial Content
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
content-length: 68902
content-range: bytes 32750-101651/101652
content-type: font/woff
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/favicon.ico
192.232.218.213200 OK 2.8 kB URL HTTP/2 www.trackingafrica.net/favicon.ico
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 2 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 8 bits/pixel, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 8 bits/pixel\012- data
Hash dabe9ce5581670f84e89a789a78d09b8
1662f23ff5553364505a29cac571102cf370fc85
04ec9ba779be752a6480758574feae350370480887bc7fe52fd968519cf27208
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 06:27:09 GMT
server: Apache
content-type: image/x-icon
content-length: 2780
last-modified: Thu, 24 Oct 2019 09:24:03 GMT
cache-control: max-age=31536000
expires: Sun, 22 Jan 2023 03:02:49 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf
192.232.218.213206 Partial Content 113 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 113 kB (112965 bytes)
Hash 45e3e4139c8fc29bfef97deda8607ab3
40cf6de584df23f050c6e6ad3b7671e8e8ffc958
a50371eb925067dd221ab9d5ace9386e1c171b3c6666b05abead4fda78c7ff37
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=89779-
If-Range: Sat, 17 Sep 2022 17:54:56 GMT
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 22 Oct 2022 06:27:10 GMT
server: Apache
content-type: font/ttf
content-length: 112965
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
x-server-cache: true
x-proxy-cache: HIT
content-range: bytes 89779-202743/202744
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf
192.232.218.213206 Partial Content 101 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MPEG sequence, H.264 video @ L 35\012- a.out big-endian 32-bit executable not stripped\012- Plan 9 executable, Motorola 68k\012- data
Size 101 kB (101290 bytes)
Hash e3e356839b40c2de86a5d27b7db2616e
e81fdd5164944d17b6c190020addd61382071b8e
6230a0caa5492cc8dfe0e7f3cc9f9309942c9218a242e1c7e9bf4852629b7381
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.ttf HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=32750-
If-Range: Sat, 17 Sep 2022 17:54:56 GMT
TE: trailers
HTTP/2 206 Partial Content
date: Sat, 22 Oct 2022 06:27:10 GMT
server: Apache
content-type: font/ttf
content-length: 101290
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
x-server-cache: true
x-proxy-cache: HIT
content-range: bytes 32750-134039/134040
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.163200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.trackingafrica.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 04:18:55 GMT
expires: Sun, 22 Oct 2023 04:18:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 7695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.163200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.163:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.trackingafrica.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 19:41:08 GMT
expires: Sat, 21 Oct 2023 19:41:08 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 38762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 06:10:48 GMT
expires: Sun, 22 Oct 2023 06:10:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/webfonts/fa-solid-900.woff2
192.232.218.213200 OK 74 kB URL HTTP/2 www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/webfonts/fa-solid-900.woff2
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76084, version 330.-16253\012- data
Hash b5408e9ff2b88306bf47ac137162a0db
d3b0b65f7ab8c9a4fd99c1a78458f55929314662
61d3772bb93b559551c35e84743169db2bd5d37bf64c390929447d5d8fd42a99
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:57:13 GMT
accept-ranges: bytes
content-length: 76084
content-type: font/woff2
date: Sat, 22 Oct 2022 06:27:10 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/webfonts/fa-solid-900.ttf
192.232.218.213200 OK 0 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/webfonts/fa-solid-900.ttf
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-carousel-for-elementor/css/font-awesome/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.trackingafrica.net
Connection: keep-alive
Referer: https://www.trackingafrica.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 06:27:11 GMT
server: Apache
content-type: font/ttf
content-length: 193780
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:57:13 GMT
x-server-cache: true
x-proxy-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.232.218.213200 OK 0 B URL HTTP/2 www.trackingafrica.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Jul 2021 08:32:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/themes/twentytwenty/style.css?ver=2.0
192.232.218.213200 OK 0 B URL HTTP/2 www.trackingafrica.net/wp-content/themes/twentytwenty/style.css?ver=2.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/twentytwenty/style.css?ver=2.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:51:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/css/eae.min.css?ver=1.11.15
192.232.218.213200 OK 0 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/css/eae.min.css?ver=1.11.15
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/addon-elements-for-elementor-page-builder/assets/css/eae.min.css?ver=1.11.15 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:55:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAntic%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAntic%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAntic%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.trackingafrica.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 06:27:07 GMT
date: Sat, 22 Oct 2022 06:27:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.6
192.232.218.213200 OK 0 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.6
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.6 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 17 Sep 2022 17:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.trackingafrica.net/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
192.232.218.213200 OK 0 B URL HTTP/2 www.trackingafrica.net/wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0
IP 192.232.218.213:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/LayerSlider/static/layerslider/js/greensock.js?ver=1.19.0 HTTP/1.1
Host: www.trackingafrica.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.trackingafrica.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Jul 2021 20:02:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 22 Oct 2022 06:27:08 GMT
server: Apache
X-Firefox-Spdy: h2