r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12669
Expires: Sun, 04 Dec 2022 01:59:02 GMT
Date: Sat, 03 Dec 2022 22:27:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 957
Cache-Control: max-age=130756
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:27:53 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 10:47:09 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.premier.com.pk/
20.74.133.177301 Moved Permanently 319 B IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dfd3903f50e8aabfa7dbffa392153ed9
59281725079bdfd28b675017c679d00596d1a619
1d26815c92461f7079afc094bce1c0763d2bd12d2e3cccb006ce5393f2034064
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 22:27:53 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://www.premier.com.pk/
Content-Length: 319
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4641
Expires: Sat, 03 Dec 2022 23:45:14 GMT
Date: Sat, 03 Dec 2022 22:27:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 22:18:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 575
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: s9h633rh8Ij99qYeDA+AQP1axWTbPpWGYeb27hbfsfaXELGWKIQuCdqQBQGhV/54BTgIoupZHHA=
x-amz-request-id: H7J030W52R8SSKZ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 21:47:17 GMT
age: 2436
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 22:27:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 22:11:19 GMT
cache-control: public,max-age=3600
age: 995
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 793c129438271358b348a8fc85444da5
1989d7333046e2ed0aaf1286c1c9356994dfecf0
1fd44910d0ce7966672acb60bf59986688e6526eb87a150b3c5dd8d95201ead2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FD44910D0CE7966672ACB60BF59986688E6526EB87A150B3C5DD8D95201EAD2"
Last-Modified: Thu, 01 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Dec 2022 04:27:54 GMT
Date: Sat, 03 Dec 2022 22:27:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 948
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:27:54 GMT
Last-Modified: Sat, 03 Dec 2022 22:12:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zZQ+pk6VuQwPn1027ldryQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1K+8m7CeMJVU4oECRGHiRPaexng=
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css?ver=6.1.1
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.css?ver=6.1.1
IP 104.17.25.14:0
Hash cd3dfb72d171caffb268d3c10438ec02
8b9087b902215e978e1e1bb6f734b2d46f02481a
a9a7eadd55d4e2714c778709066da5fe32c900f70d6270e29cc61842f35dfe51
GET /ajax/libs/font-awesome/5.9.0/css/all.css?ver=6.1.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 22:27:56 GMT
content-type: text/css; charset=utf-8
content-length: 10234
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-111ac"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2010007
expires: Thu, 23 Nov 2023 22:27:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZTSawvxd69mnwvyPkpMs8fjGcbuNfTeO2ruQt13ziKCxYh4r2LC4OkCVuH7lfJVUxEq%2BXajMP7TTxKcTNc0b3ryePN4WCZxTdbxQibrBFWNkuVNw1CjZxfb7OFcqUIDSIqchw7z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 773fbb83acdf0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.premier.com.pk/
20.74.133.177200 OK 27 kB IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (25682)
Hash 7db5d6fa582fcf28c083241a56792a1a
b669a41a599e23a283b8936515531875f354ff9b
45d2f78f6d276c6cd298dbf3e1c85d962317d5b19b4017edef70a14fc100f2ef
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Link: <https://www.premier.com.pk/wp-json/>; rel="https://api.w.org/", <https://www.premier.com.pk/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://www.premier.com.pk/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 26613
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9df4da97c2c230fd3b25bca951400445
a7e80bc6e2f165a9ce811760c9f5fa876dacb202
dbb6fdf125a8f5b2ed673fd03b00d25e675675149da356987be066aff41232da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 596
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:27:56 GMT
Last-Modified: Sat, 03 Dec 2022 22:18:00 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9df4da97c2c230fd3b25bca951400445
a7e80bc6e2f165a9ce811760c9f5fa876dacb202
dbb6fdf125a8f5b2ed673fd03b00d25e675675149da356987be066aff41232da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 596
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:27:56 GMT
Last-Modified: Sat, 03 Dec 2022 22:18:00 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5607
Expires: Sun, 04 Dec 2022 00:01:23 GMT
Date: Sat, 03 Dec 2022 22:27:56 GMT
Connection: keep-alive
www.premier.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
20.74.133.177200 OK 12 kB URL HTTP/1.1 www.premier.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 12:01:46 GMT
ETag: "172a9-5ed953ca29bb8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12518
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5607
Expires: Sun, 04 Dec 2022 00:01:23 GMT
Date: Sat, 03 Dec 2022 22:27:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 2109
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f60321f-543f-44e0-a009-33af5efa0534.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f60321f-543f-44e0-a009-33af5efa0534.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7cdd7ea89a9837ee4daf179e9f14a821
d60ccf29ffe8333578f86c35a0e0943c1e824bb0
5d1351a293fce0cec824082d9b6bf6c0c002c279bc4ed7896104ac4378f00c29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f60321f-543f-44e0-a009-33af5efa0534.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7010
x-amzn-requestid: 70386688-f02e-4b62-bb39-3c5b176d50fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr__GdSoAMF3og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-25a117d84d6a25bf099c7cb3;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nwSsAFL0OmmM5oTINw8TOFF-uw20E_x7D-QY-z839AtWTZdIz3CunQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:45:49 GMT
age: 2527
etag: "d60ccf29ffe8333578f86c35a0e0943c1e824bb0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 2635
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5047e1b428980b054be8c899ec7bd2a
a55e532bd0251ffc78c052a3f8b649e13feafdb7
c7f42eed10d19a983df419556f821a391ca2ece33a72cdef7a367cd7eab0b96a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11170
x-amzn-requestid: 4925defd-cb3f-4818-a609-c4f2badaf0d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltlsGUVoAMFi9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f1-46cb22af25d527d016096316;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KMhlrg9pjepNii5clmKidbqEqTuUI1gYg8UOC7tVZ-7ZB06481p5ug==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:56:59 GMT
age: 1857
etag: "a55e532bd0251ffc78c052a3f8b649e13feafdb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:26:43 GMT
age: 54073
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/popper.js@1.12.5/dist/popper.js?ver=1.0
151.101.129.229200 OK 20 kB URL HTTP/2 cdn.jsdelivr.net/npm/popper.js@1.12.5/dist/popper.js?ver=1.0
IP 151.101.129.229:0
File type Unicode text, UTF-8 text, with very long lines (339)
Hash ff46fc5b0c0dc0fc0225593e01c313fa
ea55c3f497a770375be9ce162f0e972de5926cf9
5dbaa09590496cebeec11d6489c2deedf75c547c38265152764fc8861cc52f93
GET /npm/popper.js@1.12.5/dist/popper.js?ver=1.0 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.12.5
x-jsd-version-type: version
etag: W/"131a5-WEzCALnEQIbewKyb0xTB1eLLYk8"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 22:27:56 GMT
age: 233476
x-served-by: cache-fra-eddf8230130-FRA, cache-bma1660-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20496
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5607
Expires: Sun, 04 Dec 2022 00:01:23 GMT
Date: Sat, 03 Dec 2022 22:27:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 1509
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:27:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.premier.com.pk/wp-content/themes/premier-systems/assets/css/owl.carousel.min.css?ver=6.1.1
20.74.133.177200 OK 1.1 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/css/owl.carousel.min.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (3184)
Hash 8864ff6a1198eecf45821c602593ff9a
c6097cea47ac44fcec94781f2af0110cb677ab0a
19eaae3fdfe574cd1b1cfd78d30633a4527bde9711dde88b467fe43ca854cda5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/css/owl.carousel.min.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "d17-5e3d32bdd333b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1068
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:27:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash fb6c1758c9ece0ef67352dc9ce4b4210
497320f806a06c163cdc7823d4c58692151afba2
b6cbd5fc614912cd274f2954451ce7765cdd23805a1395917a335120c063c9bf
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F89A7303BFE41C55163E8BA374D91034FD83F161"
Expires: Sun, 04 Dec 2022 09:00:00 GMT
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2010
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773fbb8588b4b4f4-OSL
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=1.0
142.250.74.138200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js?ver=1.0
IP 142.250.74.138:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js?ver=1.0 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 14:53:31 GMT
expires: Thu, 30 Nov 2023 14:53:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
age: 286465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?
142.250.74.138200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?
IP 142.250.74.138:0
File type ASCII text, with very long lines (2590)
Hash c6c1608bd11e28eb9f5f1e89e6317798
51888a4149e5aa7cda41c037303e93b2aaeadd9c
8f16c9c0c5a16373cd523eee1e00854db17506f624709a2c7a4de0398abb419b
GET /maps/api/js? HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sat, 03 Dec 2022 22:27:56 GMT
expires: Sat, 03 Dec 2022 22:57:56 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53603
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:27:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.premier.com.pk/wp-includes/css/classic-themes.min.css?ver=1
20.74.133.177200 OK 189 B URL HTTP/1.1 www.premier.com.pk/wp-includes/css/classic-themes.min.css?ver=1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 12:01:46 GMT
ETag: "d9-5ed953ca27c78-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
20.74.133.177200 OK 972 B URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 12:02:39 GMT
ETag: "aab-5ed953fcef0d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/themes/premier-systems/assets/css/style.css?ver=6.1.1
20.74.133.177200 OK 3.0 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/css/style.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type assembler source, ASCII text, with very long lines (308)
Hash 9ddaf73d93c4ef70ad3eefb170ca2e97
63e51b110abbcdabd0d7b901f52eedda9c6de0cc
c29d5ee402aed1479284f1e1b19c45717e01cdd6f3dc3165c37b3fe1aa4467d4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/css/style.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "4991-5e3d32bdd333b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3022
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/themes/premier-systems/assets/css/flash.css?ver=6.1.1
20.74.133.177200 OK 496 B URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/css/flash.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 2622e9c05b516482bf87b5632b123e33
c8e27b235528a0679b71cf9496cb558dbbecf654
7db4a1656ec259c6bfe5f8bacf505c427c34c3f8118e52c42069e6c9b2d80a41
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/css/flash.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "802-5e3d32bdd333b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 496
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/themes/premier-systems/assets/css/owl.theme.default.min.css?ver=6.1.1
20.74.133.177200 OK 479 B URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/css/owl.theme.default.min.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (846)
Hash ed01e339cf287cc8556f302210540fc9
4d4319bfb04d9a9939d387c7ff44dfa29b3772ef
4fdb569f083e05758aa13c7dc42c4b83c7c191ebc0c267c4afe926a81d4109fe
GET /wp-content/themes/premier-systems/assets/css/owl.theme.default.min.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "3f5-5e3d32bdd333b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 479
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/themes/premier-systems/assets/css/animate.min.css?ver=6.1.1
20.74.133.177200 OK 5.3 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/css/animate.min.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65348)
Hash ac23b5088eae379ce967c2f8da6b3b61
d3da9cc72f6de6b0b580b4b33bed74f2c0ecc750
177275b6f527e9c8482c5e4e6cc7e19d6575378292079185e0db4e0b82196d37
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/css/animate.min.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "11846-5e3d32bdd333b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5270
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.5
20.74.133.177200 OK 7.1 kB URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.5
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (52152), with no line terminators
Hash 5cee594887b69856a5873ef7283e2a8d
8a68e3eac37e7548b4d334cb29062681444bfd96
d9dbc4eea38e9e5f516b038968faf47284d537daceeb17b22d2054f3a690bca0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/pro/assets/css/ubermenu.min.css?ver=3.5 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:18 GMT
ETag: "cbb8-5e3d32bf7df67-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7124
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/themes/premier-systems/assets/css/bootstrap.min.css?ver=6.1.1
20.74.133.177200 OK 24 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/css/bootstrap.min.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65319), with CRLF line terminators
Hash 39c6175dcad067ee3343d58362490c48
57c9438b1f94c3343720337f92bb8106a0e82410
d22204eea88823ff087cd50eb2a18e780c93c4d4cec30554fa47be3080be484d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/css/bootstrap.min.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "26f21-5e3d32bdd333b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23693
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/plugins/ubermenu/assets/css/skins/blackwhite2.css?ver=6.1.1
20.74.133.177200 OK 1.2 kB URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/ubermenu/assets/css/skins/blackwhite2.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4060a1360ffba6b19f2795bfa3308e61
69c6b0f4552a29d1c14bff188d67cabebd2748da
c189fe29cd2cc2c784ac5c20f83d35cffa4b59527d00ed85cd4f86276360b617
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/css/skins/blackwhite2.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:19 GMT
ETag: "1d2b-5e3d32bfabdc8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1166
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.1.1
20.74.133.177200 OK 11 kB URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (51030)
Hash 68b76d3a53a337d3a2e3c73b165f4fc3
58160e794940edd69d9df52e90b70f624352747e
861ae5e8f8624432a29bdccc4e2900dd76d5656ab757214047c42e2b5a184337
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:18 GMT
ETag: "c80f-5e3d32bfa2188-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11207
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.premier.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
20.74.133.177200 OK 6.3 kB URL HTTP/1.1 www.premier.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (15660)
Hash ddc0552dd3496a5725d9ab14d6886dec
a9e5140806c3de2445bfbaff300cc5337c4c53da
3d022374ba30153e06336320e402d1d23790a2cc6753c40530d8c92d0217b22e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Nov 2022 15:04:42 GMT
ETag: "5747-5ee7513146817-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6322
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.premier.com.pk/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
20.74.133.177200 OK 4.3 kB URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (9959)
Hash 7b0ab2dc30d48cb31366ab24e332bd82
a850042f6c2be59575db9aa49ed59cc53a1e095a
14dc65f18c242ec89cbe7c673bf2cee79cfb861f75b4c4df7799d29a788a6484
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 12:02:39 GMT
ETag: "355f-5ed953fbfd5c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4254
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.premier.com.pk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
20.74.133.177200 OK 5.3 kB URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (12332)
Hash 95e746ca44e0929c7d52c4b1531206c5
fb5671c21007233260121101658fa26afac8a7e5
eafb2a1ea998044d26c002510930911c9d92a9514963be1322f6de4ed5bfcebd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 12:02:39 GMT
ETag: "3ea4-5ed953fbfd5c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5275
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.premier.com.pk/wp-content/themes/premier-systems/assets/js/wow.min.js?ver=1.0
20.74.133.177200 OK 4.1 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/js/wow.min.js?ver=1.0
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (8121)
Hash e72dd92f02d89538438fa82428efb156
d0961ac040bded1c0ab2a526d9f179b8dfe39dca
beb7f26b78a9e9722702ef4e1154bc3521d5d641a3a555699822894c5a3312bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/js/wow.min.js?ver=1.0 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Nov 2022 15:04:41 GMT
ETag: "2e69-5ee75130f2850-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4120
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.premier.com.pk/wp-content/themes/premier-systems/assets/js/bootstrap.js?ver=1.0
20.74.133.177200 OK 27 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/js/bootstrap.js?ver=1.0
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 50d1fbf279cdd11b72cfb9d93e37d5e1
44109c11bc05dc04d36115f630540a80db4d756a
2a3560f2b308950b76cdb45646dabd545f1af8a2c7c4cfe324e705c273f17cae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/js/bootstrap.js?ver=1.0 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Nov 2022 15:04:41 GMT
ETag: "22fde-5ee75130f2850-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 27304
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.premier.com.pk/wp-content/themes/premier-systems/assets/js/custom.js?ver=1.0
20.74.133.177200 OK 3.1 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/js/custom.js?ver=1.0
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 11712b05b3147f885a5ce8d00b196e53
67a2bbdeb119b9ae47d54e8fa291bbef8b606aa7
13abcbe1b0253334c2c545f9deaa28af2602b8d8fdbbc34babf3155b3cf91e8c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/js/custom.js?ver=1.0 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Nov 2022 15:04:41 GMT
ETag: "2836-5ee75130ef970-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3061
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.premier.com.pk/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.5
20.74.133.177200 OK 9.3 kB URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.5
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (698)
Hash 61ee6e635d402290e9467bca886a0de7
cf192a516399d0b64782a0f6e445056bbaba565b
c0d4b5de9281ecc0de0fa57a6cbf3f9f1060eb77c82425690647980ce613257e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/js/ubermenu.min.js?ver=3.5 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Nov 2022 15:04:42 GMT
ETag: "8d4b-5ee751312c235-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9292
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.premier.com.pk/wp-content/themes/premier-systems/assets/js/owl.carousel.min.js?ver=1.0
20.74.133.177200 OK 13 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/js/owl.carousel.min.js?ver=1.0
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (31997)
Hash fdef7243ce2283aaa8d2137d9905500a
7197fc6637f9807f1895ebfc209ccaa1e1fd5ea3
e7bab0e2652ebad936cb84fc7f555a114c8f506a51078f3e4c48671c575b11a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/js/owl.carousel.min.js?ver=1.0 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Nov 2022 15:04:41 GMT
ETag: "bbc4-5ee75130f2850-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12745
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.premier.com.pk/wp-content/themes/premier-systems/assets/fonts/armata-regular-webfont.woff2
20.74.133.177200 OK 20 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/fonts/armata-regular-webfont.woff2
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 20360, version 1.0\012- data
Hash 12d22e7429e6913736fe1bc9441cd83b
6c82d1feb588b456d9bf8aebd81881ec85bf4b30
366593a115136b69e06d1889eda7963356521dcf22b348553c76df79ed38010f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/fonts/armata-regular-webfont.woff2 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.premier.com.pk/wp-content/themes/premier-systems/assets/css/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "4f88-5e3d32bdd333b"
Accept-Ranges: bytes
Content-Length: 20360
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
www.premier.com.pk/wp-content/themes/premier-systems/assets/fonts/opensans-regular-webfont.woff2
20.74.133.177200 OK 17 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/fonts/opensans-regular-webfont.woff2
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 17428, version 1.0\012- data
Hash 45014006470298618e4df2e60aa41ba9
4b512365e8f5a39b78d9c803da4fcc31404f52a3
b9fb89e2f50d703298c399e8f0faae517ae532c79bec0d5dfbfd4ccf7dcee133
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/fonts/opensans-regular-webfont.woff2 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.premier.com.pk/wp-content/themes/premier-systems/assets/css/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "4414-5e3d32bdd333b"
Accept-Ranges: bytes
Content-Length: 17428
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
www.premier.com.pk/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff2
20.74.133.177200 OK 74 kB URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff2
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 73852, version 1.0\012- data
Hash fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.premier.com.pk/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:18 GMT
ETag: "1207c-5e3d32bf7df67"
Accept-Ranges: bytes
Content-Length: 73852
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
www.premier.com.pk/wp-content/themes/premier-systems/assets/fonts/opensans-semibold-webfont.woff2
20.74.133.177200 OK 18 kB URL HTTP/1.1 www.premier.com.pk/wp-content/themes/premier-systems/assets/fonts/opensans-semibold-webfont.woff2
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 17672, version 1.0\012- data
Hash 9e4cd99049834b09829bb9da3b0db800
24fc7d28d9a0c466612b83dab6a24fe364c74f42
faf2d61823703f7150a0a27f8113ef38cd3689272e8a47e19ec5d2f34be77ac5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/premier-systems/assets/fonts/opensans-semibold-webfont.woff2 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.premier.com.pk/wp-content/themes/premier-systems/assets/css/style.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:17 GMT
ETag: "4508-5e3d32bdd239b"
Accept-Ranges: bytes
Content-Length: 17672
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
www.premier.com.pk/wp-content/uploads/2021/09/ictimg1.jpg
20.74.133.177200 OK 156 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/09/ictimg1.jpg
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=GUI (Graphical User Interface) concept.\377\341\005Khttp://ns.adobe.com/xap/1.0/, orientation=upper-left], baseline, precision 8, 552x313, components 3\012- data
Size 156 kB (155789 bytes)
Hash c7d9e4f4d7a18fe57f0505640dd33edf
b1dbd5e9f250546cdc1b69da0740dbbe9774e4fa
40897baf2b4a2cfb2795d236d314827eca0efc0beff9695e971ac9847e4d1f75
GET /wp-content/uploads/2021/09/ictimg1.jpg HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:14 GMT
ETag: "2608d-5e3d32bba68ec"
Accept-Ranges: bytes
Content-Length: 155789
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.premier.com.pk/wp-content/uploads/2021/09/GetPaidStock.com-613b20ffd2334.jpg
20.74.133.177200 OK 68 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/09/GetPaidStock.com-613b20ffd2334.jpg
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1000x633, components 3\012- data
Hash f14f7aaf3c19b0a03fee632d79d11c1d
04db9dbc537039962e4483d75c9aafd4e2fe165f
fb815416e6c22722217e2069f39bc2b33d07ff25df50b86ceb25607d2937627a
GET /wp-content/uploads/2021/09/GetPaidStock.com-613b20ffd2334.jpg HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:15 GMT
ETag: "108ab-5e3d32bc4a9f1"
Accept-Ranges: bytes
Content-Length: 67755
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.premier.com.pk/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-brands-400.woff2
20.74.133.177200 OK 70 kB URL HTTP/1.1 www.premier.com.pk/wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-brands-400.woff2
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 69608, version 1.0\012- data
Hash 659c4d58b00226541ef95c3a76e169c5
333b0d6bb7e10601f4bd99e048608d5581be2a98
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ubermenu/assets/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.premier.com.pk/wp-content/plugins/ubermenu/assets/fontawesome/css/all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:18 GMT
ETag: "10fe8-5e3d32bf7ef07"
Accept-Ranges: bytes
Content-Length: 69608
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
www.premier.com.pk/wp-content/uploads/2021/05/b4.png
20.74.133.177200 OK 148 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/05/b4.png
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 401 x 276, 8-bit/color RGB, non-interlaced\012- data
Size 148 kB (147746 bytes)
Hash 6200fe89fc2026705d4da49441ae137c
0fe6690bf65cfbd6ca1ef3c03c80305c1f6c72f5
625e1e2d7cdfefedc7eeed131b9ebba9ccc02e06bdc48cde04ecb96b5c47e12c
GET /wp-content/uploads/2021/05/b4.png HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:14 GMT
ETag: "24122-5e3d32bb71d2b"
Accept-Ranges: bytes
Content-Length: 147746
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.premier.com.pk/wp-content/uploads/2021/09/ezgif.com-gif-maker.jpg
20.74.133.177200 OK 122 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/09/ezgif.com-gif-maker.jpg
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Converted from WebP to JPG using ezgif.com", baseline, precision 8, 730x730, components 3\012- data
Size 122 kB (122518 bytes)
Hash f3b720ab541188bb4d999edaef38a609
36afd355d8ebf4335cbb0dc1a7a7068be0195348
37d184b5f6be36ea2b6954ae2cc94f493fbf59b357efc47fa09a6c71a2f4056c
GET /wp-content/uploads/2021/09/ezgif.com-gif-maker.jpg HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:15 GMT
ETag: "1de96-5e3d32bc56571"
Accept-Ranges: bytes
Content-Length: 122518
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.premier.com.pk/wp-content/uploads/2021/09/b1.png
20.74.133.177200 OK 116 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/09/b1.png
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 387 x 276, 8-bit/color RGB, non-interlaced\012- data
Size 116 kB (115734 bytes)
Hash 69ee185ba11323aa4d261df62e2ce4ac
32107214a280bf3bcdbecd998e8f466877e24e87
940307857ff9904aeb0e5094f248d931c5c61a1605232f26fa07e3f338420db3
GET /wp-content/uploads/2021/09/b1.png HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:15 GMT
ETag: "1c416-5e3d32bc34290"
Accept-Ranges: bytes
Content-Length: 115734
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.premier.com.pk/wp-content/uploads/2021/05/logo.png
20.74.133.177200 OK 12 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/05/logo.png
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 180 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash 6188cdf513f9d24334d6ce71b9be0873
b42f7ee132d633293231e0f1d9c16987ef874e58
b93c82dc41b6dfb37a6d04bd2e0f2e90099dd59503b8fd4611850df8e2526af0
GET /wp-content/uploads/2021/05/logo.png HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:14 GMT
ETag: "2e5f-5e3d32bb71d2b"
Accept-Ranges: bytes
Content-Length: 11871
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.premier.com.pk/wp-content/uploads/2021/09/ictimg1-150x150.jpg
20.74.133.177200 OK 9.4 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/09/ictimg1-150x150.jpg
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash da94ff0a5098aedebdeade13c07ce1f5
04f87ecb86b825fe592128d87443a822e7289b79
3bce471334352b70184237ee1c6362d0ee47f5a610d4e91b6d60e75149101f15
GET /wp-content/uploads/2021/09/ictimg1-150x150.jpg HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:15 GMT
ETag: "24bb-5e3d32bc19caf"
Accept-Ranges: bytes
Content-Length: 9403
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.premier.com.pk/wp-content/uploads/2021/05/cc1.png
20.74.133.177200 OK 215 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/05/cc1.png
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 397 x 264, 8-bit/color RGB, non-interlaced\012- data
Size 215 kB (215379 bytes)
Hash da2eccf8ae91620c79eb71779e9bdb3d
ec1ba94bb08de8893518bcac1bbc3c190722d9f1
0f00cd9b1d0153b08e6abe3e758e9baaebcb0a66f7168a4508b44f45389b0e29
GET /wp-content/uploads/2021/05/cc1.png HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:14 GMT
ETag: "34953-5e3d32bb7e84b"
Accept-Ranges: bytes
Content-Length: 215379
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.premier.com.pk/wp-content/uploads/2021/09/carassembly.jpg
20.74.133.177200 OK 151 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/09/carassembly.jpg
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=robots welding in an automobile factoryOlga Serdyuk\377\341\005_http://ns.adobe.com/xap/1.0/, copyright=Olga Serdyuk\377\341\005_http://ns.adobe.com/xap/1.0/], baseline, precision 8, 515x333, components 3\012- data
Size 151 kB (151098 bytes)
Hash 5d33f2e43852746f6e6e06bf6774709c
f668d7980a3f75c400db1eefcd2aaf6081835262
64d0b114012cf5b1c056bf15e930d020d2ca88545a25cd65fb90036bd039a1fc
GET /wp-content/uploads/2021/09/carassembly.jpg HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:15 GMT
ETag: "24e3a-5e3d32bc66f11"
Accept-Ranges: bytes
Content-Length: 151098
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.premier.com.pk/wp-content/uploads/2021/05/cc3.png
20.74.133.177200 OK 221 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/05/cc3.png
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 397 x 264, 8-bit/color RGB, non-interlaced\012- data
Size 221 kB (220755 bytes)
Hash 5c2984bfec4961c08e0b3afdd2b6c971
a49e10dd4908acd861d25455e0d1a0d6bc293c0d
d0fa944308d3bb0089a11f4c5d7c61acea10a903c44003a9e5b35daa0d908c18
GET /wp-content/uploads/2021/05/cc3.png HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:14 GMT
ETag: "35e53-5e3d32bb72ccb"
Accept-Ranges: bytes
Content-Length: 220755
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.premier.com.pk/wp-content/uploads/2021/05/home_about.png
20.74.133.177200 OK 598 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/05/home_about.png
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 665 x 464, 8-bit/color RGB, non-interlaced\012- data
Size 598 kB (597996 bytes)
Hash cd6fee53f0fd0ac5f4ebe7a52fb01220
c5c7fc3e2c18ba9644b419bf52cfa1fae7a50b93
f81c965ebec52866dfbcba1b0c7d6a7ea243e32e69a53167a0fba04fc638af02
GET /wp-content/uploads/2021/05/home_about.png HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:14 GMT
ETag: "91fec-5e3d32bb4cb6a"
Accept-Ranges: bytes
Content-Length: 597996
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.premier.com.pk/wp-content/uploads/2021/05/cc2.png
20.74.133.177200 OK 222 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/05/cc2.png
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 396 x 264, 8-bit/color RGB, non-interlaced\012- data
Size 222 kB (222436 bytes)
Hash c6b37b9d61b8851f37c62b69f6767c94
53d49a767015c4271af6a39aeb9acc4b02063b19
a13e4d9997c4299889949e45ff613f485b160f13099e58c1e3e307a725b68dcf
GET /wp-content/uploads/2021/05/cc2.png HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:14 GMT
ETag: "364e4-5e3d32bb4db0a"
Accept-Ranges: bytes
Content-Length: 222436
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.premier.com.pk/wp-content/uploads/2021/05/favicon.png
20.74.133.177200 OK 2.9 kB URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/05/favicon.png
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ffac4583259627e1cada55b64fb81887
c230c905126ccb8feac8925f05cc355a0121dfc0
0f45d287f9d468553071875cce8dda5d63c520247784ddf873570f7f9879d5cf
GET /wp-content/uploads/2021/05/favicon.png HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:14 GMT
ETag: "b84-5e3d32bb71d2b"
Accept-Ranges: bytes
Content-Length: 2948
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
unpkg.com/aos@2.3.1/dist/aos.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.js
IP 104.16.124.175:0
GET /aos@2.3.1/dist/aos.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premier.com.pk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 22:27:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
via: 1.1 fly.io
fly-request-id: 01F3YGTK14BN7YR0KMC99B0BKK
cf-cache-status: HIT
age: 19417252
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773fbb84fa8a0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/aos@2.3.1/dist/aos.js?ver=6.1.1
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.js?ver=6.1.1
IP 104.16.124.175:0
GET /aos@2.3.1/dist/aos.js?ver=6.1.1 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Dec 2022 22:27:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /aos@2.3.1/dist/aos.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKD1MVQAC7QNHW8EGZ7EY9JH-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773fbb848a320b55-OSL
X-Firefox-Spdy: h2
unpkg.com/aos@2.3.1/dist/aos.css?ver=6.1.1
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.css?ver=6.1.1
IP 104.16.124.175:0
GET /aos@2.3.1/dist/aos.css?ver=6.1.1 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Dec 2022 22:27:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /aos@2.3.1/dist/aos.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKD1HF5BYHBYRW243Y5XWZFY-ams
cf-cache-status: HIT
age: 111
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773fbb83e9cd0b55-OSL
X-Firefox-Spdy: h2
unpkg.com/aos@2.3.1/dist/aos.css
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.css
IP 104.16.124.175:0
GET /aos@2.3.1/dist/aos.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.premier.com.pk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 22:27:56 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
via: 1.1 fly.io
fly-request-id: 01G754J040XBCARD93ACQA76A4-fra
cf-cache-status: HIT
age: 13150149
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 773fbb8429f90b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.premier.com.pk/wp-content/uploads/2021/09/Premier-Systems_v2.0-2-1.mp4
20.74.133.177206 Partial Content 0 B URL HTTP/1.1 www.premier.com.pk/wp-content/uploads/2021/09/Premier-Systems_v2.0-2-1.mp4
IP 20.74.133.177:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/09/Premier-Systems_v2.0-2-1.mp4 HTTP/1.1
Host: www.premier.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.premier.com.pk/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Sat, 03 Dec 2022 22:27:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 15 Jul 2022 07:43:15 GMT
ETag: "56a94bb-5e3d32bc86312"
Accept-Ranges: bytes
Content-Length: 90870971
Content-Range: bytes 0-90870970/90870971
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: video/mp4