r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14989
Expires: Tue, 06 Dec 2022 03:02:28 GMT
Date: Mon, 05 Dec 2022 22:52:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11998
Expires: Tue, 06 Dec 2022 02:12:37 GMT
Date: Mon, 05 Dec 2022 22:52:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3646
Cache-Control: max-age=131966
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:39 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:32:05 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YUKKShyt0qY+BY7IOoOmX9ZlDaYnEaGLKuBTXCQjs8nUzhs2GssXvujU/7IQnEv4tc5FWY/5aCQ=
x-amz-request-id: B33E1AVE380CV53N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 22:48:41 GMT
age: 238
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 22:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1939
alt-svc: clear
X-Firefox-Spdy: h2
sahiwalcowindia.com/
103.21.58.75200 OK 14 kB IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3802)
Hash 3f311fb02913e44db778183901700d91
d61a1f5290ec44697d42ddce7974b2211330f60a
a629f84c747e10752f6757dc10da810a995c1f1826026205a3111722ad4d3193
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:52:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13480
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:52:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 2621
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-VJ4DRJFEXT
142.250.74.40200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-VJ4DRJFEXT
IP 142.250.74.40:0
File type ASCII text, with very long lines (22462)
Hash c07cfb8e828590ce35b84e77cfce81c7
1cea4ae0a1bb833310cce85cf6af458cff1497ef
f448e983f6b28b87949a49b0cf2ee0abd8ff952da11f51200ee657858413cecd
GET /gtag/js?id=G-VJ4DRJFEXT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 22:52:40 GMT
expires: Mon, 05 Dec 2022 22:52:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 677ed54c7bdc107726dd1a94512c8bbb
16b2f9ed8083380c76a1a2ac4f440ff881e69fce
85001375f0c677d63d1bb38fd02054afca65fcb1f19e018b67ad0d0d6ee8c02d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85001375F0C677D63D1BB38FD02054AFCA65FCB1F19E018B67AD0D0D6EE8C02D"
Last-Modified: Sun, 04 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Tue, 06 Dec 2022 04:52:34 GMT
Date: Mon, 05 Dec 2022 22:52:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9e2bae7be4fb83ac8c6168d4c4d772db
2e698ddff5085ff82f939ef8f08545878ae119c9
19c76a87ea78297e4ffd5c54d11a0230e108e848d8f217448fa00a6801e7aa53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19C76A87EA78297E4FFD5C54D11A0230E108E848D8F217448FA00A6801E7AA53"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 04:52:40 GMT
Date: Mon, 05 Dec 2022 22:52:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9e2bae7be4fb83ac8c6168d4c4d772db
2e698ddff5085ff82f939ef8f08545878ae119c9
19c76a87ea78297e4ffd5c54d11a0230e108e848d8f217448fa00a6801e7aa53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19C76A87EA78297E4FFD5C54D11A0230E108E848D8F217448FA00A6801E7AA53"
Last-Modified: Mon, 05 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Tue, 06 Dec 2022 04:52:22 GMT
Date: Mon, 05 Dec 2022 22:52:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 677ed54c7bdc107726dd1a94512c8bbb
16b2f9ed8083380c76a1a2ac4f440ff881e69fce
85001375f0c677d63d1bb38fd02054afca65fcb1f19e018b67ad0d0d6ee8c02d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85001375F0C677D63D1BB38FD02054AFCA65FCB1F19E018B67AD0D0D6EE8C02D"
Last-Modified: Sun, 04 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21559
Expires: Tue, 06 Dec 2022 04:51:59 GMT
Date: Mon, 05 Dec 2022 22:52:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 677ed54c7bdc107726dd1a94512c8bbb
16b2f9ed8083380c76a1a2ac4f440ff881e69fce
85001375f0c677d63d1bb38fd02054afca65fcb1f19e018b67ad0d0d6ee8c02d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85001375F0C677D63D1BB38FD02054AFCA65FCB1F19E018B67AD0D0D6EE8C02D"
Last-Modified: Sun, 04 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Tue, 06 Dec 2022 04:52:38 GMT
Date: Mon, 05 Dec 2022 22:52:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3623
Cache-Control: max-age=126875
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:40 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:07:15 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TTm4tg2A4tpV+4do1U6GRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WZEWWJoUCI0u9caX6ZDeKjfMSmA=
sahiwalcowindia.com/css/owl.carousel.min.css
103.21.58.75200 OK 1.1 kB URL HTTP/2 sahiwalcowindia.com/css/owl.carousel.min.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3184)
Hash 8110dac83703c6f3bdab05005b338dae
2d7fa29ab9e77366216866a3c399cff917625015
8b88b876325a3b5deaea39fc31f97d9ea452bf5f5a27a4eb0d0cdc5be386fb92
GET /css/owl.carousel.min.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1142
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/slick.css
103.21.58.75200 OK 575 B URL HTTP/2 sahiwalcowindia.com/css/slick.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash c7cd7eaaeceb626699c3f61cf0d97b31
7930a73cbfbc0683ebf12b982b4ec0ddf3498852
9782a15945372abd060dd052ac7e93e7239f7f4ac20ff8716c8f554a2e78855f
GET /css/slick.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 575
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/animate.css
103.21.58.75200 OK 3.6 kB URL HTTP/2 sahiwalcowindia.com/css/animate.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 2fa1d9b1ab05160bffa7b7ada9998587
ae185f5172624e5a90052eca2887edb9a1865d9a
d2c7850a560aa38fa5308690ff91b0fcf4e5cc6b52e69ab5744c28e2e6852c69
GET /css/animate.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3564
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/preset.css
103.21.58.75200 OK 2.1 kB URL HTTP/2 sahiwalcowindia.com/css/preset.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, ASCII text
Hash de0e596b7ed7b7b77a4862084cd4b3f5
58a66a9e9b94f505ba52ceeb83e628a596988ab4
98dbbb70e6924139bc2df879f053cbfcb3635914378aea0dd90cd5f868ee4c26
GET /css/preset.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2136
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/magnific-popup.css
103.21.58.75200 OK 2.2 kB URL HTTP/2 sahiwalcowindia.com/css/magnific-popup.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5691b07253c4a30382130c2da4be8343
4c12d34016c7061965c996599c4086683958e0f1
095326e797678e4aa4be8217bf991180f7b79cdcce552897123ffa68981a0747
GET /css/magnific-popup.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2190
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sahiwalcowindia.com/css/settings.css
103.21.58.75200 OK 9.2 kB URL HTTP/2 sahiwalcowindia.com/css/settings.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (29684)
Hash 365fed24e1147810e895323c419469ec
acf6a063a11aca7476b5aaf1376e2a7d5f129a2e
d12c7ff3906daeb5cb88aae9e8cf3787395c97b20f4ecda81538bfd484c7e6be
GET /css/settings.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9242
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/dlmenu.js
103.21.58.75200 OK 1.6 kB URL HTTP/2 sahiwalcowindia.com/js/dlmenu.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (4102)
Hash 32e99db004bc2b560abc1e14455880e5
84e5e95ca4ce56db70a53bbf4f76a6ca9a7ee4f8
b87effb38974e848fcca7908b3d4e05a0aee6bd5c1535a96b955cec756470a09
Analyzer Verdict Alert fortinet Malware
GET /js/dlmenu.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1577
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/jquery.magnific-popup.min.js
103.21.58.75200 OK 9.2 kB URL HTTP/2 sahiwalcowindia.com/js/jquery.magnific-popup.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (20087)
Hash 7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.magnific-popup.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9204
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/jquery.appear.js
103.21.58.75200 OK 923 B URL HTTP/2 sahiwalcowindia.com/js/jquery.appear.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 50a345c33a16e0a2b09b1bbe701e0881
993932f2d25086a666557b00c85eb342d5d331ed
b9783541cf52a1318ebc3d89a288e99c349b7b9e4b8af50cbc717438e49940b6
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.appear.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 923
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/jquery.shuffle.min.js
103.21.58.75200 OK 6.7 kB URL HTTP/2 sahiwalcowindia.com/js/jquery.shuffle.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (15690)
Hash 0f1f51b258f83ef6d568cf07186b7ea8
9575006c4379dbb115ff066bd8fcd979867fd57a
f23a47e95513006064c68bd60c6a8c003446f5c82bb9fbd82da8c9e5119c3858
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.shuffle.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6689
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/modernizr.custom.js
103.21.58.75200 OK 4.4 kB URL HTTP/2 sahiwalcowindia.com/js/modernizr.custom.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document, ASCII text, with very long lines (8963)
Hash 97521f1fbca5133826b1cffb4bc6cc3c
1f4d413fd2c133fb285e8609827a666c78308ece
7eeb5960624249979c6d04c7b8e2633945392121f50d1334a636c83139314b05
Analyzer Verdict Alert fortinet Malware
GET /js/modernizr.custom.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4443
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/presets/color1.css
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/css/presets/color1.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/presets/color1.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:50 GMT
accept-ranges: bytes
content-length: 0
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/owl.theme.default.min.css
103.21.58.75200 OK 478 B URL HTTP/2 sahiwalcowindia.com/css/owl.theme.default.min.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (846)
Hash eb4a76f05bf1762bd61703377005623b
ce3c8fc73412f3a7300f1b53fa5ad05266e411c8
25d46807ab012b04c8e5f7b54d00656f49077ca5297f357dc9eb4b6dd6c174a9
GET /css/owl.theme.default.min.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 478
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/line-awesome.css
103.21.58.75200 OK 6.1 kB URL HTTP/2 sahiwalcowindia.com/css/line-awesome.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 23ec36a36026b76273b8aad2112d9407
3bde2dc149848e38f1f3665fea1043f2039aedb6
73ae198be8e2275dcdc8bd18635808e2f6e10338e2943cebb743d7744653d9a3
GET /css/line-awesome.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6102
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/responsive.css
103.21.58.75200 OK 7.0 kB URL HTTP/2 sahiwalcowindia.com/css/responsive.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, ASCII text
Hash 5c978fc774c75899b3af61e0905b1681
20d2ab11362a0fbc30913caccd8d79963a8f0d52
256d3f38fa13f249c4e56e0274f8d14f46454cb1678d09f2af87d89d2cc5fdb1
GET /css/responsive.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6963
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.kenburn.min.js
103.21.58.75200 OK 1.6 kB URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.kenburn.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3515)
Hash d0d094ffbe7b2bbe573f544b6805d36f
19a8426404a2b8ec4da1969cb2add2b905541f1b
b613a6ad619b5cbc4c459bfcf1dd05e68be43ef8b9ec0ecbf530bd3f2046b5cd
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.kenburn.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1610
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/icofont.css
103.21.58.75200 OK 16 kB URL HTTP/2 sahiwalcowindia.com/css/icofont.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 58b0c5263439adc46d754b7a6c7a6aea
8b4f2c49fa21d58638af3fc697f2f035b4198439
f5c1f255231eb378906e2f0a5adfde3cc0fd5ed0d6a3d26ca39b1d812b2fd2b8
GET /css/icofont.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15787
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/jquery.easing.1.3.js
103.21.58.75200 OK 2.8 kB URL HTTP/2 sahiwalcowindia.com/js/jquery.easing.1.3.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash def61d453b55428f36bf1e9fa6c30183
7034d21982faba0d22d7085d7f071c16b5014629
862ec44fdd4dd0cf0580f7852ecf15dc07a21b664505023845d8843bd13f1393
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.easing.1.3.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2763
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.carousel.min.js
103.21.58.75200 OK 2.9 kB URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.carousel.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7370)
Hash d39d9187ac5965c30ca6b392d6daec28
f0d770529900b195e1aa1b52a773ba51a3000e95
3ef5d7d22fcf5e355ef34d9fbe3837ab8583a84b45f9dcc2dcc157ced5fb789c
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.carousel.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2935
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.actions.min.js
103.21.58.75200 OK 2.8 kB URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.actions.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8089)
Hash f67c436ce643274928a31d6e5ef1111f
2583b3e16c56da71fd8c4ae99387e87d27448c3e
e9e393a5bfe461b63611d7912253eb940dfc6fee476c2589a021e14459f8f5a3
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.actions.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2840
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.parallax.min.js
103.21.58.75200 OK 4.1 kB URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.parallax.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (10692)
Hash 601ae6cddb5083d12a036dd506031ecc
ff9373447aeb5c4c7b1ae93488460f1a247bc84f
59f4b183c90f29aece1a4fb069cb1371f4b91be42847cc67a9dc3150be08a380
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.parallax.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:41:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4143
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/theme.js
103.21.58.75200 OK 5.9 kB URL HTTP/2 sahiwalcowindia.com/js/theme.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash ce1519e48bb42952b6db4b26fd0712d7
0b53ae021cea5d87c321f3fc17bbed2a5a62b627
ef7befe7572048e9710bd2755f4ca8e706ce6d3fdf06db6b3bfbb48da0e3fa3c
Analyzer Verdict Alert fortinet Malware
GET /js/theme.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5887
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19196
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Mon, 05 Dec 2022 22:52:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19196
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Mon, 05 Dec 2022 22:52:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19196
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Mon, 05 Dec 2022 22:52:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19196
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Mon, 05 Dec 2022 22:52:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 3500
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 3935
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9838b65dde746487c806ee9739f8b222
1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _Hf2XblY73dHIIWTqWgeDzJJalBo6ooCAit1eQ8G8n4385ORBBDakA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
age: 3935
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 1615
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 3850
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:49 GMT
age: 3832
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
142.250.74.35200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:32:08 GMT
expires: Wed, 29 Nov 2023 18:32:08 GMT
cache-control: public, max-age=31536000
age: 534033
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
142.250.74.35200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21352, version 1.0\012- data
Hash 16cc9e59e14cc5df2278ec62d8340a8f
8e1575ef8c49a1473a58d00b409c61e25f7d2e2f
0b281bf2f4179c06ba68f0a427f2341287c41eacc2ce9d534c6f5c513ac633fb
GET /s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:45:09 GMT
expires: Wed, 29 Nov 2023 15:45:09 GMT
cache-control: public, max-age=31536000
age: 544052
last-modified: Tue, 19 Apr 2022 18:30:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.migration.min.js
103.21.58.75200 OK 8.9 kB URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.migration.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (25862)
Hash 4ed0d7cbb7c0a265ad9f8d84818e5e4a
597e8bb90940116d6a51f0cb41003ca513a969e5
479f818646fc06f0292f21a28c3af71852940c41381d6665645aae34105b5953
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.migration.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8886
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.navigation.min.js
103.21.58.75200 OK 8.9 kB URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.navigation.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (25862)
Hash 4ed0d7cbb7c0a265ad9f8d84818e5e4a
597e8bb90940116d6a51f0cb41003ca513a969e5
479f818646fc06f0292f21a28c3af71852940c41381d6665645aae34105b5953
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.navigation.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8886
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.slideanims.min.js
103.21.58.75200 OK 8.4 kB URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.slideanims.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (28818)
Hash f5d5cee895c4da238b07c2671c109cb3
f1cbfa2a17eb3a1d3da6586943da4fdae72280d9
3135a7d9ebd00731afc51aa6f2ec4330cc9a0933b58952efec04265ec90bde63
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.slideanims.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:41:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8376
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.video.min.js
103.21.58.75200 OK 9.7 kB URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.video.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (25833)
Hash 871238fad453056afcdb3d4b56d984a9
e0889798433fd2f97d54f0e97cfd3913d265b7eb
ec257263dfd077998b83ac3c0efbe3a9ec871e743f9641fddb7ffa0cf84d7ae3
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.video.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:41:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9695
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/slick.min.js
103.21.58.75200 OK 14 kB URL HTTP/2 sahiwalcowindia.com/js/slick.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (42862)
Hash e61b26be7b27fbf2a5c2f479364c12b8
ff046102856e16854639a9862521c193fa05e9d7
19f098db827ce2943ab549c6fb9b142c4cc70aa9ecd7d3afc657a3a0eed8be88
Analyzer Verdict Alert fortinet Malware
GET /js/slick.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14332
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/owl.carousel.min.js
103.21.58.75200 OK 16 kB URL HTTP/2 sahiwalcowindia.com/js/owl.carousel.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (31997)
Hash 8a2ba9702fb3cca3c84924959fff383d
ec7e32b952d84e211870dd0e9f1520582e3b4270
ebcdf76e9e513c320785d95cbfa122a4aaa6143fc8ea69a2ea0dedf0277828b8
Analyzer Verdict Alert fortinet Malware
GET /js/owl.carousel.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15883
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/product/about2.jpg
103.21.58.75200 OK 33 kB URL HTTP/2 sahiwalcowindia.com/images/product/about2.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 2891dc40f0f7b26e82af261bb5990884
2d6bcd782b5b57498cac888926e9ee78d225cf25
cc7639cf1564032afc4d9b20b0da5a4959e08655221ebe544f462e4294f3e5e6
GET /images/product/about2.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:52 GMT
accept-ranges: bytes
content-length: 32757
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3465.155204364484!2d77.00440191422243!3d29.715263182003216!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x390e6f2a280bdd19%3A0x66c09af34862f269!2sJAI%20SHRI%20KRISHNA%20DAIRY%20FARM!5e0!3m2!1sen!2sin!4v1649921120000!5m2!1sen!2sin
216.58.207.228200 OK 1.2 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3465.155204364484!2d77.00440191422243!3d29.715263182003216!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x390e6f2a280bdd19%3A0x66c09af34862f269!2sJAI%20SHRI%20KRISHNA%20DAIRY%20FARM!5e0!3m2!1sen!2sin!4v1649921120000!5m2!1sen!2sin
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2246)
Hash f2e7c29225b75e8c1329a75f981c13e3
78bc798c7292e8a79b983ab0f5f20cb2aff6657e
05c046f45d9612699ffcaff1dae976a8ee56f7fb603122a919410ead52ef0b7d
GET /maps/embed?pb=!1m18!1m12!1m3!1d3465.155204364484!2d77.00440191422243!3d29.715263182003216!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x390e6f2a280bdd19%3A0x66c09af34862f269!2sJAI%20SHRI%20KRISHNA%20DAIRY%20FARM!5e0!3m2!1sen!2sin!4v1649921120000!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 22:52:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-SLM9wWKgQ5lCU8h2WuHWUg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1202
x-xss-protection: 0
server-timing: gfet4t7; dur=143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/2/init_embed.js
216.58.207.227200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/2/init_embed.js
IP 216.58.207.227:0
File type ASCII text, with very long lines (2669)
Hash ed2723b79bc5eab77a130d1494114fc3
868e33258f37face8b5d0fe4420632505c1d25be
4707d296c9f44bffe17c3b0a98ea5ce6f0e83cf700ba691ede674daf6f6b4443
GET /maps-api-v3/embed/js/51/2/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69315
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 21:46:01 GMT
expires: Thu, 30 Nov 2023 21:46:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 22:32:00 GMT
content-type: text/javascript
age: 436001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sahiwalcowindia.com/admin/images/p20.jpg
103.21.58.75200 OK 37 kB URL HTTP/2 sahiwalcowindia.com/admin/images/p20.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=[*0*]], progressive, precision 8, 500x500, components 3\012- data
Hash bf59898b9954fcb9f8c55582794c059a
bafd48a655ad012a2f78536e878e1d415b41d81d
97edfb8b6091ccb7be79574e0d729bf24c2102a150dd6b5a66eb5f3de1b2393e
GET /admin/images/p20.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:45 GMT
accept-ranges: bytes
content-length: 36718
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/admin/images/p14.jpg
103.21.58.75200 OK 41 kB URL HTTP/2 sahiwalcowindia.com/admin/images/p14.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 9238251121cb5e46e169e1ca682bd789
b4908a4db26c7d4a6edee3280b4abb56f0016470
a0908b9d3852ec3fddcc49f46b8c99fb31c681ef83a80c76d3681f74b952e14a
GET /admin/images/p14.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:44 GMT
accept-ranges: bytes
content-length: 41129
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/admin/images/p3.jpg
103.21.58.75200 OK 60 kB URL HTTP/2 sahiwalcowindia.com/admin/images/p3.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash e1fb666b42e1ce14ef58d7f052671c13
cbf0dc04c8b94d8535ce54b318e512a8e1f96a50
bb9985024e34b93a32accde1dd725809fbf55de4093c20c98684267f755b7585
GET /admin/images/p3.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:47 GMT
accept-ranges: bytes
content-length: 59785
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/admin/images/p5.jpg
103.21.58.75200 OK 60 kB URL HTTP/2 sahiwalcowindia.com/admin/images/p5.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash e7b5cda954a812459e7f443acfa418cf
dae2d2c6f7b4b22a4d1e1741c2f3adce59842c78
23f71b1da1153f014c5a9eede89d638412e4d0c6cb784b98de2e24f0c10af639
GET /admin/images/p5.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:47 GMT
accept-ranges: bytes
content-length: 59960
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/admin/images/p1.jpg
103.21.58.75200 OK 67 kB URL HTTP/2 sahiwalcowindia.com/admin/images/p1.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 157de60738b95950bf78effc94372e3b
f7894171fa2c16e499b8ca4eef512bf3198c6f24
0333bd4588dccab8d2fc94707dfac584f340dcea850a3e3ebb763c665c061b89
GET /admin/images/p1.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:43 GMT
accept-ranges: bytes
content-length: 66891
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/product/logo.png
103.21.58.75200 OK 102 kB URL HTTP/2 sahiwalcowindia.com/images/product/logo.png
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 440 x 344, 8-bit/color RGBA, non-interlaced\012- data
Size 102 kB (102344 bytes)
Hash a7af387a0be07067e4473728d075f5b2
bf62793aa712255c123d72db8d22a520354c817f
7a52b900e986361f0281320ef6556f15fbb78b1b0d95407053bd361a9082832a
GET /images/product/logo.png HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:55 GMT
accept-ranges: bytes
content-length: 102344
content-type: image/png
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/product/banner3.jpg
103.21.58.75200 OK 165 kB URL HTTP/2 sahiwalcowindia.com/images/product/banner3.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x900, components 3\012- data
Size 165 kB (164645 bytes)
Hash 166f8b9d0c5125ae21fc1707233cac4b
2302c0e73116783fde936cf5621bfd7c7cc06bf0
db10f8d987d6b2cc4b15cb01a4951490b837ff905ff3a6cb5b22ed7eaf5f21ef
GET /images/product/banner3.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:53 GMT
accept-ranges: bytes
content-length: 164645
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/product/banner1.jpg
103.21.58.75200 OK 172 kB URL HTTP/2 sahiwalcowindia.com/images/product/banner1.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x900, components 3\012- data
Size 172 kB (171801 bytes)
Hash 0d783ea6c3cb9fa5e6baabda9a800a8a
5f17b68bbb5a718d08c32cc58a2dba228e1edb70
120f04c983d23e4bec3ec897187caba9779ef4d224deff7ca813434fc73ac11f
GET /images/product/banner1.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:52 GMT
accept-ranges: bytes
content-length: 171801
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/product/banner2.jpg
103.21.58.75200 OK 211 kB URL HTTP/2 sahiwalcowindia.com/images/product/banner2.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x900, components 3\012- data
Size 211 kB (210948 bytes)
Hash 45602ed7606b05b0c64f486e844d3514
15213bd4796f6dc28b64461d30db3f6732303e97
2a29fe7e458ee158e1c429ecb25ea0bf28b5b462641832e3f7d971de540f9077
GET /images/product/banner2.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:53 GMT
accept-ranges: bytes
content-length: 210948
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/line-maker.svg
103.21.58.75200 OK 442 B URL HTTP/2 sahiwalcowindia.com/images/line-maker.svg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (390), with no line terminators
Hash b7ffd5129b6b0386ddba0738f9b67135
fc2bb22966963ca0c177a2bc61e51b9a67772936
00ebf8c5a7a5a6ac80d6487736934c88bbe9536acd4f2fedc0fb6f4f7b576ba3
Analyzer Verdict Alert fortinet Malware
GET /images/line-maker.svg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sahiwalcowindia.com/css/theme.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:39 GMT
accept-ranges: bytes
content-length: 442
content-type: image/svg+xml
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/product/call1.jpg
103.21.58.75200 OK 40 kB URL HTTP/2 sahiwalcowindia.com/images/product/call1.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 550x550, components 3\012- data
Hash 8b2ca2b66b99a15e9fdc24dad36c12a0
66987699971fdd98e8f3843f284031421fbafae3
54d038d2cf3c93b2f8e9d608e3f71e21eab6daa18174b483f0f7a133d061db0b
GET /images/product/call1.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sahiwalcowindia.com/css/theme.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:53 GMT
accept-ranges: bytes
content-length: 40002
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-VJ4DRJFEXT>m=2oebu0&_p=2041850295&cid=1808804731.1670280759&ul=en-us&sr=1280x1024&_s=1&sid=1670280758&sct=1&seg=0&dl=http%3A%2F%2Fsahiwalcowindia.com%2F&dt=JAI%20SHRI%20KRISHNA%20DAIRY%20FARM&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-VJ4DRJFEXT>m=2oebu0&_p=2041850295&cid=1808804731.1670280759&ul=en-us&sr=1280x1024&_s=1&sid=1670280758&sct=1&seg=0&dl=http%3A%2F%2Fsahiwalcowindia.com%2F&dt=JAI%20SHRI%20KRISHNA%20DAIRY%20FARM&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VJ4DRJFEXT>m=2oebu0&_p=2041850295&cid=1808804731.1670280759&ul=en-us&sr=1280x1024&_s=1&sid=1670280758&sct=1&seg=0&dl=http%3A%2F%2Fsahiwalcowindia.com%2F&dt=JAI%20SHRI%20KRISHNA%20DAIRY%20FARM&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://sahiwalcowindia.com
date: Mon, 05 Dec 2022 22:52:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/bg/2.jpg
103.21.58.75200 OK 77 kB URL HTTP/2 sahiwalcowindia.com/images/bg/2.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x567, components 3\012- data
Hash bf8235dbf57d4fa7785aaedd8b79f41c
d658d14abc6382c666591a6e231cbdd7a9db4d10
e5de146d87f5775f0a188d6d5dae519a9c5bc2f9372ac5dfea5a3a7985443bd9
GET /images/bg/2.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sahiwalcowindia.com/css/theme.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:50 GMT
accept-ranges: bytes
content-length: 76831
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/bg/2a.jpg
103.21.58.75200 OK 108 kB URL HTTP/2 sahiwalcowindia.com/images/bg/2a.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x567, components 3\012- data
Size 108 kB (108107 bytes)
Hash b5086fed578055d991fd5819ec298005
393f8bc2d4487a08a9b36e104770b4dd05cd1650
7b0c065f954da8960a2bec1e9a13d1d1696eeb63b8f5a44827f3ad837796eec0
GET /images/bg/2a.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sahiwalcowindia.com/css/theme.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:50 GMT
accept-ranges: bytes
content-length: 108107
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-brands-400.woff2
103.21.58.75200 OK 75 kB URL HTTP/2 sahiwalcowindia.com/fonts/fa-brands-400.woff2
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 74700, version 329.-17826\012- data
Hash dc83ddbbdd108b159117928063699c4e
36960c9095be11315ea5f9031b3d489629268511
30d34a03dcaa7bb6a46bb49960bd4d7648ca71068b0635da5784e3a1f9070ed6
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-brands-400.woff2 HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:29 GMT
accept-ranges: bytes
content-length: 74700
content-type: font/woff2
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-solid-900.woff2
103.21.58.75200 OK 118 kB URL HTTP/2 sahiwalcowindia.com/fonts/fa-solid-900.woff2
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 117452, version 329.-17826\012- data
Size 118 kB (117452 bytes)
Hash 525bd4ae5b9eaa1e23b4a5c8b28c0d9f
0985532515d580890822bd544fab4a7aea46cb33
b5869f6bb9116c6dd0b6b691d57a17954f3c522cf9ae4497094e62146d8bac15
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-solid-900.woff2 HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:35 GMT
accept-ranges: bytes
content-length: 117452
content-type: font/woff2
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-regular-400.woff2
103.21.58.75200 OK 145 kB URL HTTP/2 sahiwalcowindia.com/fonts/fa-regular-400.woff2
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 145152, version 329.-17826\012- data
Size 145 kB (145152 bytes)
Hash 935ae23ba86e111411100dca037d2f0a
d0454a905c24df15d3b53e046a01ab70fc8ce21f
6f15cf39100feae2e2bf4c38f08b2d89701c3f04a2ad84a1d6f89bc70f21cf6e
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-regular-400.woff2 HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:33 GMT
accept-ranges: bytes
content-length: 145152
content-type: font/woff2
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-light-300.woff2
103.21.58.75200 OK 157 kB URL HTTP/2 sahiwalcowindia.com/fonts/fa-light-300.woff2
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 156896, version 329.-17826\012- data
Size 157 kB (156896 bytes)
Hash 6b1c4bcb2a11d69fc64a61f889dfa1d3
313d7b371459d715ffc4c18d483f8541b9d5747a
b6eaf663bf99a31d581721a42668207bdc3d3db6ff33625790019f3682eea9fa
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-light-300.woff2 HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:31 GMT
accept-ranges: bytes
content-length: 156896
content-type: font/woff2
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/icofont.woff2
103.21.58.75200 OK 538 kB URL HTTP/2 sahiwalcowindia.com/fonts/icofont.woff2
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 537868, version 1.0\012- data
Size 538 kB (537868 bytes)
Hash 50a4ab76e700a83e649be213f820fbbd
28ad9e9ac82f86c50eb4dd3d713a0698473bdbb3
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
Analyzer Verdict Alert fortinet Malware
GET /fonts/icofont.woff2 HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:36 GMT
accept-ranges: bytes
content-length: 537868
content-type: font/woff2
date: Mon, 05 Dec 2022 22:52:41 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
142.250.74.35200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 20200, version 1.0\012- data
Hash c8e400bbebae36502af48dcd4a30ea7d
4ab1f2c2a30aef8c1905d94df3b199877103ddb7
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
GET /s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 05:18:02 GMT
expires: Fri, 01 Dec 2023 05:18:02 GMT
cache-control: public, max-age=31536000
age: 408880
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Barlow+Condensed:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Rubik:300,300i,400,400i,500,500i,700,700i,900,900i
142.250.74.106200 OK 89 kB URL HTTP/2 fonts.googleapis.com/css?family=Barlow+Condensed:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Rubik:300,300i,400,400i,500,500i,700,700i,900,900i
IP 142.250.74.106:0
Hash 608247357f8960c10e79a9e19c4bd3f0
ea818016b624747ae88f088fe619d23fdaea00cc
68e5c580ec8cfed9bcd169fcf0f1025017b6ac743cf5f061c728fd6df6a88007
GET /css?family=Barlow+Condensed:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i|Rubik:300,300i,400,400i,500,500i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 22:52:40 GMT
date: Mon, 05 Dec 2022 22:52:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-light-300.woff
103.21.58.75200 OK 207 kB URL HTTP/2 sahiwalcowindia.com/fonts/fa-light-300.woff
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 207100, version 329.-17826\012- data
Size 207 kB (207100 bytes)
Hash a726cedb85b1cfd642eefdf111dec9bf
d6cdeccf3775b83e851762c876f7f52f0355f7cc
85bc2051028418b6e8ba6f6a082655ede908e5e2fe016e8e3a6d752b019bed7e
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-light-300.woff HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:31 GMT
accept-ranges: bytes
content-length: 207100
content-type: font/woff
date: Mon, 05 Dec 2022 22:52:42 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-solid-900.woff
103.21.58.75200 OK 156 kB URL HTTP/2 sahiwalcowindia.com/fonts/fa-solid-900.woff
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 155948, version 329.-17826\012- data
Size 156 kB (155948 bytes)
Hash ae249d48f7cde3656ea6c710ced852fe
57c7439ffe76e4535d94703ad2673a9d09b17acb
b52f2efc83298005f58e4b3ebb95444caceea24b5d00f187d60ffa561f50f3d1
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-solid-900.woff HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:35 GMT
accept-ranges: bytes
content-length: 155948
content-type: font/woff
date: Mon, 05 Dec 2022 22:52:42 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-regular-400.woff
103.21.58.75200 OK 191 kB URL HTTP/2 sahiwalcowindia.com/fonts/fa-regular-400.woff
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 191300, version 329.-17826\012- data
Size 191 kB (191300 bytes)
Hash 23458a3f7f740a5490c3937006e6b3fd
286c0e63fa0918be04400c0443d558e5844d97e9
bb9c0dc71bbf4019d2953aee90bfad209908384fb105be289e8110ebe185b5f4
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-regular-400.woff HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:33 GMT
accept-ranges: bytes
content-length: 191300
content-type: font/woff
date: Mon, 05 Dec 2022 22:52:42 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-brands-400.ttf
103.21.58.75200 OK 130 kB URL HTTP/2 sahiwalcowindia.com/fonts/fa-brands-400.ttf
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type TrueType Font data, 13 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size 130 kB (129620 bytes)
Hash 4005f8899c332f8a2ecfb49f567d3d5d
f5667f8aae1d4a95911fd0ff9d4ea9b4cc053255
35a381f4fd75558b1e1923ba2090808ef1794bf76f4c8e0d4b886a1627559245
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-brands-400.ttf HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:29 GMT
accept-ranges: bytes
content-length: 129620
content-type: font/ttf
date: Mon, 05 Dec 2022 22:52:43 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/icofont.woff
103.21.58.75200 OK 198 kB URL HTTP/2 sahiwalcowindia.com/fonts/icofont.woff
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 645604, version 1.0\012- data
Size 198 kB (197906 bytes)
Hash cac3f01e8f1c015e9e0a740c85445fca
a24b00c473cc2c2b78b88c7fd85dfd99c5e9585e
7b020f08a0ed8da88ca67a970dcaa9f0ee1c1fc4921fa4415d4968f547361c56
Analyzer Verdict Alert fortinet Malware
GET /fonts/icofont.woff HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:36 GMT
accept-ranges: bytes
content-length: 645604
content-type: font/woff
date: Mon, 05 Dec 2022 22:52:42 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 443930
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type gzip compressed data, max compression\012- data
Hash 2853325373e1c020f4defa29faf36e77
ebeb0f817eb4b20f8730fbd68b922d50744ca982
733602161913dbe8187e7b17d111400018ee91d756fede5e16eb881973513fc5
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 443928
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/fontawesome-all.css
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/css/fontawesome-all.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /css/fontawesome-all.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/navigation.css
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/css/navigation.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /css/navigation.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/images/product/about1.jpg
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/images/product/about1.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /images/product/about1.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:52 GMT
accept-ranges: bytes
content-length: 39741
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/bootstrap.min.js
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/js/bootstrap.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /js/bootstrap.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/extensions/revolution.extension.layeranimation.min.js
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/js/extensions/revolution.extension.layeranimation.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /js/extensions/revolution.extension.layeranimation.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/jquery.themepunch.tools.min.js
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/js/jquery.themepunch.tools.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.themepunch.tools.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-regular-400.ttf
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/fonts/fa-regular-400.ttf
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-regular-400.ttf HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:32 GMT
accept-ranges: bytes
content-length: 369336
content-type: font/ttf
date: Mon, 05 Dec 2022 22:52:43 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/jquery-ui.js
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/js/jquery-ui.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /js/jquery-ui.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/admin/images/p7.jpg
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/admin/images/p7.jpg
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /admin/images/p7.jpg HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:47 GMT
accept-ranges: bytes
content-length: 46538
content-type: image/jpeg
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/fonts/fa-solid-900.ttf
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/fonts/fa-solid-900.ttf
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /fonts/fa-solid-900.ttf HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://sahiwalcowindia.com
Connection: keep-alive
Referer: https://sahiwalcowindia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:35 GMT
accept-ranges: bytes
content-length: 313620
content-type: font/ttf
date: Mon, 05 Dec 2022 22:52:43 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/theme.css
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/css/theme.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /css/theme.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/jquery.js
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/js/jquery.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/js/jquery.themepunch.revolution.min.js
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/js/jquery.themepunch.revolution.min.js
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2
sahiwalcowindia.com/css/bootstrap.css
103.21.58.75200 OK 0 B URL HTTP/2 sahiwalcowindia.com/css/bootstrap.css
IP 103.21.58.75:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /css/bootstrap.css HTTP/1.1
Host: sahiwalcowindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sahiwalcowindia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 09:40:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 22:52:40 GMT
server: Apache
X-Firefox-Spdy: h2