r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5466
Expires: Thu, 24 Nov 2022 11:52:45 GMT
Date: Thu, 24 Nov 2022 10:21:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4709
Cache-Control: max-age=91686
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:39 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:49:45 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 10:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 161
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7855
Expires: Thu, 24 Nov 2022 12:32:34 GMT
Date: Thu, 24 Nov 2022 10:21:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ANTCDtmyD3PCACAv+0t4xeu7peGv1Ss4jHW35FDcq/yJPzoVYGFKF4+uPwfi7dFdqEBJBH6PKUM=
x-amz-request-id: S7JFBJCP5W9E9JT9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 09:43:21 GMT
age: 2298
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 10:21:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 10:11:11 GMT
cache-control: public,max-age=3600
age: 629
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5605
Cache-Control: max-age=87518
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:40 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:40:18 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
saeedenterprises.com.pk/
66.219.22.19301 Moved Permanently 0 B IP 66.219.22.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 10:21:39 GMT
Server: Apache
Set-Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222ead251bb34ac60d6c270e222571f779%22%2C%22session_expiration%22%3A1671877300%2C%22session_expiring%22%3A1671873700%2C%22cookie_hash%22%3A%22dbe305f43ef4a3db9290f340ca393c28%22%7D; expires=Sat, 24-Dec-2022 10:21:40 GMT; Max-Age=2592000; path=/
Location: https://www.saeedenterprises.com.pk/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5IwEdzqCIT23UDlm74TS+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E2SMVtHQfPRCdgsX/h3ng7Yir9o=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11291
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11291
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11291
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11291
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11291
Expires: Thu, 24 Nov 2022 13:29:52 GMT
Date: Thu, 24 Nov 2022 10:21:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 19033
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eeac5ead5ce62f0d9e2d4bcefa946208
c2430d901f2b4e4a463e90c540294f334553a246
850a89160f840d7509806c5becd6b074a92613920474195f63d7e7a9cf18d908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bda37a1-533d-48a6-bc76-7ecc9fe2dfc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6426
x-amzn-requestid: 6f27f360-dd76-4aee-a9bc-cbd52cd80def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx8GtpIAMFvQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-69fa8ba571cc62036406e6bf;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wm_pBVCoReupun-_glC47ejuxaRJ6ViGPKClLnWkDrmT-SewUOXexw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:01 GMT
age: 44140
etag: "c2430d901f2b4e4a463e90c540294f334553a246"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 45229
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdebbc7d6d2f262afe69e6f2d97d58b
e62b4e08c2813f67fa0f466b4f66d5d4c609526f
decdfd76f2b382026f13ba2cd07fceae8a8964b4157c0f4dcef6bcd061817b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52586ca-ed31-419d-866f-7a7d8c034cc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6404
x-amzn-requestid: 5a69edc8-b240-4c21-ba0d-dc175b8ff3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvY6HfnoAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d2-4fd0613627b92d636337cbad;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JBcELEHpSjhEJpgL7NWxlolY0Vt_b5RYE9zJyiBgIIZvf2re37TnaQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:23:31 GMT
age: 10690
etag: "e62b4e08c2813f67fa0f466b4f66d5d4c609526f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd3f1be747f6b2f1c35afb01db67b792
a4373037b8b379939b1b099c3ef63f8792e67579
fdbd778a505e1928e9b5296b6150763c2dca9876ec0ef8f772e73ca386ab74d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb020826f-fdb4-41cc-b94d-7a66bca91753.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8441
x-amzn-requestid: c050c897-c6d4-44ef-93c2-cfbf32cd8bff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvClG-AoAMFwxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9210-039834877c2b792b5feb6819;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H31vJjvBF3eWF37DqfsaL-KxOnEHJS1JSmehtTYPhzjZjj-PIhm9pQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
age: 45392
etag: "a4373037b8b379939b1b099c3ef63f8792e67579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b83dcf4ccde90ad94bb32da4fd35e524
ffd4d9f932aacc8ab123d1ab46c983a3f581d171
cf217cf355e7bea4410efd22e89f5a4de4d154153f587f7cad53533a3fcfe1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3bafc39-a86e-44d4-9bf3-97302a57c669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8306
x-amzn-requestid: 9506f26d-36cc-47a1-b6ac-b3f720e35981
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_c81GrAoAMF-4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c751e-68e3f822732b60db1875d538;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:07:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HVv2xtKAWEE91Tw-OxF20Sp64pUJ-aTdOU0pSk7YfanuCcM8W1naAw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:52:06 GMT
age: 8975
etag: "ffd4d9f932aacc8ab123d1ab46c983a3f581d171"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/admin/assets/css/eael-notice.css?ver=5.0.18
66.219.22.19200 OK 1.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/admin/assets/css/eael-notice.css?ver=5.0.18
IP 66.219.22.19:0
Hash df6f6ee7a97d8fc2a618da3da13e33c7
d5d1b819eb2ffedad01ec2a774e0aafb7a06de06
4971582923d26d8b78228790eaa1d100df2aaaa98c2aa8afd7521c57ecbe9860
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/admin/assets/css/eael-notice.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 1089
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/css/themify.common.min.css?ver=4.6.7
66.219.22.19200 OK 4.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/css/themify.common.min.css?ver=4.6.7
IP 66.219.22.19:0
File type ASCII text, with very long lines (4097), with CRLF line terminators
Hash f320a2068bade66eb6e247fd416a8bb0
e4cfc846755ac4ec1b021257c4043f38e6b4dca4
14b248113c12967868feee4903afff090731a5cb50051c34dfd160ada194449d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/themify-builder/themify/css/themify.common.min.css?ver=4.6.7 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Tue, 28 Jan 2020 13:34:26 GMT
Accept-Ranges: bytes
Content-Length: 4099
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
66.219.22.19200 OK 3.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 66.219.22.19:0
Hash d057d17357d72e1a642ef5e2d114449e
eff1b037a96fe2efb4247939938ac8fb09c8b3db
875614250bc202cfce4176b3abc9bbc5ae9932c76e83145e1247928d295cd694
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:19:38 GMT
Accept-Ranges: bytes
Content-Length: 3572
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/
66.219.22.19200 OK 247 kB URL HTTP/1.1 www.saeedenterprises.com.pk/
IP 66.219.22.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3006), with CRLF, LF line terminators
Size 247 kB (246966 bytes)
Hash ead1794ec425e06590097b46eb5507f3
3e4d1ea0fd188a40d8d3442e82272e5d4d8173a9
a5b9cad2ea300bf38cb140b87b6644f1c2cb387fc1e1e0288de17483123589b4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:41 GMT
Server: Apache
Link: <https://www.saeedenterprises.com.pk/wp-json/>; rel="https://api.w.org/", <https://www.saeedenterprises.com.pk/>; rel=shortlink
Set-Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D; expires=Sat, 24-Dec-2022 10:21:41 GMT; Max-Age=2592000; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saeedenterprises.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18
66.219.22.19200 OK 26 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (25658), with no line terminators
Hash eb1a96949e0ea0d08033d3f941bf1f3e
8e8e16cd9105066fe8dc4f80ace8010d060f08f4
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Thu, 10 Jan 2019 03:01:40 GMT
Accept-Ranges: bytes
Content-Length: 25658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saeedenterprises.com.pk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
66.219.22.19200 OK 1.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
IP 66.219.22.19:0
Hash e029929a3396d833554ec4e31a7afb2f
d4a8f65f59ef14b519fc34483813b6d9fb84d303
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:36:24 GMT
Accept-Ranges: bytes
Content-Length: 1645
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.4.5
66.219.22.19200 OK 30 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.4.5
IP 66.219.22.19:0
File type ASCII text, with very long lines (6383)
Hash 322304e40168d07e21782373951ee4b3
e62a42517954807ed75d128d380aa7c1cb92407e
e64100e08c53608c5bb9b424b788a4376a09706ad0bbce0d8fb75622952a5960
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.4.5 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 00:12:30 GMT
Accept-Ranges: bytes
Content-Length: 30440
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=UA-130888778-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-130888778-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash fd84db4e5b72c97b7ec794bfd0a87bc5
17ea40c60eb0758553df2344d14f5b7dffa25eec
4c284609b8649d2e7b63d663d456a8751a5185e5378ce8438ccf30d72538bfbe
GET /gtag/js?id=UA-130888778-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 10:21:42 GMT
expires: Thu, 24 Nov 2022 10:21:42 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18
66.219.22.19200 OK 12 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (9063)
Hash fe0575b66568074463f12485d90f6d4c
aeedd9ab3b7874e63f647042963cb1301a38b391
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 12:13:36 GMT
Accept-Ranges: bytes
Content-Length: 11943
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
maps.googleapis.com/maps/api/js?key=AIzaSyATD99HwVbNOJEWF83oqFVVE8ltKLwzbBg&ver=2.9.3
142.250.74.74200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyATD99HwVbNOJEWF83oqFVVE8ltKLwzbBg&ver=2.9.3
IP 142.250.74.74:0
File type ASCII text, with very long lines (2453)
Hash b258ea7f924c9e7f12079e0c5150d933
7400a747acf6c56dce37063a64c582cf5656a213
b7fc2720ae659f4187f76156f3d9197ca5d65494653256970d17464aab1b0522
GET /maps/api/js?key=AIzaSyATD99HwVbNOJEWF83oqFVVE8ltKLwzbBg&ver=2.9.3 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Thu, 24 Nov 2022 10:21:42 GMT
expires: Thu, 24 Nov 2022 10:51:42 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53358
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
66.219.22.19200 OK 31 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:19:38 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.5
66.219.22.19200 OK 24 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.5
IP 66.219.22.19:0
File type ASCII text, with very long lines (23825), with no line terminators
Hash 0b46d7a2176f8f43ea7e03bdaa7d71ce
1c14f51f28ff130b34fb757925b85bb35fa39cd8
13f5612781cabe645b504a3175df9e2a7fa60143dd96719cc6cfcd81dd1dd542
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.5 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:19:38 GMT
Accept-Ranges: bytes
Content-Length: 23825
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.css?ver=1.0.0
66.219.22.19200 OK 4.8 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.css?ver=1.0.0
IP 66.219.22.19:0
File type ASCII text, with CRLF line terminators
Hash d48cad87ce04970f9a2ed80f2ed2285d
d2ec5b795a3f70ed6cd421554bf0ab3ab1b11cf0
a8fafb3979cb206518537bbd02e5cdaa78a1808b6e58ab8e7cf7941d0b7b344e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.css?ver=1.0.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 08:37:06 GMT
Accept-Ranges: bytes
Content-Length: 4830
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.theme.default.min.css?ver=1.0.0
66.219.22.19200 OK 1.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.theme.default.min.css?ver=1.0.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (1055), with no line terminators
Hash 8c6d37547ed84cbef6238d1d93c10489
d2ca10ebff9784a7fb75545ba6352a7be2a65ee2
20ef53019af4cbfa0a182d8f2791d2fbec540625555ed842f768961166011b8f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.theme.default.min.css?ver=1.0.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 08:37:06 GMT
Accept-Ranges: bytes
Content-Length: 1055
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/css/logo-slider-wp-public.css?ver=1.0.0
66.219.22.19200 OK 5.0 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/css/logo-slider-wp-public.css?ver=1.0.0
IP 66.219.22.19:0
Hash e4512b7fd886eb56ddffa6ab368c2e54
defd92a8ced4ccb79cf37c9c590667ab76aab389
c457c31f79d7475dcbae466d1efddee4bed6f2ad65a59e709a88ba6173b6bc2b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/logo-slider-wp/public/assets/css/logo-slider-wp-public.css?ver=1.0.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 08:37:06 GMT
Accept-Ranges: bytes
Content-Length: 5030
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/css/tooltipster.bundle.min.css?ver=5.0.18
66.219.22.19200 OK 14 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/css/tooltipster.bundle.min.css?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (6495)
Hash 3604b54f3f0ae21c5bd8f4a16468d442
09a81bf0443fed1eb6769963e73ffd7d4ccc6188
25c35a78bf25a51d543ec86ca47bc33d26842a8aab7b74ce7f4aeae76a8de116
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/css/tooltipster.bundle.min.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 14024
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/lib/animate/animate-logo.css?ver=20
66.219.22.19200 OK 81 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/lib/animate/animate-logo.css?ver=20
IP 66.219.22.19:0
File type ASCII text, with CRLF line terminators
Hash b7a9605e1633acf8180cd3f6c604876d
3ff2d5fe95bd41130bffde2211b3ccd43716038a
1ce4f92f822bdfbcceaa71c2fcfe760f5228e445de0c20aeabbb3d93ddda2644
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/logo-slider-wp/public/assets/lib/animate/animate-logo.css?ver=20 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 08:37:06 GMT
Accept-Ranges: bytes
Content-Length: 81132
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/woo-category-slider-grid/public/assets/css/font-awesome.min.css?ver=1.1.3
66.219.22.19200 OK 31 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woo-category-slider-grid/public/assets/css/font-awesome.min.css?ver=1.1.3
IP 66.219.22.19:0
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-category-slider-grid/public/assets/css/font-awesome.min.css?ver=1.1.3 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 11:58:46 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
developers.google.com/maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=2.9.3
142.250.74.14200 OK 8.9 kB URL HTTP/2 developers.google.com/maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=2.9.3
IP 142.250.74.14:0
File type HTML document, ASCII text
Hash dbae26840e71a8308ac452964173de8b
a83989ffebdeea4fcfb8658e0ec4f4c6bd0a311d
803a566788312ecb8341607466ed8eb93abd68d2095bc697e2c22aa58567c768
GET /maps/documentation/javascript/examples/markerclusterer/markerclusterer.js?ver=2.9.3 HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 16 Jan 2017 03:43:59 GMT
set-cookie: _ga_devsite=GA1.3.1544906223.1669285302; Expires=Sat, 23 Nov 2024 10:21:42 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-occg6+ZUbl6Vb/NDYCSvd9mjw2mUhQ' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 10ea7cf20387ab0c55d883ec5e25abd8
vary: Accept-Encoding
date: Thu, 24 Nov 2022 10:21:42 GMT
server: Google Frontend
content-length: 8937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/plugins/woo-category-slider-grid/public/assets/css/style.css?ver=1.1.3
66.219.22.19200 OK 6.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woo-category-slider-grid/public/assets/css/style.css?ver=1.1.3
IP 66.219.22.19:0
Hash 242abb67507c634209243dc754880733
bc4c1f8f33d96ccbe5583defc8918ade8bcc767f
9f7a0c5f854566f65ca863e03386682472301cb027850531bf693953ef0b1c28
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-category-slider-grid/public/assets/css/style.css?ver=1.1.3 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 11:58:46 GMT
Accept-Ranges: bytes
Content-Length: 6138
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/css/essential-addons-elementor.css?ver=5.0.18
66.219.22.19200 OK 177 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/css/essential-addons-elementor.css?ver=5.0.18
IP 66.219.22.19:0
File type assembler source, ASCII text
Size 177 kB (176759 bytes)
Hash 549a944c29bb5d4a17237f6d612cc211
fb1e559c758a589c29f0107bd39456d9e1b090d6
9fcbb949aaad20abccb7867db2ae5a4c59ce7f6076f4aebbf002b3d220189d67
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/css/essential-addons-elementor.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 176759
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/woo-category-slider-grid/public/assets/css/responsive.css?ver=1.1.3
66.219.22.19200 OK 2.8 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woo-category-slider-grid/public/assets/css/responsive.css?ver=1.1.3
IP 66.219.22.19:0
Hash 0f1e7a35ef138b0002699c2e73cd7f10
3ba34ac17fb48a92ee8606f24cb7dbf044f144fa
09bf32786fe69ccc0fcb884bd58c54b8f063a44a7bf3270e2a753bb6b3f0693a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-category-slider-grid/public/assets/css/responsive.css?ver=1.1.3 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 11:58:46 GMT
Accept-Ranges: bytes
Content-Length: 2844
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.7
66.219.22.19200 OK 58 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.7
IP 66.219.22.19:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash aa448de86480dfc1a9644ea6678e14c6
357cab9b620e74232b1327d020050b395bdaef6e
9883e503c2916e2bfa5aff13d031f28e0ca6124cf47ac81dc8013efe4e5d702c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.7 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:12 GMT
Accept-Ranges: bytes
Content-Length: 57976
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/front/css/style.css?ver=5.0.18
66.219.22.19200 OK 14 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/front/css/style.css?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with CRLF line terminators
Hash 9ac1c3d8816486c40ef133d8f2ee600d
eefcb710c190dc3a642710665b67b0c2e12aebc4
b990593713e98aeb50f134d1bfdcdaf6f47ff09f3300288b0a6e866021eaeec9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-slider/assets/front/css/style.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 09:43:58 GMT
Accept-Ranges: bytes
Content-Length: 13731
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/global/css/style.themes.css?ver=5.0.18
66.219.22.19200 OK 19 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/global/css/style.themes.css?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with CRLF line terminators
Hash fa75967aa4672a0050fb136fa00802bc
f6f9633509e0a8df76c0259bd9eabb6927f0c67b
72d81850fb1d2a4d03854809a301353fa0c22387b59fe91738d75545ff8c8834
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-slider/assets/global/css/style.themes.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 09:43:58 GMT
Accept-Ranges: bytes
Content-Length: 18803
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
66.219.22.19200 OK 31 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 08:35:26 GMT
Accept-Ranges: bytes
Content-Length: 31000
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/front/css/owl.carousel.css?ver=5.0.18
66.219.22.19200 OK 4.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/front/css/owl.carousel.css?ver=5.0.18
IP 66.219.22.19:0
Hash 54c924dc9b1b3d442496ab16f9176c74
3794972f11d8f2a4f32dd97387fbda1b23a71d03
0dbf526f57c494e472bfbfd8dfc6f9366ce765c1e20a9dffab2c2c7932838c4a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-slider/assets/front/css/owl.carousel.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 09:43:58 GMT
Accept-Ranges: bytes
Content-Length: 4107
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=5.0.18
66.219.22.19200 OK 9.2 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (9152), with no line terminators
Hash 2151f6abfde142cc09ec939cfcabbf1c
db949218a3c168ea57d4fe9b4196db26140181a8
5fcc39111ad0815edcaaa3b1e2364e362c1c43f8fc588a0a6548ee947713e312
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 00:12:30 GMT
Accept-Ranges: bytes
Content-Length: 9152
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=5.0.18
66.219.22.19200 OK 3.9 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with CRLF line terminators
Hash 40e847e96386a09d8ceec3b7c5fe2f60
e5ee523faee0a79a833beaac39cde8113a4da41a
6d72bf546f56b143edbfa46e9c742db40dda1914cfaf6943be6510337897bbd6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:19:46 GMT
Accept-Ranges: bytes
Content-Length: 3872
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LfY_YUUAAAAAN-9aE2QgO3ILwPg2fsaH7OlmKRD&ver=3.0
142.250.74.164400 Bad Request 119 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfY_YUUAAAAAN-9aE2QgO3ILwPg2fsaH7OlmKRD&ver=3.0
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0
GET /recaptcha/api.js?render=6LfY_YUUAAAAAN-9aE2QgO3ILwPg2fsaH7OlmKRD&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Thu, 24 Nov 2022 10:21:43 GMT
expires: Thu, 24 Nov 2022 10:21:43 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/bootstrap.min.css?ver=2.7.12
66.219.22.19200 OK 109 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/bootstrap.min.css?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (109290 bytes)
Hash 9be7e92c9d3c0d15e957a9ba50011c73
43d16973b90a33413b7d13c924edeca9b2a086c5
5e720bd6a28f46376baf874444d00ba888a962c54434f2541bd54a7a27a95eb0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/css/bootstrap.min.css?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 109290
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/green.css?ver=2.7.12
66.219.22.19200 OK 26 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/green.css?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (393)
Hash e2a1584fc64340538876e7f5a08ca634
f692fd24fcfb06904f537093b1ce83f7907fc6d7
d9bb333b77d81e8d99581570bf20bfa6c33b63eb00960522306ca91bacfb19d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/css/green.css?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 12:21:40 GMT
Accept-Ranges: bytes
Content-Length: 26059
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-includes/css/dashicons.min.css?ver=5.0.18
66.219.22.19200 OK 46 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-includes/css/dashicons.min.css?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (46325)
Hash 1c364e777cd2b874ea6cf09100861c6c
58bb8dabdb753287be070ac2840c0fdbbd27f533
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:42 GMT
Server: Apache
Last-Modified: Sun, 20 Aug 2017 06:10:48 GMT
Accept-Ranges: bytes
Content-Length: 46360
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/owl.carousel.min.css?ver=2.7.12
66.219.22.19200 OK 3.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/owl.carousel.min.css?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (3630), with no line terminators
Hash 4d9c37258b236aa87290e13d8efd98c1
4d49b815709ecd6fee574e6b0b5d30bdf3c87b57
c6a5dd987c14d9f4f3e82b36933e2cfb563e2cf451dc83175ff6d0d20a0d7d13
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/css/owl.carousel.min.css?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 3630
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/animate.min.css?ver=2.7.12
66.219.22.19200 OK 55 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/animate.min.css?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (54711), with no line terminators
Hash 41da0b294842bc5d9bae8b5bfb087972
7acc94356b65417b5ad0d7103452a1583044f7c8
125e980a09a9260c37d9c7309da73a5909f0e05aa20288e8a5767b2b8071a18e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/css/animate.min.css?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 54711
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/font-awesome.min.css?ver=2.7.12
66.219.22.19200 OK 21 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/font-awesome.min.css?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (20612), with no line terminators
Hash 9170c94f8c102141ed4843fd79da6b9d
30cf81ef0373960b86770989e61d243d923b80a7
ec19000685ff3d2ed73a5054ee94dead3d834e5360f516a6cf3967dbda32026d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/css/font-awesome.min.css?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 20612
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
66.219.22.19200 OK 10 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 66.219.22.19:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 16:11:28 GMT
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.js?ver=1.0.0
66.219.22.19200 OK 82 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.js?ver=1.0.0
IP 66.219.22.19:0
File type ASCII text, with CRLF line terminators
Hash 86b153f5d704be2d427254db579447ea
eeaa5cf60cf55ebc95d98d4eccdadb439773ee77
4a0e291bf9c35e5e86dfeb9b33eb8aa2793af2cdd6610bd44eb1fabc1c3b2d6f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/logo-slider-wp/public/assets/lib/owl.carousel2/owl.carousel.js?ver=1.0.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 08:37:06 GMT
Accept-Ranges: bytes
Content-Length: 82221
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/js/logo-slider-wp-public.js?ver=1.0.0
66.219.22.19200 OK 3.0 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/logo-slider-wp/public/assets/js/logo-slider-wp-public.js?ver=1.0.0
IP 66.219.22.19:0
File type ASCII text, with CRLF line terminators
Hash 675a986a9cc70e07cabfc93e0cb22c2b
58c4eaa8746e14852f2b76917e3da163f62775a1
5dff492750f19c0dc1a09dd016fadd32dfb622e94851917878325d923e9109c4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/logo-slider-wp/public/assets/js/logo-slider-wp-public.js?ver=1.0.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 08:37:06 GMT
Accept-Ranges: bytes
Content-Length: 3016
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/style.min.css?ver=2.7.12
66.219.22.19200 OK 292 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/style.min.css?ver=2.7.12
IP 66.219.22.19:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 292 kB (291588 bytes)
Hash ce1bf054ef84646fd0f5d8ff205fea88
ffb5ca9b862133d574f5960ad56a65c2116d880d
f23bdf5e1fefa5b3b5aff3ceb5dd36b3bcf0c9903ec0e2c4b2dd8b8db1f04dd0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/style.min.css?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 291588
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-includes/js/jquery/jquery.js?ver=1.12.4
66.219.22.19200 OK 97 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 66.219.22.19:0
File type ASCII text, with very long lines (31997)
Hash dc5ba5044fccc0297be7b262ce669a7c
f137ff98ae379e35b0702967d3b6866a0a40e3be
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 14:00:46 GMT
Accept-Ranges: bytes
Content-Length: 96874
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1
66.219.22.19200 OK 485 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1
IP 66.219.22.19:0
File type ASCII text, with very long lines (65358)
Size 485 kB (485158 bytes)
Hash ea6875390b793c2c1c75e264be2acb9b
276bdf9e25e7923e3b8c6d4f8757d4e5391037f7
a6f59fc654b5a739d372c1f6954a666d6518236ac67134523277a5548ec40ad0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:46 GMT
Accept-Ranges: bytes
Content-Length: 485158
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/front/js/scripts.js?ver=5.0.18
66.219.22.19200 OK 928 B URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/front/js/scripts.js?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with CRLF line terminators
Hash 1b9d0e67fabab55241a0b37e7ddfa4e1
22c840326750f87b0e70c6c069908871cb9a78c6
54beb9aa558f161f7ed19663788accbf0fe1736c5ad98db80c38a7f48759dd76
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-slider/assets/front/js/scripts.js?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 09:43:58 GMT
Accept-Ranges: bytes
Content-Length: 928
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/front/js/owl.carousel.min.js?ver=5.0.18
66.219.22.19200 OK 85 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce-products-slider/assets/front/js/owl.carousel.min.js?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (359)
Hash c580af66c6b04b963d4b76a90569d6b5
b7b7280d64bf9402e3b101cc07f5b38abd146205
0a1aebdca3b69662a8cb029eb3909c5d8d5d20022b2be9c5497e6d2e12539b1f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-products-slider/assets/front/js/owl.carousel.min.js?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 09:43:58 GMT
Accept-Ranges: bytes
Content-Length: 85100
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
66.219.22.19200 OK 9.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 66.219.22.19:0
File type ASCII text, with very long lines (9172)
Hash 81b2be18696c4dfe620f7b6d0d75a566
0c3cd7bdf58a65b07e17be39cfe4e386571bb4bd
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 00:12:30 GMT
Accept-Ranges: bytes
Content-Length: 9566
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
66.219.22.19200 OK 159 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (32017), with CRLF line terminators
Size 159 kB (159060 bytes)
Hash 2ec3a56df4362d8896c3f381a1cb4bcf
84f26838aafcfbf19b649d8e73375a85c830cf3a
1d35b97cb8449be02c40553556f1031c7a300781586bc3a3447c197aafd6e1ff
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:12 GMT
Accept-Ranges: bytes
Content-Length: 159060
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.3
66.219.22.19200 OK 2.8 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.3
IP 66.219.22.19:0
File type HTML document, ASCII text, with very long lines (2750), with no line terminators
Hash 51826bf206887d13ab2e82a8a7245c64
72f4d6b6c3f88daa45c9ce042d9cb7e5166e9165
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.3 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 00:12:30 GMT
Accept-Ranges: bytes
Content-Length: 2750
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.1
66.219.22.19200 OK 992 B URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.1
IP 66.219.22.19:0
Hash 787fe4f547a6cb7f4ce4934641085910
c2dee88d5bdfef214ce9c56f71a1df51cda0f328
654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.1 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:46 GMT
Accept-Ranges: bytes
Content-Length: 992
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.7
66.219.22.19200 OK 289 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.7
IP 66.219.22.19:0
File type ASCII text, with very long lines (64272)
Size 289 kB (289268 bytes)
Hash 5feaf27da9e25de3bc8157ac83bb2963
9ce876e79d0e42e98932d76852506d8bb165b3a7
2f2ca1625d190a0b70d8632dfabc0e4a5558266c9f03386da097fe3819af8de7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.7 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:12 GMT
Accept-Ranges: bytes
Content-Length: 289268
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
66.219.22.19200 OK 16 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (15658)
Hash abcac4975c248d31ee7f58af56e357a4
f9e3c45b908a633aa76d27804e183030fe311ae7
fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:19:38 GMT
Accept-Ranges: bytes
Content-Length: 15736
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.5
66.219.22.19200 OK 21 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.5
IP 66.219.22.19:0
File type HTML document, ASCII text, with very long lines (20634), with no line terminators
Hash be538aab8a7eed7526f24dd4092f3385
e89972d9d50072fce0c05bbdeb9690e1039c00d6
9139fb7b3cbe0feacffab243c6d4902a67a5b220b7f0509886dac3428108ddbf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.5 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:19:38 GMT
Accept-Ranges: bytes
Content-Length: 20634
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
66.219.22.19200 OK 14 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
IP 66.219.22.19:0
Hash 1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:36:24 GMT
Accept-Ranges: bytes
Content-Length: 14440
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/eael-scripts.js?ver=1.0
66.219.22.19200 OK 31 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/eael-scripts.js?ver=1.0
IP 66.219.22.19:0
Hash a3aad113033241d08984788370bdcced
52b208315c77aedc6f11076cc3ec2763d55ea400
9b78b8fe667a4419e941c19913392fa7afb9b39209caeeae38df1214cbeaa9ae
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/js/eael-scripts.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 30826
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/fancy-text.js?ver=1.0
66.219.22.19200 OK 5.7 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/fancy-text.js?ver=1.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (4607)
Hash 7892cd59dfd1324c887a28c7a4e0c99d
4e7ba0243b31587471fc33b9c5aeb9b7db5a886d
ada9df4388ac125ccc13376fabbf3dca44d6638fcdd38bd91791511d34938195
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/js/fancy-text.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 5707
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/countdown.min.js?ver=1.0
66.219.22.19200 OK 3.5 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/countdown.min.js?ver=1.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (3328)
Hash 06c613219216717f9161c78c84109d12
06cf9c61dbb5c639eb442bf685bad6220a619d9b
91a91b6f03eb418e603a1d43db36870cb9e841699a02e72fc78d8b0b19d62c53
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/js/countdown.min.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 3471
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/masonry.min.js?ver=1.0
66.219.22.19200 OK 24 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/masonry.min.js?ver=1.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (23946)
Hash d94313c3ca257213d724ac82584b97e5
f3af023348d872519df905d720a9b951663e5cd2
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/js/masonry.min.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 24082
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/load-more.js?ver=1.0
66.219.22.19200 OK 3.3 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/load-more.js?ver=1.0
IP 66.219.22.19:0
Hash 9d0c473f20f97972e3a63ff2572fe990
5474afaa3b02c6a22d00fbbaca2c4ee2b428ade3
e510995c012d7d31eaae45c688043fa890e5f3192c2f5fc035acd9037025c350
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/js/load-more.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 3334
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/codebird.js?ver=1.0
66.219.22.19200 OK 54 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/codebird.js?ver=1.0
IP 66.219.22.19:0
File type Unicode text, UTF-8 text, with very long lines (1467)
Hash c77cd29995b8b7bb8c21938066851e12
868ff8d7e5d5c943f99a41540a2937dccdc14e75
b11b163d9f0925dfc802418edee01591ff028aa1aec7ac6bf74e9fe3ee285457
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/codebird.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 53870
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saeedenterprises.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 16732
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saeedenterprises.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:57:58 GMT
expires: Tue, 21 Nov 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 228225
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/doT.min.js?ver=1.0
66.219.22.19200 OK 3.4 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/doT.min.js?ver=1.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (3365)
Hash cc1940d417549fa7b6d80c86f2469e8b
c37fa5ded4de3e272815dafc45e3bf49ee793ce9
5c4a6f162a1df0e73431df017efe3f0f98e8312ed3121ce0eb12af5b9d0ff127
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/doT.min.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 3416
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/jquery.socialfeed.js?ver=1.0
66.219.22.19200 OK 40 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/jquery.socialfeed.js?ver=1.0
IP 66.219.22.19:0
Hash 884755660a96d5a6ba8ed071eb0b389c
497d6e40f55cb5e119b1649e60eec5dc532d4f7d
e0b8049eb1fe221d58a732aa29fc919097564e99e26e4ae0db7274e30c20a925
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/jquery.socialfeed.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 39916
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/jquery.magnific-popup.min.js?ver=1.0
66.219.22.19200 OK 20 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/jquery.magnific-popup.min.js?ver=1.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (20087)
Hash ba6cf724c8bb1cf5b084e79ff230626e
f455c5f153f872e52265f87a644ff89fe14a6fb6
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/js/jquery.magnific-popup.min.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 20216
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/moment.js?ver=1.0
66.219.22.19200 OK 130 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/moment.js?ver=1.0
IP 66.219.22.19:0
File type Algol 68 source text\012- Pascal source, ASCII text
Size 130 kB (130302 bytes)
Hash 8df88c86ee717ab45b3fa7d0398cc2f2
17b234393fe68399be000b1ff4c2cbf8af7e9655
164dc1981dbd7be5a948fa23fd8b7418494690848baeda8f0e05931352248eb8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/social-feeds/moment.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 130302
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 10:21:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/tooltipster.bundle.min.js?ver=1.0
66.219.22.19200 OK 40 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/tooltipster.bundle.min.js?ver=1.0
IP 66.219.22.19:0
File type ASCII text, with very long lines (32056)
Hash 843b8a8618e600e4071e0e15ed40404a
22f2bac90ad47446f148992dd89d863f1230440a
8250a1bc2682e8826ae3d7647ee94059def19643f0034144c9d8e18cf0629ed0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/js/tooltipster.bundle.min.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 39900
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/progress-bar.js?ver=1.0
66.219.22.19200 OK 4.0 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/essential-addons-for-elementor-lite/assets/js/progress-bar.js?ver=1.0
IP 66.219.22.19:0
Hash 5a2b61eb61371886e1211c82a424cd18
dc596c062337ee89da92fdc8e6556a1ff2401e72
7383de8a4d1563f8693f06cc6a85edfc024c2d9b541fb6d31ab297fad5eefc49
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/js/progress-bar.js?ver=1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Thu, 27 Dec 2018 07:28:22 GMT
Accept-Ranges: bytes
Content-Length: 4046
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
66.219.22.19200 OK 1.8 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 66.219.22.19:0
File type ASCII text, with very long lines (1680)
Hash 943f6eb962c25bd965e0f0e5a284fcd0
b050a98ebaef01d7597bf8c1acb995c0ef3bcbd9
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 00:12:30 GMT
Accept-Ranges: bytes
Content-Length: 1846
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Roboto:400
142.250.74.10200 OK 2.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400
IP 142.250.74.10:0
Hash face364a24b5b1ff503159ad5829d85e
886c21596d338f21bf77e22a4463ee137d71ff90
a885af08eca77eff3a88c53aac4e7b4cd878b0f683351c242efc62b787c9092e
GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 10:21:42 GMT
date: Thu, 24 Nov 2022 10:21:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.3
66.219.22.19200 OK 2.9 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.3
IP 66.219.22.19:0
File type ASCII text, with very long lines (2940), with no line terminators
Hash 3518c9cf4786d55c48e6b318cdf3c8de
ee13e5307a87355b9c35aa2e2907f642839a80cf
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.3 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 00:12:30 GMT
Accept-Ranges: bytes
Content-Length: 2940
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.18
66.219.22.19200 OK 4.5 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (4528), with no line terminators
Hash 8497dc4066579911c3e88d775cb87585
c32caf6572f59e347d867609564d0b280e4a306c
9e9e228389f4fd18d520866b8f759b6827622048cccd7700b4e947005833cbe1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:19:48 GMT
Accept-Ranges: bytes
Content-Length: 4528
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
66.219.22.19200 OK 12 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 66.219.22.19:0
File type ASCII text, with very long lines (11827), with CRLF line terminators
Hash 2ddc84acb682cf063dfae91a16d084d3
083298b0e6593aff2a965a0a8c64f55facc69602
00429d119dac421f92b3213ea3ea62abce9257ce0c76b3bef44b101ee089d2d4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:43 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:19:46 GMT
Accept-Ranges: bytes
Content-Length: 11905
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
66.219.22.19200 OK 22 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 66.219.22.19:0
File type ASCII text, with very long lines (21592), with no line terminators
Hash e2335332e53dd86db3fb0c9fc25457af
9c2a6a68bbc2276abab96358fe2a54b014982cb9
d80483c2fe131fd9d01d51b0378e0c3e2a7571e91f4f0fbd37de6276a1b464d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Fri, 11 Mar 2022 00:12:30 GMT
Accept-Ranges: bytes
Content-Length: 21592
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.1.11
66.219.22.19200 OK 5.9 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.1.11
IP 66.219.22.19:0
File type ASCII text, with very long lines (5915)
Hash 81b781795122ad55890bfa9fccb89165
d5213c47ca05aeb0d3fbb236caecc6793bbba2ba
cd694f63b139654068960b0082d63e53f391b8526e07dc68de72b401e740bdc2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.1.11 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Tue, 18 Dec 2018 12:07:46 GMT
Accept-Ranges: bytes
Content-Length: 5916
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/bootstrap-hover-dropdown.min.js?ver=2.7.12
66.219.22.19200 OK 1.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/bootstrap-hover-dropdown.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (1112), with no line terminators
Hash 4bf8fd42243902384d7e1485251964a5
c8eca16bd3291ef6284f2ce07792a60c6ada4e34
a10a42f50f07da55a3c79a1b5c7efc42f8988464de1718673aecde444208b09e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/bootstrap-hover-dropdown.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 1112
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/bootstrap.min.js?ver=2.7.12
66.219.22.19200 OK 35 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/bootstrap.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (35447), with no line terminators
Hash a7586910395dad83221a0daf892ea97e
8219c37424d082c553351ae3dba62787c91bf75c
2a6600d3359063a0af9f55b7e451760d571537e2bdd22587ce913e4fd015027b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/bootstrap.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 35447
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/owl.carousel.min.js?ver=2.7.12
66.219.22.19200 OK 40 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/owl.carousel.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (32068)
Hash ffaa3c82ad2c6e216e68aca44746e1be
2fa7c468110fa68f1f3df6718daf971871623ee9
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/owl.carousel.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 40401
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/echo.min.js?ver=2.7.12
66.219.22.19200 OK 1.5 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/echo.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (1503), with no line terminators
Hash c3dc96810b16663cf6f6cb757f142f58
9182ab63fedde7b730dcc88bef7189ef5b7bfea3
7620d880fba80619a0f5e6227de34646878829b323345bec628ab400d46c6675
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/echo.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 1503
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/css_browser_selector.min.js?ver=2.7.12
66.219.22.19200 OK 1.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/css_browser_selector.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (1072), with no line terminators
Hash 03eae677e53295374e0680f49ff0b9d3
d27f398db1559c82333f2f59c85fd12f1265f058
49fe260b562478107912a9a7c37c21f9ea7574baacf499026eed82cf862072d8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/css_browser_selector.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 1072
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/jquery.easing-1.3.min.js?ver=2.7.12
66.219.22.19200 OK 3.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/jquery.easing-1.3.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (3601), with no line terminators
Hash d287fc5271982cfc5ae878af40ce5f22
99d0acf05e2e8532bf70faaa183742be12024f42
a6457148d4b46728762e4c96a4766c2f19adcb215ddeb3678fed7d5946419c79
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/jquery.easing-1.3.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 3601
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/jquery.customSelect.min.js?ver=2.7.12
66.219.22.19200 OK 2.3 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/jquery.customSelect.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (2270), with no line terminators
Hash 558335ccef2416a2d443d88af0712774
203bbadd7f9c830258206c64fe43a84cb54f7031
eac5484bea370c8c4d232dcc218425f678df30c3fe1305128dd25fe78d8ce1af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/jquery.customSelect.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 2270
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/typeahead.bundle.min.js?ver=5.0.18
66.219.22.19200 OK 40 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/typeahead.bundle.min.js?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (32120)
Hash 50b3624118ff999fe0cdbbc1022f5e17
c9432c1f4854f9cc09f31788a87d90c72ec470e9
697831dcbb2800c4acb7051157ffea2053dbb50fb7428af141e2dc5186025d52
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/typeahead.bundle.min.js?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 40146
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/handlebars.min.js?ver=5.0.18
66.219.22.19200 OK 47 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/handlebars.min.js?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (32087)
Hash 5a1f85d37673e6c841efb11dd2823aac
6376d8276fa01979121632ca22795eebf22bfa63
3a261a9ccc36fab7942583359ba1b209abdf28c0bc9cd1f9ced4fa94e14b1682
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/handlebars.min.js?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 47416
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/wow.min.js?ver=2.7.12
66.219.22.19200 OK 8.3 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/wow.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (8340), with no line terminators
Hash 013fca87a513724a51b58881be617eb0
0bc0ae07bbcfdaf90f0fda308742ab6d18bc44a6
89a3edfafb5493ef11f80a798f85042a7adf084951e91302e7e9f190671119db
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/wow.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 8340
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/jquery.jplayer.min.js?ver=2.7.12
66.219.22.19200 OK 43 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/jquery.jplayer.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (601)
Hash 57cc9cc36b04ff1ae1f70d503da76735
48f674c46fede11e772820075949551cdd3d9195
9f08a9beb38a5ef1fef013d44067cc8c91ef74c0063821b29e1a18fe3d92e88a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/jquery.jplayer.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 43311
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/scripts.min.js?ver=2.7.12
66.219.22.19200 OK 16 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/js/scripts.min.js?ver=2.7.12
IP 66.219.22.19:0
File type ASCII text, with very long lines (16312), with no line terminators
Hash 18277b04a12507251af65379818911a7
de81a0c2cb05c118041351429b59ea0fdcaaea26
d14b82a31bbdf1043c0627133fcca4e2f8dd68212ab463de95408ffa3315bab3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/js/scripts.min.js?ver=2.7.12 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 16312
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-includes/js/hoverIntent.min.js?ver=1.8.1
66.219.22.19200 OK 1.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP 66.219.22.19:0
File type ASCII text, with very long lines (1087), with no line terminators
Hash 3dc5811cb7bb6e67b9054c8c39f9f4c9
ced11144eb84a14db2b3b0ab92998128c5e88204
124f0860b7201dc2fa46889b30ac0e4269e84ac2e71c33dc025ed14ed15bd8f0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 12:13:36 GMT
Accept-Ranges: bytes
Content-Length: 1087
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.5.3.2
66.219.22.19200 OK 21 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.5.3.2
IP 66.219.22.19:0
Hash ae00b037ded69eb1babdf5f4d68fecf9
5b1c01b730b6828efb46c782cf7d86f19a07d0f7
9104e6d55f14cb1986c475c75f106ff550e1044c87cc947e5f2f48fe95626809
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.5.3.2 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Sat, 29 Dec 2018 10:51:22 GMT
Accept-Ranges: bytes
Content-Length: 20858
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1
66.219.22.19200 OK 21 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1
IP 66.219.22.19:0
File type ASCII text, with very long lines (20382)
Hash 5a627237805ba8fde358e571c3333197
b7365a7674259f505dc10e24e1b06c7e64555ed1
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:46 GMT
Accept-Ranges: bytes
Content-Length: 20601
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-includes/js/wp-embed.min.js?ver=5.0.18
66.219.22.19200 OK 1.4 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-includes/js/wp-embed.min.js?ver=5.0.18
IP 66.219.22.19:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.0.18 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 12:13:36 GMT
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/icegram/assets/js/main.min.js?ver=1.10.45
66.219.22.19200 OK 2.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/icegram/assets/js/main.min.js?ver=1.10.45
IP 66.219.22.19:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2617), with no line terminators
Hash 041d9d9c6ce99ce1d5692da517858ae5
6e1f44ad6ee725031cf9ec029cbc1310b4984c2d
ce25dd4682513c9b187b768af15064e8bf9481ee488c088abf49c18547ceeac3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/icegram/assets/js/main.min.js?ver=1.10.45 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 21 Dec 2020 11:01:35 GMT
Accept-Ranges: bytes
Content-Length: 2617
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saeedenterprises.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 72852
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/fonts/fontawesome-webfont.woff?v=4.1.0
66.219.22.19200 OK 84 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/fonts/fontawesome-webfont.woff?v=4.1.0
IP 66.219.22.19:0
File type Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Hash fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/css/fonts/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/css/font-awesome.min.css?ver=2.7.12
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 83760
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: font/woff
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.saeedenterprises.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 53256
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/uploads/2020/02/NewLogoForWeb.png
66.219.22.19200 OK 21 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/02/NewLogoForWeb.png
IP 66.219.22.19:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c4d6f56eaab9a8ac09ad6dc8c8a4add
c5819e8241d5f1e2afbc0052d568a0b71805f55e
60aa2982d845244650fb11c2fd7fd0aa2af61c0b99e51f72e7b7e6b9c223a7e2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/NewLogoForWeb.png HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 17 Feb 2020 08:54:04 GMT
Accept-Ranges: bytes
Content-Length: 20700
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ECM-77B-300x300.jpg
66.219.22.19200 OK 6.9 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ECM-77B-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 2fe7334f6e38c95b62cb11dd969fc23f
399d2344ac0fe471f53a3691a39d1f9974ef07a0
de09387eae2c031eeab8fc0c1b86803a5d55f5261bf390d86d6da3307b5ab42a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/ECM-77B-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Sat, 05 Jan 2019 15:29:48 GMT
Accept-Ranges: bytes
Content-Length: 6878
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ew-135p-300x300.jpg
66.219.22.19200 OK 5.7 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ew-135p-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 96ace551a31b61271d730c268286fb2f
7e040109a070d32383a173c9e78099a907c6cec9
a1676fddd043087c490efe9529d2e2e8be277073196143cfcc8425a5d404c36e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/ew-135p-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Thu, 03 Jan 2019 07:56:32 GMT
Accept-Ranges: bytes
Content-Length: 5698
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ew-112p-300x300.jpg
66.219.22.19200 OK 9.7 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ew-112p-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 6d5955b93e225fce69ee5ec36c391f0d
7ff8c17c96dc812ea8c6c85b05fb8acd0396952e
23c001ffcf14d900701ad1f5dc7e086abec55bb162a821307e0dbf25dafdf1f3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/ew-112p-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Thu, 03 Jan 2019 07:58:10 GMT
Accept-Ranges: bytes
Content-Length: 9664
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/02/rode_videomic_pro-300x300.jpg
66.219.22.19200 OK 8.5 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/02/rode_videomic_pro-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash ff6c3181a5c7db4286f89c4b74710442
945df065dff35330c54672c71a35308b768751ba
1f0cd4a6c3889f28dd91929522c1a129b9efc4bc42b1a3f4299e95bf584cfe98
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/02/rode_videomic_pro-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Tue, 19 Feb 2019 10:39:50 GMT
Accept-Ranges: bytes
Content-Length: 8513
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/plugins/icegram/message-types/action-bar/themes/action-bar.min.css?var=1.10.45
66.219.22.19200 OK 20 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/icegram/message-types/action-bar/themes/action-bar.min.css?var=1.10.45
IP 66.219.22.19:0
File type ASCII text, with very long lines (19565), with no line terminators
Hash 2e190f4e10dd79a0e6dc427307cc0450
eb4d83a0417406719a96205555ea6fd0200833c4
381093f4655a83f1409f487814cc2ccc81312573f334ba265a3789222a62853b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/icegram/message-types/action-bar/themes/action-bar.min.css?var=1.10.45 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 21 Dec 2020 11:01:35 GMT
Accept-Ranges: bytes
Content-Length: 19565
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/icegram/assets/css/frontend.min.css?var=1.10.45
66.219.22.19200 OK 20 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/icegram/assets/css/frontend.min.css?var=1.10.45
IP 66.219.22.19:0
File type ASCII text, with very long lines (19756), with no line terminators
Hash abc7f0ab053d09cd5caeddc5ef1be7ee
1e8e9868ae9b6d4d61a06789302ce6d43461ac86
057e5577fd8181db248cb6ee56fd507172611c393853c04dbd6355dbcb5f6561
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/icegram/assets/css/frontend.min.css?var=1.10.45 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 21 Dec 2020 11:01:35 GMT
Accept-Ranges: bytes
Content-Length: 19756
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/plugins/icegram/assets/js/icegram.min.js?var=1.10.45
66.219.22.19200 OK 46 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/icegram/assets/js/icegram.min.js?var=1.10.45
IP 66.219.22.19:0
File type ASCII text, with very long lines (46281), with no line terminators
Hash 212fbfebffc1a09186841589a034064c
83055fb0291c66e55c5f76246c40ff4d83b9afaf
c5c899ad19d1b2d3fb954bafbaacb90f7d8f29bf9d43e67c20eb8a2de2368769
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/icegram/assets/js/icegram.min.js?var=1.10.45 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 21 Dec 2020 11:01:35 GMT
Accept-Ranges: bytes
Content-Length: 46281
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/assets/transparent.png
66.219.22.19200 OK 122 B URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/assets/transparent.png
IP 66.219.22.19:0
File type PNG image data, 300 x 200, 1-bit grayscale, non-interlaced\012- data
Hash 86c58b484b48eac285e131e8b55d2ce7
3d3ee4c137a6f36e5fbee31e21a4d08f2c38d20e
9603ffeb6772f1cf745e0097d5d6c046eaf16151e5bc521f20764bba5ddb7713
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/assets/transparent.png HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:12 GMT
Accept-Ranges: bytes
Content-Length: 122
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
66.219.22.19200 OK 7.5 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
IP 66.219.22.19:0
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.7
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:12 GMT
Accept-Ranges: bytes
Content-Length: 7536
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: font/woff
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/images/ajax.gif
66.219.22.19200 OK 9.4 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/images/ajax.gif
IP 66.219.22.19:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 14a0936bd54fd18c22b5e7fb86ba26a3
2d98f498a619d0b3d663b8b76948ddb81b7c9950
8c2eb6a48bdaf70d84b6856aafc35a9cfa880ec5486b70d55ced577327a60fba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/images/ajax.gif HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/wp-content/themes/mediacenter/style.min.css?ver=2.7.12
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 9427
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/gif
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ntg4-300x300.jpg
66.219.22.19200 OK 8.7 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ntg4-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 771ed8395fad6a0ff216ba80b537e680
f460b212ff9e9d2248d8b10c5c0ec86c49ce53fa
900af67e364f408aa9c37cbd2fd5c7d6ac4e47de160bd00e82c25006ebb65adf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/ntg4-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Sat, 05 Jan 2019 14:55:00 GMT
Accept-Ranges: bytes
Content-Length: 8650
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2020/01/Rode-Nt1A-Kit-productimage-300x300.jpg
66.219.22.19200 OK 21 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/01/Rode-Nt1A-Kit-productimage-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 6558d2a7c7b593daccfb63a55fd9bf77
7253b461557f12c82648c8b65377756235e41f59
bf507de18a515553220bbe40249bb4c522f38c51901b4f2ae0bf59efb146ddf9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/01/Rode-Nt1A-Kit-productimage-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Tue, 28 Jan 2020 13:22:27 GMT
Accept-Ranges: bytes
Content-Length: 20971
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.googleapis.com/css?family=Roboto%3A400%2C500&subset=latin%2Clatin-ext&ver=1.1.3
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C500&subset=latin%2Clatin-ext&ver=1.1.3
IP 142.250.74.10:0
Hash 00cf89888e5ab5e635381e10c656cb59
f6e3d1e6aef2b0fabfcef24e80c533f199f62ec6
5a6f6c906228ea6852c62a2ba81a2aa54adab1aca7c3fc24479da74c9e84974d
GET /css?family=Roboto%3A400%2C500&subset=latin%2Clatin-ext&ver=1.1.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 10:21:42 GMT
date: Thu, 24 Nov 2022 10:21:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C800
142.250.74.10200 OK 11 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C800
IP 142.250.74.10:0
Hash 6cb647c37a6b1dfe83636ad4dad8470a
535963d01aff4d0687cf470fd38ef4e1423fe752
80f2ad75dd6ccb5f30b5a8fcad8836f3d8e116fb311c79e78920462e8e783b10
GET /css?family=Open+Sans%3A400%2C600%2C700%2C800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 10:21:42 GMT
date: Thu, 24 Nov 2022 10:21:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/PXW-X70-300x300.jpg
66.219.22.19200 OK 15 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/PXW-X70-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 19ce6f4f8f01674e5123f72901298b6e
3411c5faec97b1d34c359a54d5bd5d7fa57854a4
a7d8a7a881194f65d6748f3b99228923c864363ca7258a4c9bca69d80148b89e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/PXW-X70-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Sat, 05 Jan 2019 15:26:00 GMT
Accept-Ranges: bytes
Content-Length: 15120
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/swift-jib-50-300x300.jpg
66.219.22.19200 OK 9.3 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/swift-jib-50-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash b04efcf8060394a78ccb8e25259eb1bc
3102d17d6520cf88bf20fd57fba4a6dff0e69af7
48a893a81b1958a4e8476d1217323c891f8233b4536e233bfa7cb2df1a4d84f7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/swift-jib-50-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Mon, 17 Feb 2020 08:48:00 GMT
Accept-Ranges: bytes
Content-Length: 9349
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/images/blank.gif
66.219.22.19200 OK 42 B URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/themes/mediacenter/assets/images/blank.gif
IP 66.219.22.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/mediacenter/assets/images/blank.gif HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Wed, 14 Aug 2019 08:11:10 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/gif
www.saeedenterprises.com.pk/wp-content/uploads/2020/12/Sony-HXR-NX100-300x300.jpeg
66.219.22.19200 OK 14 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/12/Sony-HXR-NX100-300x300.jpeg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 8d496564702fe91bc2cf81ba84996409
7baa0e7825d1208248d63f4e45ca9568db1413ea
fd2186933a4899fa6347a6c24e4b301d368611cb9eb0e2077eda13c96b107cef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/Sony-HXR-NX100-300x300.jpeg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Sun, 20 Dec 2020 13:56:32 GMT
Accept-Ranges: bytes
Content-Length: 13901
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ME-66-300x300.jpg
66.219.22.19200 OK 6.7 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ME-66-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 40399cb04661eded35eb371788162b56
b3812f1236adb7bcb3673e98788c9b367bd872e5
3464dfb4289475ebe7b85f6726cc44932d16d59a6ea5f169ca273321378025e6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/ME-66-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Thu, 03 Jan 2019 08:15:50 GMT
Accept-Ranges: bytes
Content-Length: 6731
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ME-3-II-300x300.jpg
66.219.22.19200 OK 8.1 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ME-3-II-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 0aa47808696355d94021efecfd8cd869
4464df639621a85a6f458e6c45d44f467315323e
8c6471e4a52ed8238cb095dfa624d76dc901c74c60e524f20a9028738efea9d5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/ME-3-II-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Last-Modified: Thu, 03 Jan 2019 07:50:06 GMT
Accept-Ranges: bytes
Content-Length: 8118
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/meomory-mic-300x300.jpg
66.219.22.19200 OK 8.3 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/meomory-mic-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 9200506186675847df840ab7d7a47d71
74abba389f0a66fb7e3d9530ea8ffa8f0e8a63a6
5869d44573a150f5a467f3112d940214eab429d053969cfbdedfbcec1c08b069
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/meomory-mic-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Thu, 03 Jan 2019 07:43:38 GMT
Accept-Ranges: bytes
Content-Length: 8348
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/assets/loader.gif
66.219.22.19200 OK 2.5 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 66.219.22.19:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.7
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:37:06 GMT
Accept-Ranges: bytes
Content-Length: 2545
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/gif
www.saeedenterprises.com.pk/wp-content/uploads/2020/01/Rodevc1-300x300.jpg
66.219.22.19200 OK 16 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/01/Rodevc1-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 71129d39be2a200c1c4fd09a2cc88579
76d1aa9059d8566e9dede39556cee455fa7137eb
91666f098496507407fc24e9b2df4998367e129e2abbe5d87cb7802f2559353d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/01/Rodevc1-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Tue, 28 Jan 2020 14:41:22 GMT
Accept-Ranges: bytes
Content-Length: 16015
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/H5-300x300.jpg
66.219.22.19200 OK 11 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/H5-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 68d0895decde166bf69ca230e6e0fd8d
85cdde7c59139c5b7c1286fefa4f1d7820beeb2c
997ee5d1f14558caff5702bf8f8d1f47281e627a7ffe210db4d7d36a739e98f4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/H5-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Sat, 05 Jan 2019 15:02:42 GMT
Accept-Ranges: bytes
Content-Length: 10868
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/css/font-awesome.min.css?ver=4.6.7
66.219.22.19200 OK 81 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/css/font-awesome.min.css?ver=4.6.7
IP 66.219.22.19:0
File type ASCII text, with very long lines (54456), with CRLF line terminators
Hash 1159e33e16116a534ceeb556f399cc00
ac99913ad21a275a4c1a607f412de69f8432c713
9bddd0e32396b095240f122ab8cffe2c0b688267bda9b944108437b1c022d3c0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/themify-builder/themify/fontawesome/css/font-awesome.min.css?ver=4.6.7 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Tue, 28 Jan 2020 13:34:26 GMT
Accept-Ranges: bytes
Content-Length: 80941
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/css
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ATH-M50X-RED-300x300.jpg
66.219.22.19200 OK 8.4 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/ATH-M50X-RED-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash d66ff589f2d45caba6f1d7fcb3cd96af
222b35fb3d8bb238e41f9bff905230e18be78e54
4056b2e6bb0635132d99751d9bb1a144e0cbd160fe73f23cf0b4dde4a791d5ed
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/ATH-M50X-RED-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Sat, 05 Jan 2019 09:55:02 GMT
Accept-Ranges: bytes
Content-Length: 8360
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/SM58-600x300.jpg
66.219.22.19200 OK 8.0 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/SM58-600x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x300, components 3\012- data
Hash 3e64060e531160e3f23f4473ab2f222b
db468c9d18ac448f4b832b0dacab63979c3ecc9e
f7849084e132735b2d45ef613e635ceb1be47b8b0a61fcc89405d6965659e1c7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/SM58-600x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Sat, 05 Jan 2019 09:56:44 GMT
Accept-Ranges: bytes
Content-Length: 7961
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/zoom-h6.jpg
66.219.22.19200 OK 8.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/zoom-h6.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Hash 0256ff39d4709882f4aef192dc5faa96
dec04a0d54a8c63b36abead27a69dfeed24abccf
ce20669724407a42101963ae32786777c544268b56e3da2d17b213773fa0330b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/zoom-h6.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 20 Feb 2019 08:56:22 GMT
Accept-Ranges: bytes
Content-Length: 8589
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/plugins/icegram/assets/images/sprite_1.png
66.219.22.19200 OK 15 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/icegram/assets/images/sprite_1.png
IP 66.219.22.19:0
File type PNG image data, 790 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash fa0a2a6e0ee6fa6b998b4128c2298ff1
5c13d0cd1c0d29fea254a88cc961aa65f7d800eb
df84219e179ad67d80965927d8c7d11cb95fceca8fadfb44f13ee0c7db3ea393
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/icegram/assets/images/sprite_1.png HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/wp-content/plugins/icegram/message-types/action-bar/themes/action-bar.min.css?var=1.10.45
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Mon, 21 Dec 2020 11:01:35 GMT
Accept-Ranges: bytes
Content-Length: 14916
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: image/png
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/h1-300x300.jpg
66.219.22.19200 OK 9.9 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/h1-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 22e2df36e98e499842cf4a789c30d401
6c1bd08e64cb48772d720c10b0b81190584ef102
77dbff79e611279bb26adb615bca11d854b2f761d35e967da258061774223da3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/h1-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Sat, 05 Jan 2019 15:06:18 GMT
Accept-Ranges: bytes
Content-Length: 9887
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/02/zoom-f8-300x300.jpg
66.219.22.19200 OK 12 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/02/zoom-f8-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 688ec7e425649cb8dccb3a80daeccdb7
5c4108a12c979f5a0f93e85e26e5f34a45d2dd58
5a04e1a7117664a15f1c2bcbe6a8d1ef1dd37a5812db2e01b71d3b217f6d3390
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/02/zoom-f8-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 20 Feb 2019 08:18:04 GMT
Accept-Ranges: bytes
Content-Length: 11797
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2020/02/Sony-XQD-120GB-300x300.jpg
66.219.22.19200 OK 16 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/02/Sony-XQD-120GB-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 80766e07678613d8976f72ad0298b33e
af5476b117ebfe69c07ad5c179049b0674e26ce7
1583109c51bfe07f62b392ffbbd4b3d8fe5419fddf0f0027c12dd6287d85650a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/Sony-XQD-120GB-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Sat, 01 Feb 2020 11:36:15 GMT
Accept-Ranges: bytes
Content-Length: 16393
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-solid-900.woff2
66.219.22.19200 OK 74 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-solid-900.woff2
IP 66.219.22.19:0
File type Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064\012- data
Hash 462806316fea535a6a57651bc2b000b0
80644191098f863f25be27841c0d92c452cf2327
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/css/font-awesome.min.css?ver=4.6.7
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Tue, 28 Jan 2020 13:34:26 GMT
Accept-Ranges: bytes
Content-Length: 74348
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: font/woff2
www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-regular-400.woff2
66.219.22.19200 OK 14 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-regular-400.woff2
IP 66.219.22.19:0
File type Web Open Font Format (Version 2), TrueType, length 13592, version 329.31064\012- data
Hash 65779ebcc35604a25c2ba77309c5b8af
fbb0d9d51850d824d7eba66e0e210c778d6d42f5
940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/css/font-awesome.min.css?ver=4.6.7
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Tue, 28 Jan 2020 13:34:26 GMT
Accept-Ranges: bytes
Content-Length: 13592
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: font/woff2
www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-brands-400.woff2
66.219.22.19200 OK 72 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-brands-400.woff2
IP 66.219.22.19:0
File type Web Open Font Format (Version 2), TrueType, length 72112, version 329.31064\012- data
Hash 4b115e1153a9ea339d6a0bb284cc8ed3
f988b2efe9434b0af28943708d33dd3afad9a5ba
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/themify-builder/themify/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/wp-content/plugins/themify-builder/themify/fontawesome/css/font-awesome.min.css?ver=4.6.7
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Tue, 28 Jan 2020 13:34:26 GMT
Accept-Ranges: bytes
Content-Length: 72112
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: font/woff2
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/HXR-NX80-300x300.jpg
66.219.22.19200 OK 18 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/HXR-NX80-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 822ec57b6a7a2736060c8653d27e4336
afbe14296f6eab0aabf23b7a214416dbb50d534a
bb147af8f907aee332687b0366abd5a48a28c9fa7d5ad989df95830cb47a66ba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/HXR-NX80-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 10:48:56 GMT
Accept-Ranges: bytes
Content-Length: 17971
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/HXR-NX70-300x300.jpg
66.219.22.19200 OK 18 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/HXR-NX70-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 3385f6bf20a066f4c5a9c5db3f2697cc
bb53f687224fb89a27cc34c4775251014d624330
e48edd4c97b68f664f1c126b099abcc07cf12d3714b7fcee49777571f7c97298
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/HXR-NX70-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 10:43:12 GMT
Accept-Ranges: bytes
Content-Length: 17836
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/HDR-FX7-300x300.jpg
66.219.22.19200 OK 13 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/HDR-FX7-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 0e88b4920ec058d67002c07e31fa4a7f
89f05d312eeb05ab02e478e2026a2c63c846368f
21848e5efc9d26bf11be0b12fc114eda1be42e635e609b30de2cebaaeef98b26
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/HDR-FX7-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 10:52:46 GMT
Accept-Ranges: bytes
Content-Length: 12665
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/BP-U90-300x300.jpg
66.219.22.19200 OK 7.7 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/BP-U90-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash a9f2201184c8ed504075f16c4377c811
ffe9d0e62de3a18ede66e215fdfa52d22aaa40a2
6f618378dd677cca29ad99828a9e5074e2e04c5cdd844cb3e3b8f2791adffb2e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/BP-U90-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 10:59:00 GMT
Accept-Ranges: bytes
Content-Length: 7652
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2018/12/BP-U60-300x300.jpg
66.219.22.19200 OK 9.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2018/12/BP-U60-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash d56cbfc6ec4de32a3b25e7e2595d7f46
9ef571df9fd07cbe97cee0f59f16f72211ed124c
107ae3aecdfb71f34059454b3892b791b4b7a8f7a12f78757e9ff6ef854d736c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/12/BP-U60-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 09:28:02 GMT
Accept-Ranges: bytes
Content-Length: 9572
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2014/09/brand-04.jpg
66.219.22.19200 OK 3.6 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2014/09/brand-04.jpg
IP 66.219.22.19:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 145x36, components 3\012- data
Hash 7d5a72a69af462a59597a630256c7eff
33b88360d26d6c077a5b63384f432e1d4046e848
3666b3c87f873360bfaeba3a4fe0819bb83dce5f829aa0a1686d06a6f18f9cd5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2014/09/brand-04.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:27:44 GMT
Accept-Ranges: bytes
Content-Length: 3553
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2014/09/brand-03.jpg
66.219.22.19200 OK 3.7 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2014/09/brand-03.jpg
IP 66.219.22.19:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 145x36, components 3\012- data
Hash e2a2a5b7eb25714374129459c01e24ed
4c19e6cbb2fd44968ded45e8d0f3e28f695c26b5
bdd49db453faaba688f4ca152f5700b5b86763c448e42db2645546b1239e2e05
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2014/09/brand-03.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:27:42 GMT
Accept-Ranges: bytes
Content-Length: 3697
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2014/09/brand-02.jpg
66.219.22.19200 OK 3.4 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2014/09/brand-02.jpg
IP 66.219.22.19:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 145x36, components 3\012- data
Hash b412640e6879f8f844ef7b5898b024a4
5741d58459b3132858e22fad7a731aae24f17a77
ee066908d1622754f7593dbee6f5515fa759dd5c800d3a3b2d0472adf0d5a3f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2014/09/brand-02.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:27:42 GMT
Accept-Ranges: bytes
Content-Length: 3417
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2014/09/brand-01.jpg
66.219.22.19200 OK 3.5 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2014/09/brand-01.jpg
IP 66.219.22.19:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 145x36, components 3\012- data
Hash 5196c8ee14e6ca23aa92e290f6c7a606
18466ea57115529fd0fb0e16ee45c1b032bc14ac
62e28f43f53ce6c2dd045770cf856418fab918b6cdaf471c7d3cbcfa46a54d32
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2014/09/brand-01.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Mon, 20 Jan 2020 11:27:42 GMT
Accept-Ranges: bytes
Content-Length: 3463
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/?wc-ajax=get_refreshed_fragments
66.219.22.19200 OK 473 B URL HTTP/1.1 www.saeedenterprises.com.pk/?wc-ajax=get_refreshed_fragments
IP 66.219.22.19:0
File type JSON data\012- , ASCII text, with very long lines (473), with no line terminators
Hash 3c02b7ed0dd831ab651d154c69953476
4b7c50b0a648d19b0bea2dcd4c6fe7934ad89295
986fcbfe2d00214f4b239d63c5dce4be7e45e7d01ce0116bb3cc91c98b276aa9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.saeedenterprises.com.pk
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.saeedenterprises.com.pk
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
X-Robots-Tag: noindex
Set-Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D; expires=Sat, 24-Dec-2022 10:21:41 GMT; Max-Age=2591996; path=/
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/a58-new-1-300x300.jpg
66.219.22.19200 OK 18 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/a58-new-1-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 2b3fd05d931489684ada0ee9365fa4e1
804993160dcf35dc22d76354cec02cbb44fcc3a4
bf79854e5a1257bf8a2f07a81a826914e228dc9026b672c33a918b1986fe2b94
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/a58-new-1-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 10:20:40 GMT
Accept-Ranges: bytes
Content-Length: 18191
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/a77-new-300x300.jpg
66.219.22.19200 OK 15 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/a77-new-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash cd792465b68daf602a3cb3e70887061a
32f85c16fcd4f9f582bd26d7f4bd15752a974b30
9fb958d56087e63abf34199fa63bb52bde9a7df08c16e69e6fcb999d3943ec9a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/a77-new-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 10:22:56 GMT
Accept-Ranges: bytes
Content-Length: 14920
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/a99-new-300x300.jpg
66.219.22.19200 OK 15 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/a99-new-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 55959fbdf87ffe04f592ae8ed81563f7
a3e642de4d48a07f4d3a87581afb3d826dde4bfc
de922d8e5e4880fab5b1df076ae39c7ee66d1c9934dd26934c5ccaa8059e27f6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/a99-new-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Wed, 02 Jan 2019 10:25:50 GMT
Accept-Ranges: bytes
Content-Length: 15012
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2020/02/Data-Video-SE-650-g1-300x300.jpg
66.219.22.19200 OK 11 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/02/Data-Video-SE-650-g1-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash afcc4e9a20587a344d7bedaee4da9340
46f4eb219c33785399db65fc088ab0886cf7cfb6
b3b7361cc3cc0f54767aac620ba8330b6e2c603f13d715956b1c778958ef0489
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/Data-Video-SE-650-g1-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Mon, 17 Feb 2020 10:02:12 GMT
Accept-Ranges: bytes
Content-Length: 11164
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2020/02/Data-Video-SE-3200-300x300.jpg
66.219.22.19200 OK 13 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/02/Data-Video-SE-3200-300x300.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 751552bdbf65586ed3356f400a1fda80
40404cc5dc6bc2e6097eef0a1b994a1dbf0d00ff
3e65dae35ffc319f068c0657bda445e2c8e3f30d3fd5e17d3df188413e223016
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/Data-Video-SE-3200-300x300.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Mon, 17 Feb 2020 09:47:45 GMT
Accept-Ranges: bytes
Content-Length: 13133
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2020/02/sennhiser.jpg
66.219.22.19200 OK 7.0 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/02/sennhiser.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3\012- data
Hash 3776c05f65e07523ef03061400fa3c35
b4f9f0c9d35c2af90c8ddbcb3ea661dd2590715e
172ef22b9f1e9d843faa153c3857ff8cd68ac11ee622d8ada2e8d5b745c44513
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/sennhiser.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Thu, 20 Feb 2020 15:36:19 GMT
Accept-Ranges: bytes
Content-Length: 6951
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-content/uploads/2020/02/ew-112p_G4-Slider.png
66.219.22.19200 OK 110 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/02/ew-112p_G4-Slider.png
IP 66.219.22.19:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 110 kB (109621 bytes)
Hash a00e6fed72bf89ebdde1d8383359f917
7d0df9d286399a15f691b57a8d9cc98adad759a7
210824139e92abb1a3c15c5245035a7216c4f1c92809df33b7cad54826d23cdf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/ew-112p_G4-Slider.png HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:45 GMT
Server: Apache
Last-Modified: Thu, 20 Feb 2020 15:44:23 GMT
Accept-Ranges: bytes
Content-Length: 109621
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
www.saeedenterprises.com.pk/wp-content/uploads/2020/02/PXW-X70-Slider.png
66.219.22.19200 OK 112 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2020/02/PXW-X70-Slider.png
IP 66.219.22.19:0
File type PNG image data, 345 x 345, 8-bit/color RGBA, non-interlaced\012- data
Size 112 kB (112096 bytes)
Hash d2a33a8dc65eef5112a925f2d5245e23
0e719a2f007abbd451eacff220b154047a4305d1
885c42bfcda2a01913e03fb8d83488a70ef2d5581fa2fb339c3b0ae5419325fc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/02/PXW-X70-Slider.png HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:46 GMT
Server: Apache
Last-Modified: Thu, 20 Feb 2020 15:44:55 GMT
Accept-Ranges: bytes
Content-Length: 112096
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
www.saeedenterprises.com.pk/wp-content/uploads/2019/01/KH-80-300x300.png
66.219.22.19200 OK 80 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/01/KH-80-300x300.png
IP 66.219.22.19:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash eb742326634c17af7450ee0c0fb39710
ceeb8ed36f968cc1bf04753478162ec4d47ba6cd
6716cbd201b43e0b9bef2bee98b7b01890f7ee3e7b1e1cf67a59e0cac3d378fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/01/KH-80-300x300.png HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:46 GMT
Server: Apache
Last-Modified: Thu, 03 Jan 2019 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 80313
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Content-Type: image/png
www.saeedenterprises.com.pk/wp-content/uploads/2019/02/blackmagic-ursa.jpg
66.219.22.19200 OK 15 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2019/02/blackmagic-ursa.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Hash 6295c5db1062bfbb1d450b84048d8962
f4e3136603a33b0244507fab140009f0abedad5c
9da40337e3cde063807bec2b3b622b2f1517cf17be84506579452166767a9c9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/02/blackmagic-ursa.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:46 GMT
Server: Apache
Last-Modified: Wed, 20 Feb 2019 09:00:52 GMT
Accept-Ranges: bytes
Content-Length: 15214
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
www.saeedenterprises.com.pk/wp-admin/admin-ajax.php?action=products_live_search&fn=get_ajax_search
66.219.22.19200 OK 2 B URL HTTP/1.1 www.saeedenterprises.com.pk/wp-admin/admin-ajax.php?action=products_live_search&fn=get_ajax_search
IP 66.219.22.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-admin/admin-ajax.php?action=products_live_search&fn=get_ajax_search HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:44 GMT
Server: Apache
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D; expires=Sat, 24-Dec-2022 10:21:41 GMT; Max-Age=2591995; path=/
tk_ai=woo%3AuPqO3ZrrrL88v%2FWyiOEvX0Rz; path=/
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.saeedenterprises.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 08:41:08 GMT
expires: Thu, 24 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 6038
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.saeedenterprises.com.pk/wp-content/uploads/2018/12/logo.jpg
66.219.22.19200 OK 21 kB URL HTTP/1.1 www.saeedenterprises.com.pk/wp-content/uploads/2018/12/logo.jpg
IP 66.219.22.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 512x512, components 3\012- data
Hash 00023d20e5c5b5c87b44e93e8348716f
f006bf1964d744f431433f78ad66dae7bb765706
3c11fc97517451eaf5c5ed51aa2a188d3958d88fbdb56c3e7c78e88eb496661f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2018/12/logo.jpg HTTP/1.1
Host: www.saeedenterprises.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.saeedenterprises.com.pk/
Connection: keep-alive
Cookie: yith_wcwl_session_97a000b32bbf93db37a803cbb4802c5e=%7B%22session_id%22%3A%222a76e17cfff667f48a7d1e55e7a9b4fc%22%2C%22session_expiration%22%3A1671877301%2C%22session_expiring%22%3A1671873701%2C%22cookie_hash%22%3A%229e8e5d8e825059ef04fb5f24a041b3bd%22%7D; tk_ai=woo%3AuPqO3ZrrrL88v%2FWyiOEvX0Rz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 10:21:46 GMT
Server: Apache
Last-Modified: Sat, 22 Dec 2018 10:47:40 GMT
Accept-Ranges: bytes
Content-Length: 20660
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg