track4face.com/
85.214.167.154301 Moved Permanently 295 B IP 85.214.167.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f306d8b9b3d70ada88fb2d986c8cd95f
0d7e100cf414bb211a8569bf6ce20a0688f059d0
c739d2adeee0d898a9696e597639306d9d546fd76e8ae3fd95cd1796461a8313
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 01:14:08 GMT
Server: Apache
Location: https://track4face.com/
Content-Length: 295
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15997
Expires: Sat, 04 Feb 2023 05:40:46 GMT
Date: Sat, 04 Feb 2023 01:14:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9060
Expires: Sat, 04 Feb 2023 03:45:09 GMT
Date: Sat, 04 Feb 2023 01:14:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 00:43:35 GMT
content-type: application/json
age: 1834
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12444
Expires: Sat, 04 Feb 2023 04:41:33 GMT
Date: Sat, 04 Feb 2023 01:14:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cjGTIgEU453E1SLPFU9uDCSQiURld+BhwFtxCYMOYBmzSpIpzsIjN07vZTWWNYXPm2KLHZKTk/M=
x-amz-request-id: SNNJAVMTQ6BJ7205
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 00:23:47 GMT
age: 3022
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:14:09 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9e121f5654efb9ccc06bdbe6ed660df9
c3375fb32519d548a16157df943d40a8c7b00b80
ac90356b964988c8e2f90eed6a37a02b4b1f04b5930deae7b8bd28f5b8704d46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC90356B964988C8E2F90EED6A37A02B4B1F04B5930DEAE7B8BD28F5B8704D46"
Last-Modified: Thu, 02 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Sat, 04 Feb 2023 07:13:15 GMT
Date: Sat, 04 Feb 2023 01:14:09 GMT
Connection: keep-alive
track4face.com/
85.214.167.154200 OK 16 kB IP 85.214.167.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2788), with CRLF, LF line terminators
Hash 88b691d5cd5ff65389b844aed2fb60f5
a35617e2d19520c600ac900f627bd39f8f5d2e7f
d6fc09d80eabf94e26f96ccad18908df750b24d3b09fa4f88643234f121ed602
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Wed, 25 Jan 2023 07:43:12 GMT
ETag: "13925-5f311c8d15cda-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 15993
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 01:07:19 GMT
age: 410
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
track4face.com/wp-includes/css/dashicons.min.css?ver=6.0.3
85.214.167.154200 OK 36 kB URL HTTP/1.1 track4face.com/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (58981)
Hash 00492d322e5572c7abc3e8701b6c52c1
0802ac2c8280ce7c98af881b1d49ec682acbf314
8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "e688-5e41d9997db23-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 35730
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (12784), with no line terminators
Hash 079ec719b83eb7ccd0a797522f932e1c
ac7d7878d6194d8d24d3a3caead247eddbb6c2d2
97375050dbf77b0b5d4d5d5332a8e3ecbb53c14c946fea69aea118b1b23cf81d
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/elusive.min.css?ver=2.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "31f0-5ee3909a78f98-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2355
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
85.214.167.154200 OK 995 B URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 85.214.167.154:0
Hash a81b8fb4af6a0bfef4d8fb610b7e3fd2
54ac8812d0ee99a38e33f734f34179a77e95e547
6a391fc773bce731189bf93ecf097629718030c411493a92842b12939bee8479
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2023 15:49:10 GMT
ETag: "af3-5f32cb09e7f2d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 995
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0
85.214.167.154200 OK 3.5 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (17306), with no line terminators
Hash fb72d808bd2724524dd9363774e5a9b0
05b7012b31b69c6074f6dfc19ac47ec1df5458fb
1e7c2c7e02ee5502ea741c96e9ebc264560394e28ac3d0b686bbe8b6748eb34d
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/foundation-icons.min.css?ver=3.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "439a-5ee3909a7a320-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3450
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2
85.214.167.154200 OK 351 B URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (815), with no line terminators
Hash a13956f69577ca337f027c988424cfed
13fd1d4c866969bce2032e04997819f869b646fd
2b035611bb4e8f78229b53d6ee08081a3e264549778c39c4c153deb74c98a794
GET /wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:05 GMT
ETag: "32f-5ee3909a6244f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 351
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3
85.214.167.154200 OK 124 B URL HTTP/1.1 track4face.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with CRLF, CR line terminators
Hash 893dd4d34591cb544851b5a41747cdfd
e8585a3187cfaa2288f0cb48e5696929306b7615
1de5e3983dd9d63c6d92bc1543a4ae8978b38fbaa8d79fbbc2035c62a68cd7cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 06:54:08 GMT
ETag: "13c-5e71f6174a371-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 124
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
85.214.167.154200 OK 21 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (65317)
Hash 88e86ee445f68f6886c681359e37ab99
f8dd93c67bee8aeca28eb8a7aa641891154a6082
3a36c188775116edca6f0dcfbeec0f04081109b20aad3ee0f15a142feaf01e86
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/menu-icons/css/fontawesome/css/all.min.css?ver=5.15.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:05 GMT
ETag: "18d4d-5ee3909a5e1e7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 20747
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6
85.214.167.154200 OK 817 B URL HTTP/1.1 track4face.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6
IP 85.214.167.154:0
Hash acb1ca96c3af9a9dadfff5495182ab8d
5ea2bd06354f3b03ca74f28a4ea98b13ad600985
89dedebaac821c638da0e023753c5a2ce5852a9f472c876e40313e7ebeeae5cb
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.3.6 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 06:46:56 GMT
ETag: "a6b-5e7e872173791-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 817
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4
85.214.167.154200 OK 16 kB URL HTTP/1.1 track4face.com/wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (26678), with no line terminators
Hash 96f047f2d846f2ed046432a3db5efd25
8ffc1540379ba3303d4175a33bdd368f4b66c014
a8c14a2183c5ae62eacf0eb3dd49b516826624c19059e6b6654ecb383abc2484
GET /wp-content/plugins/menu-icons/vendor/codeinwp/icon-picker/css/types/genericons.min.css?ver=3.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Thu, 24 Nov 2022 15:27:06 GMT
ETag: "6836-5ee3909a7b2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16083
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
85.214.167.154200 OK 713 B URL HTTP/1.1 track4face.com/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (2723), with no line terminators
Hash 7e67979bdd7b91ff88c5113cd3db186e
1ef16fddac63946359c3d47b46d1985c3961ea26
10f99207a897bca4be545b3a4a330907e90e0dc49326c774946393ed4adcd83c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 08:32:23 GMT
ETag: "aa3-5e9e0d54b2cc3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
85.214.167.154200 OK 13 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash b519a21e842ed2a5ef25dd4e672f2b07
6ef5ae70007332f52e98a2b6075e019f663cf45e
ce51ceb46e7bc646f8212ed1f8a0089f5e3abc5236d0e323749e575b41ad27f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "ea95-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12635
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
85.214.167.154200 OK 324 B URL HTTP/1.1 track4face.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (1463)
Hash 003e878cbefe183c4b539589b1b7c197
21a119cd156b0b458e042fc4b1e1d446f65e5c6c
335231715a0685b94d368e9201e549fe894fb579971483994a2d02966e39ef8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:58 GMT
ETag: "5b8-5b5c72a65fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 324
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
85.214.167.154200 OK 11 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 421e33e62e4ea1b59a2e7529e6ddc298
78687bb8e27bb5426aef6b39e80e8f68186cb503
ab4f6fab4c03192f5ff3ebefd22ec1991992fe8a457a9f33aedb8860fb0facef
GET /wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "10497-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10860
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css
85.214.167.154200 OK 7.1 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/themes/ave/assets/vendors/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "7918-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7053
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
85.214.167.154200 OK 46 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (65358)
Hash 2fe906250b403a8535d316cdf1e8a808
7b84d27dd294fe145beec5801fc2d8d5a00d611b
655f96cc6f8ea662c046fd64382639c7a9b5c9a936645beb200653b4880e51e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "76828-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 45790
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
85.214.167.154200 OK 4.9 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (22932)
Hash d62df1ab27a8942df10213d55213d8a0
3ee31e22b08ab52c7d8686e25ad7a9c014ffdcbe
680153ad00086a5c9ade347df9abe6ab564f77b43300e61ebe9a829bf09a03d8
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "5f4f-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4873
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
85.214.167.154200 OK 10 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (56219)
Hash c382473eaa9b8fa36e1c7ed1fa5e6297
f35a8506e5a9b332969d9e38b22bed137b9a3682
732d8e0451539ca235c19ad8aa4ee5d32522726e50d0ea60620a78742f68908b
GET /wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "ddcb-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10449
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
85.214.167.154200 OK 5.8 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
IP 85.214.167.154:0
File type ASCII text, with CRLF line terminators
Hash 364348532497274e79e5f445baffcdc2
b96f882564d89d5b915236bc8261544ad73e8272
5062be02a19036880c15eef6c91c7967c529c2ca0c77eca6752a52ca44ed69be
GET /wp-content/themes/ave/assets/vendors/fresco/css/fresco.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "9013-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5792
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1674632591&ver=6.0.3
85.214.167.154200 OK 9.7 kB URL HTTP/1.1 track4face.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1674632591&ver=6.0.3
IP 85.214.167.154:0
Hash 6d08df2cffbd8a1d3c79eacad2194b0d
e8e721fcdc6a3ec2a47f69a440232c638b3071f8
839e103f25b4174a797aff447275d30683fb0c19de668f5bdfacf367bf6a0fdd
GET /wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1674632591&ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2023 18:46:19 GMT
ETag: "145fd-5f32f2a1f7d81-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 9724
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/style.css
85.214.167.154200 OK 939 B URL HTTP/1.1 track4face.com/wp-content/themes/ave/style.css
IP 85.214.167.154:0
Hash 01809d5540603f71d7b6636ee0444a46
849a952ee2cd4786d3af6595c9b882901d1825c7
3e73f3793c2f2fc50e142c447106b465a3cdca52f7caadc51b16c2181aaf23ff
GET /wp-content/themes/ave/style.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "a73-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 939
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
85.214.167.154200 OK 1.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (3324)
Hash 68701206290364f6fa17cf3091c0b0a5
2f0f35c59b9b7cfd42d0cc6295cca0b514d1e98c
5f72c1c862a81b47765b2c6ad27e9172413c626e4aa459a3b51037b00a255e20
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "d37-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1016
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/themes/ave/assets/css/theme.min.css
85.214.167.154200 OK 63 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/css/theme.min.css
IP 85.214.167.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7609aff32f25e19a4264ad454d538ef4
9de492b94f339a2cecd1e66fc2766996d3fea3c0
cf2074cb0d74ee812a44497d909fabf9eb2202a74df9e680fc2d732123f6b6b3
GET /wp-content/themes/ave/assets/css/theme.min.css HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "5e624-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 62968
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
85.214.167.154200 OK 4.2 kB URL HTTP/1.1 track4face.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "2bd8-5e41d999af035-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4169
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (5404)
Hash 44b792c238f3501d1b4b963ac9623d8c
7764cc96ca92912d26a43d8fa6da50a18d774e2f
2df606867783ce8f7233a310f998ad891f0c1ab06e776c9077ea362c482c027c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/modernizr.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "15ce-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2446
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
85.214.167.154200 OK 31 kB URL HTTP/1.1 track4face.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 85.214.167.154:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:09 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "15db1-5e41d999b07a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 30908
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/inline.js?ver=1.0
85.214.167.154200 OK 0 B URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/inline.js?ver=1.0
IP 85.214.167.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/inline.js?ver=1.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "0-5bae40f62db40"
Accept-Ranges: bytes
Content-Length: 0
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
85.214.167.154200 OK 45 kB URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
IP 85.214.167.154:0
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 093bc5236e1d2dac0687190591816376
a00cc34c822166c88d68744f65fb4274ab5509da
821f75e48e46128443a39eb58aba687be440465b600424fa3bf5fb2cffe166ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "1d25a-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 45119
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3
85.214.167.154200 OK 892 B URL HTTP/1.1 track4face.com/wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (2025), with no line terminators
Hash 1851a6fcd8f93b31aec2b9385c08b1dc
82af3ef16e19130490ee48af2c73be8401a0531e
795e34433e30791c3c3e97c1db060d467bac103ef78c5ecad17e25f360787e6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/shortcodes/blog/script.min.js?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:58 GMT
ETag: "7e9-5b5c72a65fe80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 892
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
85.214.167.154200 OK 5.0 kB URL HTTP/1.1 track4face.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 85.214.167.154:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "48b9-5e41d999c9616-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5009
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2
85.214.167.154200 OK 4.3 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (34217)
Hash ff23202f1227d35b13635501c86b2156
31c5de356f90da7a53468ef8ed0a9237cdaa67ce
c4b5a8cbcaef7b3a6d4d2f1a3d68cfac3a2ccb7fbfcd7ae212bf2c39fc85ed42
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "865f-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4260
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
85.214.167.154200 OK 3.0 kB URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 20d191fbcefaf143ff6d9f0234b3afd4
85c302c0f4d2393bd1c3fb724a03741a14860b3a
0398c654fccf925b52ce33037cf350414bc27efc9da7db916ee7dbe646541f7a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2023 15:49:10 GMT
ETag: "2945-5f32cb09ea256-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3040
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
85.214.167.154200 OK 12 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (56243)
Hash 56ff26e4540fe0eb470200be12da9539
e55c1cf13307417eb0721280047dfe0a7e870752
41bd8b382a880ae6ec59d84506d7b5ba03c23eb9dd5b4044eb8f50e182fb39f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "dc69-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12251
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
track4face.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
85.214.167.154200 OK 4.1 kB URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 85.214.167.154:0
File type HTML document, ASCII text, with very long lines (12761), with no line terminators
Hash 08d54a01c1e30726b24a1232b1342a35
e18007fdfdb7cd4f395894d75c952a99f6928628
3aae006ed148ced5daa1e75e7a23918d7b566b8d77b070a14df6ad546f689877
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2023 15:49:10 GMT
ETag: "31d9-5f32cb09e7375-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4141
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
85.214.167.154200 OK 1.6 kB URL HTTP/1.1 track4face.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
IP 85.214.167.154:0
Hash 62c642c72a7a6f14e1537dbf13c38fc3
e34220a94267a2ba69e2eb20570cd51e92dc1ef6
f41feba544c18f3faa2ec91a3edcb553ec456530791f2d827ec6afb4fc578202
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Fri, 26 Aug 2022 06:54:08 GMT
ETag: "1f8a-5e71f617493d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1617
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
85.214.167.154200 OK 2.5 kB URL HTTP/1.1 track4face.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 85.214.167.154:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "194b-5e41d999a9e2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2457
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
85.214.167.154200 OK 7.1 kB URL HTTP/1.1 track4face.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "4ac6-5e41d999abd6c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7095
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2
85.214.167.154200 OK 507 B URL HTTP/1.1 track4face.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (999), with no line terminators
Hash 22f32f77e17fa7640cda0a401c2b0844
019765feeed7ea2a9e9e506ce000978ea3ecd171
269c0f075ceb9464731b25afc21ae41536b76ef76bf0cf856c42e3e6311ec6ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2023 15:49:10 GMT
ETag: "3e7-5f32cb09d6dbd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 507
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
85.214.167.154200 OK 2.9 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6485)
Hash d74b132d612e4d48644b3d2e94126668
0f14ca438d1caac87cfdc815b8ac941c740e24dd
7228b214ba7d6c784c6b0b6486ed5afc6c393f48ae1eb47bcb57463613dd6622
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "19c9-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2895
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842
85.214.167.154200 OK 3.1 kB URL HTTP/1.1 track4face.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842
IP 85.214.167.154:0
Hash ad314d2db2c48594aa8b09710bc3079d
1950b9c4c3340bbbaa98f46356f97022168fc90d
7f8ff5c122f2e7541f68a7cdb54b120a4d2ee50206a26df7be33a1c71ad640e0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669951842 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Fri, 02 Dec 2022 03:30:42 GMT
ETag: "29ed-5eecff66493df-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3086
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
85.214.167.154200 OK 5.8 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
IP 85.214.167.154:0
File type ASCII text, with very long lines (20420)
Hash e8be176bc921ba9b9fc61c8e772eda55
aaad6760bd966f8883fd3f6447bc1d417ae22dda
91a255f6e4a1a0442206789b2cb71b3b4c834653f3e6bddb57624db4ff6a5c78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "509f-5b5c72a7540c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5825
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Sat, 04 Feb 2023 03:56:16 GMT
Date: Sat, 04 Feb 2023 01:14:10 GMT
Connection: keep-alive
track4face.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
85.214.167.154200 OK 3.7 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (8499)
Hash 2ef06a44f7748a6a0fb05f14c2aa7b5c
c0fe4fa5f090985eb554496d71cc9bf430ef1569
42670d6e73486f23491d99917a5ffd19b1ca73aca1018e792cb54b17ae352112
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "232c-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3743
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/vivus.min.js
85.214.167.154200 OK 4.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/vivus.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (11871)
Hash 1eb4007fcae41795efce53b86dbc528a
48ad1996d9771e06a9c0f629a57960b2e030acde
23382c89a808ca1a932966faabdbde13ef681fccc35fcc9dd50cfee8176c5a88
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/vivus.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "2ef6-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3975
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
85.214.167.154200 OK 1.8 kB URL HTTP/1.1 track4face.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 85.214.167.154:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 19 Jul 2022 00:31:05 GMT
ETag: "15fd-5e41d999ac924-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1834
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
85.214.167.154200 OK 7.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (26402)
Hash 16e18d529c46ab688020513c4ba84520
67374012c1416073e0ee4fdbb13dcb2fec2a7aca
a0d132048e8963e669e7a27c4a20fe999945954fa74253ecc3364d622e44391a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "68af-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7224
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
85.214.167.154200 OK 2.6 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6765)
Hash 3b5b72390b2ee4f25583c53ca4cfc91c
28050a0d22ec4d857182fd8c79bcffaaa0236473
db670df9389dffa7acc4a05cc3941874204dc4996f14aa2cbb1e06c0dc715e0f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/intersection-observer.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "1cd8-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2641
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/anime.min.js
85.214.167.154200 OK 7.0 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/anime.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (17169)
Hash 6b775f5a553f15b26598a3a7a4681f38
d2e2e17783d72a4d25d475ae8deba7192598bcbe
388357780250aec928ffe5141bcd26f0fe0c457844c5765573ec0eb11f78d122
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/anime.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4378-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6976
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
85.214.167.154200 OK 6.1 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (17329)
Hash df0a3fe3812df69e308b78d09c259b38
6d4d38af412d5ba2a2c65392b608fb77469f94d3
9ecad2704bf1341e76d4e8e285c63fc7e7b302117caa66f3dd665be7038dd400
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4416-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6060
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
85.214.167.154200 OK 2.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
IP 85.214.167.154:0
File type Unicode text, UTF-8 text, with very long lines (1031)
Hash 6571b1c666b4a16227a30c90297202d2
8f0944bab38c3010140fae08923b594201908447
22e9cfa85e0c34d752c7168a80175f4c37c84fa92ebd95367715c4badddd390f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fontfaceobserver.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "16fc-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2200
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
85.214.167.154200 OK 2.4 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (6342)
Hash a1868686d0085f8ac4924a4d0c23fc9d
47d46ea30f131aeb0872eb088a4bc6667c5a2457
e7db67a7207a0f24ee95bd6bda57cd83bc0dec71dbfa970972efb66cd4ed115c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lazyload.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "18c7-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2387
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 8e912d3cde093d73507394a723e2f5b1
db972f6d77b7b06d6b47bfee621417c97da0845a
e7d2b08c4c44883a06504baa462c057f75b1d3af0f5f3dd8949d6d919f9e01c5
GET /recaptcha/api.js?render=6Le0u6YcAAAAAN6W5QMMqOikPm6gktdxJidww-iU&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 04 Feb 2023 01:14:10 GMT
date: Sat, 04 Feb 2023 01:14:10 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
85.214.167.154200 OK 30 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (32482)
Hash 22d2613b2c9183365806419244ca2fa7
805745a47582e3ecd41e5c205088efcb358c813b
fbe6441d283a0ba340faf5f87e328484790a93657f137b007b9b4ee4c054b4c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "1a3a8-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 29851
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
85.214.167.154200 OK 5.2 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (14677)
Hash d1cf4e234cc58dff036e036e7a281061
a2cd07181f3eaea1c2368b29e3ef2d222f085187
e4e40521c1a34232c308420d0e956ef8e5a2c777646177db3668b91698309568
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/tinycolor-min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "39bc-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5243
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
track4face.com/wp-content/themes/ave/assets/js/theme.min.js
85.214.167.154200 OK 40 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/js/theme.min.js
IP 85.214.167.154:0
File type ASCII text, with very long lines (31973)
Hash 4ce1782d837af56e1b1ad44ec2d62124
0caaaa068b2dd22acf929b5bb99eadb5fdab502b
6d806b605d4bd510b2687e7543869c153d3a440c6a33961597dd081adc1e1396
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/js/theme.min.js HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "3068e-5bae40f62db40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 39579
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/uploads/2022/08/umbrella-beach-solid-1.svg
85.214.167.154200 OK 960 B URL HTTP/1.1 track4face.com/wp-content/uploads/2022/08/umbrella-beach-solid-1.svg
IP 85.214.167.154:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e7b30864d3328a982c302ae9681e68e3
f5d732d6c0b5a506ea02d7c052c5c0e532b0212b
1d52995faad5c954417f3d572ad621b16d971d0d9acd54a4c4a57b7cf03be4fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/08/umbrella-beach-solid-1.svg HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Wed, 24 Aug 2022 10:34:12 GMT
ETag: "3c0-5e6fa38cc2c26"
Accept-Ranges: bytes
Content-Length: 960
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/svg+xml
track4face.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png
85.214.167.154200 OK 600 B URL HTTP/1.1 track4face.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png
IP 85.214.167.154:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /wp-content/plugins/translatepress-multilingual/assets/images/flags/en_GB.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 06:46:56 GMT
ETag: "258-5e7e87218e92a"
Accept-Ranges: bytes
Content-Length: 600
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/05/white-copia-300x60.png
85.214.167.154200 OK 8.2 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/white-copia-300x60.png
IP 85.214.167.154:0
File type PNG image data, 300 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c07631cf5b93d1fa7f083bf4c86a3fe
d015b0383bab3a8dd4c5fa503a6ca9f246d96c4c
0269f74c8fd75159b32f3b51ee61975e5ea74e8f9015c03b2bf8653480d60ec4
GET /wp-content/uploads/2022/05/white-copia-300x60.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:53 GMT
ETag: "1ff8-5dfe7cbd515d4"
Accept-Ranges: bytes
Content-Length: 8184
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/uploads/2022/05/white-copia.png
85.214.167.154200 OK 17 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/05/white-copia.png
IP 85.214.167.154:0
File type PNG image data, 982 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 96cd47d3fe31da9172460a61a9f63b1e
b1126c6677dc033e53fb40933e27bb23f4cf05dc
56c7e42a7a89eee8538e8332f1d94be0ab46ecd585bf9f8a3aa5c7abdffcec13
GET /wp-content/uploads/2022/05/white-copia.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 10:38:53 GMT
ETag: "430f-5dfe7cbd1ba73"
Accept-Ranges: bytes
Content-Length: 17167
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
35.81.157.247101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.157.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PquCxAjtGOER11SlMcR5JQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hjz/XhRza6sdh9q8cZACeW1+cTs=
track4face.com/wp-content/uploads/2022/06/FONDO-HOME.png?id=5241
85.214.167.154200 OK 19 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/06/FONDO-HOME.png?id=5241
IP 85.214.167.154:0
File type PNG image data, 1752 x 1116, 8-bit colormap, non-interlaced\012- data
Hash f09e0d1007183df93074bcaff2e8b7b2
dfc9c52588b7c0058518eedcf62e3ce04c8b617f
231e85f97993afe8ce8afe8e50f3f05da9f9be7ed4ee9f325470df561f55e6e2
GET /wp-content/uploads/2022/06/FONDO-HOME.png?id=5241 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Wed, 29 Jun 2022 10:15:34 GMT
ETag: "4948-5e2936f0f1d58"
Accept-Ranges: bytes
Content-Length: 18760
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
85.214.167.154200 OK 14 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
IP 85.214.167.154:0
File type Web Open Font Format (Version 2), TrueType, length 13564, version 330.32636\012- data
Hash e7d4bfa72a1f7d352fa6605501a3e2f2
afd94b571eff9da7d85490bdb4c9874419cd260d
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "34fc-5b5c72a7540c0"
Accept-Ranges: bytes
Content-Length: 13564
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
fonts.gstatic.com/s/spacegrotesk/v15/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
142.250.74.35200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/spacegrotesk/v15/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21096, version 1.0\012- data
Hash edd1beac8f00071cab3e2db58647ff94
8e8128a2cecf6524557cce4a32eb751f5dbe261d
a3298dd9c080ba992e6b3afd31430a7ec37869a5ecda45b854672ec069af4aab
GET /s/spacegrotesk/v15/V8mDoQDjQSkFtoMM3T6r8E7mPbF4Cw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://track4face.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:12:52 GMT
expires: Sat, 03 Feb 2024 02:12:52 GMT
cache-control: public, max-age=31536000
age: 82878
last-modified: Thu, 15 Dec 2022 21:08:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track4face.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
85.214.167.154200 OK 471 B URL HTTP/1.1 track4face.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
IP 85.214.167.154:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:05:00 GMT
ETag: "4fd58-5b5c72a848300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
85.214.167.154200 OK 76 kB URL HTTP/1.1 track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
IP 85.214.167.154:0
File type Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636\012- data
Hash 832f6e62aaf3909d6b94c8a9c1e4dd51
4a06418cb56a66af5a1c0f59791469dea1dc87fa
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.4.2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Sun, 06 Dec 2020 08:04:59 GMT
ETag: "127f0-5b5c72a7540c0"
Accept-Ranges: bytes
Content-Length: 75760
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
172.64.132.15200 OK 4.8 kB URL HTTP/2 use.fontawesome.com/releases/v6.1.2/css/v4-shims.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (27374)
Hash c25bc66ed466718338f18be3875d0f6c
06ee94eeb94670bae515382f02a9df3cbfd2d683
3a7ca10e3f136f1cd72b4cbf66ac8beda723ec9419dc538ce18f18846c6bc0b9
GET /releases/v6.1.2/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:14:10 GMT
content-type: text/css
x-amz-id-2: AshxX6/XzGMK7FgCthlmY3Kru+uDmud88iItf2WO+dEBGQ+4vODp7GKetR7KebjXwrfnfzV6BZM=
x-amz-request-id: 3G28EBQ6K6RCTYS4
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
etag: W/"32c0dd1e392a9b1b3b8e8a0ef2e89fdd"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOBRUmVhkHo7z97EQx4RfWt3ZnaNJzKPHrU7EJIgwlHoejpdHcYYC4uu1y1w1v6p07WVVMOzwJ1XTJrOH8c0IV7eI21kSHDdBktMv2nnUp9tW8jzFoIr2sTJhQnXt7alyf7fYO%2Fw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f8c430daa71d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 01:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff
85.214.167.154200 OK 322 kB URL HTTP/1.1 track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff
IP 85.214.167.154:0
File type Web Open Font Format, TrueType, length 322084, version 0.0\012- data
Size 322 kB (322084 bytes)
Hash 25095e48e20fcc644d6543c7c0878a15
a31898850576c23a5dae1d916a529d0409eba70d
2078f53ec18edf07a69cca137de279cd7fbe36c2fc5f06499db1ab4fd84aaa43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/liquid-icon/fonts/liquid-icon.woff HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://track4face.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 09:39:17 GMT
ETag: "4ea24-5bae40f62db40"
Accept-Ranges: bytes
Content-Length: 322084
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/font-woff
track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
85.214.167.154302 Found 0 B URL HTTP/1.1 track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
IP 85.214.167.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Location: https://track4face.io
X-Powered-By: PHP/7.3.33, PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
85.214.167.154302 Found 0 B URL HTTP/1.1 track4face.com/wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema
IP 85.214.167.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5060/feedback/schema HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Sat, 04 Feb 2023 01:14:10 GMT
Server: Apache
Location: https://track4face.io
X-Powered-By: PHP/7.3.33, PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
track4face.com/wp-content/uploads/2022/07/dibujo.png
85.214.167.154200 OK 150 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/07/dibujo.png
IP 85.214.167.154:0
File type PNG image data, 1494 x 1648, 8-bit/color RGBA, non-interlaced\012- data
Size 150 kB (150479 bytes)
Hash 400e6bb50a0d67fbf8ea5a634ecc9388
2fd1bcf455ecbcba93d3a0579835e13f60850c9e
1008ff82845bc1a036f6ca5db05e8264b91f20bcaf73c60186f756caa4763b1f
GET /wp-content/uploads/2022/07/dibujo.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:11 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2022 09:07:23 GMT
ETag: "24bcf-5e2f710657e64"
Accept-Ranges: bytes
Content-Length: 150479
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
track4face.com/wp-content/uploads/2022/08/controll3-1-copia.png
85.214.167.154200 OK 160 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/08/controll3-1-copia.png
IP 85.214.167.154:0
File type PNG image data, 591 x 787, 8-bit/color RGBA, non-interlaced\012- data
Size 160 kB (160312 bytes)
Hash 7bfb47f7960b11cffb046629e6e8fb6c
9da20d45cef5a3ae90cf18c6756c786a799e7bbc
13c2856323d9aa3e42cb2930b26fe7776cb6cbf007fe59272a24b6e9e9792705
GET /wp-content/uploads/2022/08/controll3-1-copia.png HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:11 GMT
Server: Apache
Last-Modified: Thu, 11 Aug 2022 15:05:05 GMT
ETag: "27238-5e5f87d9a2ffc"
Accept-Ranges: bytes
Content-Length: 160312
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 318060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c98a62eebeb8e4ae3daf2325acc77357
645e988f00c6579ada158de0283ff9509629fb0e
ab22a8513c600ca61fcd65ffe9d02f417440b595c98624b06c6eeb2c62dc889b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB22A8513C600CA61FCD65FFE9D02F417440B595C98624B06C6EEB2C62DC889B"
Last-Modified: Sat, 04 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21592
Expires: Sat, 04 Feb 2023 07:14:03 GMT
Date: Sat, 04 Feb 2023 01:14:11 GMT
Connection: keep-alive
track4face.com/wp-content/uploads/2022/07/favicon.ico
85.214.167.154200 OK 1.2 kB URL HTTP/1.1 track4face.com/wp-content/uploads/2022/07/favicon.ico
IP 85.214.167.154:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 11267b0c60503804cde6d561286c653f
3a72060addeca0386bbb102d9771c0a74fedf96d
daaf4cb8ac2235812e7b9c3d28f974a8609c154276f513940bee0cbc9dce71dd
GET /wp-content/uploads/2022/07/favicon.ico HTTP/1.1
Host: track4face.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 01:14:11 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 15:55:40 GMT
ETag: "47e-5e3da0ccba40e"
Accept-Ranges: bytes
Content-Length: 1150
X-Powered-By: PleskLin
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
track4face.io/
82.223.83.77200 OK 16 kB IP 82.223.83.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2391), with CRLF, LF line terminators
Hash 7830fa4a4644c160a377f1c6f1e8e4bb
68f2f058aba55302c799f208d91b7a31e8d2e1c1
8737795f54195fd57382ef76488ec596c7908f8a1a971f6be6c47e27ffdf1dc1
GET / HTTP/1.1
Host: track4face.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:14:11 GMT
content-type: text/html
content-length: 15944
last-modified: Fri, 03 Feb 2023 18:50:54 GMT
etag: "13780-5f3d02946a4b8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-powered-by: PleskLin
X-Firefox-Spdy: h2
track4face.io/
82.223.83.77200 OK 8.9 kB IP 82.223.83.77:0
Hash 762b43c000204b7482344c62a0e1c6ce
e0d72f8b3591ea8ed91f3db80bb8d764fcb2f217
67d6df4559a79609f567737c677fbff5ae1f47acb71335f290c24a14f2b71c86
GET / HTTP/1.1
Host: track4face.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Referer: https://track4face.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 01:14:11 GMT
content-type: text/html
content-length: 15944
last-modified: Fri, 03 Feb 2023 18:50:54 GMT
etag: "13780-5f3d02946a4b8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
142.250.74.35200 OK 25 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
IP 142.250.74.35:0
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:12 GMT
expires: Wed, 31 Jan 2024 08:53:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/css
age: 318059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 318060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20765
Expires: Sat, 04 Feb 2023 07:00:16 GMT
Date: Sat, 04 Feb 2023 01:14:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20765
Expires: Sat, 04 Feb 2023 07:00:16 GMT
Date: Sat, 04 Feb 2023 01:14:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6h25M_XSVuTCF-9FkTtwujV0X-0-M9fvw4ouOBFmSnMWeApCSHmBsA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 10841
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 98768
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 54c06759-6fab-455c-be34-496ee42a2580
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZLQEqroAMFyWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d57b-2237358a5cc22b8003af1852;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:08:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oc3NhvAmcrO3msFYF2ITsEpq8a2wsOLkXtmZxRQpmse84yml0l9PNA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:46:57 GMT
age: 12434
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76ce18a45923a440add58f68a794bd03
e15570e6c3b6a801b8bc7f4c8c87bb7ec071fc43
9abc1e152bd102d799d189fa3b74961cb22d17571c2ee6676d4c937c3b75da42
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: 8695cadd-57b2-416e-9f5b-ace8a9931ab4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyED6GP9oAMFnZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd807f-17eaa05a4aae5a6807829bd1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RrRMudbU55NOXYoDxQZ8sm2pAMUYOUfd19yHqVpSPMhYatrQTeqf-g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:28 GMT
age: 11023
etag: "e15570e6c3b6a801b8bc7f4c8c87bb7ec071fc43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 3208
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 10589
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 11018
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 18:48:55 GMT
expires: Tue, 07 Feb 2023 18:48:55 GMT
cache-control: public, max-age=604800
age: 282316
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20
IP 142.250.74.106:0
GET /css?family=Space+Grotesk%3A300%2C400%2C500%2C600%2C700%2C300i%2C400i%2C500i%2C600i%2C700i&display=swap&subset=all&ver=3.0.20 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 01:14:10 GMT
date: Sat, 04 Feb 2023 01:14:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Poppins%3A400%7Cfutura-pt%3A700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 01:14:10 GMT
date: Sat, 04 Feb 2023 01:14:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v6.1.2/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v6.1.2/css/all.css
IP 172.64.132.15:0
GET /releases/v6.1.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://track4face.com
Connection: keep-alive
Referer: https://track4face.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 01:14:10 GMT
content-type: text/css
x-amz-id-2: H2zVS/+JIum1x+lX5XMe6725Ro522FbW9xdAEGYbZASSfOoEj1Pr0IaIFTrA4R9cEYstH4sBbaI=
x-amz-request-id: 3G210HFH7RRBCWNH
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 25 Jul 2022 16:09:47 GMT
etag: W/"8ef777107c4620d4ddd4f8c4bb14a36c"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm%2BhTlzkqyy8VTQJQPg0QXWpg7siC7Yct0jLJ%2BkZE6ydsZh4WfjX7H9T1Wls%2Fenzm9xiWVw3gJHD4l9PcrW%2BH7F7YftkkLP%2BXBL8LMlDdqHxkoF8tdp8rWwwvWn%2FBLoR3XEN29B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f8c430da471d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2