r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16147
Expires: Fri, 04 Nov 2022 08:11:52 GMT
Date: Fri, 04 Nov 2022 03:42:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2842f538168981f07b56e2c69379841a
0cc4ad0a78c1407bc9b7850eb0fb1a02130e3b22
3f9e8fb02409a19ceb54fee3f0f7f73eeed9e0ad63fa778eac7b3e4633d7d682
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4691
Cache-Control: max-age=111994
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:45 GMT
Etag: "63638a5c-1d7"
Expires: Sat, 05 Nov 2022 10:49:19 GMT
Last-Modified: Thu, 03 Nov 2022 09:31:08 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
propertywolf.pk/
67.223.118.20301 Moved Permanently 707 B IP 67.223.118.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 04 Nov 2022 03:42:45 GMT
server: LiteSpeed
location: https://propertywolf.pk/
x-turbo-charged-by: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2842f538168981f07b56e2c69379841a
0cc4ad0a78c1407bc9b7850eb0fb1a02130e3b22
3f9e8fb02409a19ceb54fee3f0f7f73eeed9e0ad63fa778eac7b3e4633d7d682
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4691
Cache-Control: max-age=111994
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:45 GMT
Etag: "63638a5c-1d7"
Expires: Sat, 05 Nov 2022 10:49:19 GMT
Last-Modified: Thu, 03 Nov 2022 09:31:08 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15605
Expires: Fri, 04 Nov 2022 08:02:50 GMT
Date: Fri, 04 Nov 2022 03:42:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DhyI6eKRbTtz0QZAOeVpF458cx5l6p8BatlX6sV9HLzlTGM22KzsvsiWmR/5wwGCN9O2mmG2KxQ=
x-amz-request-id: NQWKDVHG1SP0GH75
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 03:09:25 GMT
age: 2000
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 03:42:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash bcdb73aa37b27b89bae758076b4bc556
280da75ab9b6198a84b0e53fbfb227982b4231da
e38353bd8b0d2c51ac27e4c449c814d00f3ea5d112211dd6d059031abb811cc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 03:42:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 01 Nov 2022 06:17:45 GMT
Expires: Tue, 08 Nov 2022 06:17:44 GMT
Etag: "280da75ab9b6198a84b0e53fbfb227982b4231da"
Cache-Control: max-age=354298,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 764a57702c5fb503-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670d0b2f341e8ff1e4ee9fe4fe21e210
dcd277daebf63623b985a81a96bcdc6a6f67c518
75029ab8db44811ac539aa3e2f1f8e015a45b80cb5a1099cec7d64e55e2a72a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4781
Cache-Control: max-age=107023
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Etag: "63637698-1d7"
Expires: Sat, 05 Nov 2022 09:26:29 GMT
Last-Modified: Thu, 03 Nov 2022 08:06:48 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
propertywolf.pk/
67.223.118.20200 OK 20 kB IP 67.223.118.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (57667), with CRLF, LF line terminators
Hash 8c573cd6a8728773ffda12b06b755c60
1f85ab4d20a32779c5f0e2b09c8338cca88ce734
a43994e66fa2fb8e0b2e3ea54063915b289fd16b5a74d47d905eba22337ce55b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
content-type: text/html; charset=UTF-8
link: <https://propertywolf.pk/wp-json/>; rel="https://api.w.org/", <https://propertywolf.pk/wp-json/wp/v2/pages/1308>; rel="alternate"; type="application/json", <https://propertywolf.pk/>; rel=shortlink
etag: "538-1667480328;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 20516
date: Fri, 04 Nov 2022 03:42:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b88610b42bd507f0ac1700d26db03fbb
073bcc479dfbe62a2691dbdfc3c87a99bcdc2fc4
4e544dd8861a1438b1667462866044f8646dfefb42f3bc6cbac2de324de4b568
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1ec2926e63a926e5dfe7996043dda5f
b419c8aaafba305f568303f348cdafd6f250faf6
a102485c0952b52761e8c577c8c7b0b93a322fc51ffb24ab297bb3ec7ddae814
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-246582976-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-246582976-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 004f87f89c4edc6bbb463f81a8b12cda
22035d1778e8d2c960564e0677b64ef936116461
5b21a0798a0e64bcb5b193ea1646544ab88cc37ee6835a2517b4ea2e5b561ff5
GET /gtag/js?id=UA-246582976-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 04 Nov 2022 03:42:46 GMT
expires: Fri, 04 Nov 2022 03:42:46 GMT
cache-control: private, max-age=900
last-modified: Fri, 04 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: svwyeNiFtKj1imjWN60fhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FK5GekO9ApcQ6vSXPh9aHnWUAbQ=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b88610b42bd507f0ac1700d26db03fbb
073bcc479dfbe62a2691dbdfc3c87a99bcdc2fc4
4e544dd8861a1438b1667462866044f8646dfefb42f3bc6cbac2de324de4b568
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1ec2926e63a926e5dfe7996043dda5f
b419c8aaafba305f568303f348cdafd6f250faf6
a102485c0952b52761e8c577c8c7b0b93a322fc51ffb24ab297bb3ec7ddae814
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
propertywolf.pk/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.2
67.223.118.20200 OK 7.7 kB URL HTTP/2 propertywolf.pk/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.2
IP 67.223.118.20:0
File type ASCII text, with very long lines (38375)
Hash 5e8aa80e8c69e966aa5ddb223c5394a3
a99e0f026436b8a7f8d10da0f96e4a0977f003dc
66134865a5ca3fa8f1018bf7c1aeddd875cdd0eb41e3db1cbd50e0f1f4427571
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.2 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: text/css
last-modified: Wed, 12 Oct 2022 19:53:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7686
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/slick.min.css?ver=2.0.13
67.223.118.20200 OK 828 B URL HTTP/2 propertywolf.pk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/slick.min.css?ver=2.0.13
IP 67.223.118.20:0
File type Unicode text, UTF-8 text, with very long lines (4021), with no line terminators
Hash 4a8498b04ed68c2ff741ec3895fdbbf6
e7e291bcfbd746a2d09bf8482748d10f9d2463bf
aba8d45400b1b5e0cf2bf6252723bb3ed998dec6166bfc650871bcb68b4f0ffa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ultimate-addons-for-gutenberg/assets/css/slick.min.css?ver=2.0.13 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: text/css
last-modified: Mon, 24 Oct 2022 09:59:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 828
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1
67.223.118.20200 OK 12 kB URL HTTP/2 propertywolf.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 67.223.118.20:0
File type ASCII text, with very long lines (47826)
Hash 3f7f7fa954242b63cf5127c14417c6e5
712c7c9ea049d297e3fb27d3c805be5c5867c4d4
e274dc85b6107cb6054dbee83ddb1e3dda3162ca8f93b16b2d692a451cf9511d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 07:41:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11601
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
67.223.118.20200 OK 4.0 kB URL HTTP/2 propertywolf.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 67.223.118.20:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/uag-plugin/assets/1000/uag-css-1308-1667464162.css?ver=2.0.13
67.223.118.20200 OK 6.8 kB URL HTTP/2 propertywolf.pk/wp-content/uploads/uag-plugin/assets/1000/uag-css-1308-1667464162.css?ver=2.0.13
IP 67.223.118.20:0
File type ASCII text, with very long lines (27339)
Hash ab083ffd06e99b3845a1220f6ad861f3
376b1cbfc4102738818e30d976aad5d2d4052a34
f57bcc915e977ae5ca1ecdf33940e4e49939a03604a061cdbd34bc76f2384f6c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/uag-plugin/assets/1000/uag-css-1308-1667464162.css?ver=2.0.13 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 08:29:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6797
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%7CRoboto+Condensed%3A700%2C%7CYeseva+One%3A400%2C400italic&display=fallback&ver=3.9.2
142.250.74.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%7CRoboto+Condensed%3A700%2C%7CYeseva+One%3A400%2C400italic&display=fallback&ver=3.9.2
IP 142.250.74.10:0
Hash 5ce341dce7bcaa86996dcf9f60e147f1
f3c77dcaf728719b512527dc8893aa30bd29865e
555aea3df7e6e4245e5e9f4bb3b013f099af15995776fa307b12c0982c9c4e6a
GET /css?family=Roboto%3A400%7CRoboto+Condensed%3A700%2C%7CYeseva+One%3A400%2C400italic&display=fallback&ver=3.9.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Nov 2022 03:42:46 GMT
date: Fri, 04 Nov 2022 03:42:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.buttonizer.io/embed.js
104.21.24.5200 OK 83 kB URL HTTP/2 cdn.buttonizer.io/embed.js
IP 104.21.24.5:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4b9674d6bcb33bdbf79059033ea64d61
d69850e3ee9d432166c441507cb4707e20382ecc
95838a86e88d421ee3cfd2e1bc082373dfe446936dda4025103508b68db5e64d
GET /embed.js HTTP/1.1
Host: cdn.buttonizer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 03:42:46 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=408282
etag: W/"63ada-5ec014025d993"
last-modified: Thu, 27 Oct 2022 10:03:18 GMT
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iR5S4lCqWg3GBQGJPinOpCBac65brXbiS%2BQyZqV%2B9TKmibuf2D28cY%2FhiJtPKRT%2F0gYNjzRKzx%2Fyky0xzVP5da49FGZ93ZUwjRQCaXrEVgVxLk%2BxGT7xFPBkHAIu%2FKa5vG5GEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 764a57766a16b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
propertywolf.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
67.223.118.20200 OK 30 kB URL HTTP/2 propertywolf.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 67.223.118.20:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 07:41:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/2022/10/cropped-cropped-wolf-logo-1-70x70.png
67.223.118.20200 OK 8.0 kB URL HTTP/2 propertywolf.pk/wp-content/uploads/2022/10/cropped-cropped-wolf-logo-1-70x70.png
IP 67.223.118.20:0
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b7ba2f4512b3ecd6825c4aea08653bf
9aa8a05dbef813fe3a68f9b1e3714054feb041b4
29acd36059c8da04cd75d1a9e76c805342ee1c335e6cbd469168ab38b19fb8e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/cropped-cropped-wolf-logo-1-70x70.png HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: image/png
last-modified: Tue, 01 Nov 2022 07:27:14 GMT
accept-ranges: bytes
content-length: 7964
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4873b91ff9e1327d57e6ad100a152cec
4e5c092b944615affe4ecd481c2a33fa6dbb2bb6
05467c141fbcdf4af9b8b7e1153e60509f51ce729a4dcad88f9e0d2d4debfd34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80c24b40cdde8cee581bb90b6b40e21d
226d4e0b55c4b95c5fbd30ff2ba239ac46118ad6
872e04e821e4328d2d5bd46f8775baab858bbd75e6f7673f27eb914a70ccae65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4873b91ff9e1327d57e6ad100a152cec
4e5c092b944615affe4ecd481c2a33fa6dbb2bb6
05467c141fbcdf4af9b8b7e1153e60509f51ce729a4dcad88f9e0d2d4debfd34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bacec4fbb60799f4f549a1ea9629c62c
711d417a6db00659d69e616838c40a1fee3fd9f7
0bd0f4640557011188f6ab1791bac4b56370140173bfa50fe149b562b8cf4250
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89619
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:46 GMT
Etag: "63634549-117"
Expires: Sat, 05 Nov 2022 04:36:25 GMT
Last-Modified: Thu, 03 Nov 2022 04:36:25 GMT
Server: nginx
Content-Length: 279
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://propertywolf.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 22:17:42 GMT
expires: Wed, 01 Nov 2023 22:17:42 GMT
cache-control: public, max-age=31536000
age: 192305
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2
142.250.74.99200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 16664, version 1.0\012- data
Hash 247f3761e787cb917d84b6beb4826113
a8376faed88a229491b529573007fe65dd818e01
4df2558618d59bf36dcdafac03f2a3d4b6fed61a7381558bff35a1b81675114a
GET /s/yesevaone/v20/OpNJno4ck8vc-xYpwWWxli1VWw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://propertywolf.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 00:08:40 GMT
expires: Fri, 03 Nov 2023 00:08:40 GMT
cache-control: public, max-age=31536000
age: 99247
last-modified: Wed, 27 Apr 2022 15:49:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://propertywolf.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 115719
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4873b91ff9e1327d57e6ad100a152cec
4e5c092b944615affe4ecd481c2a33fa6dbb2bb6
05467c141fbcdf4af9b8b7e1153e60509f51ce729a4dcad88f9e0d2d4debfd34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bacec4fbb60799f4f549a1ea9629c62c
711d417a6db00659d69e616838c40a1fee3fd9f7
0bd0f4640557011188f6ab1791bac4b56370140173bfa50fe149b562b8cf4250
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89618
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:47 GMT
Etag: "63634549-117"
Expires: Sat, 05 Nov 2022 04:36:25 GMT
Last-Modified: Thu, 03 Nov 2022 04:36:25 GMT
Server: nginx
Content-Length: 279
propertywolf.pk/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2
67.223.118.20200 OK 3.8 kB URL HTTP/2 propertywolf.pk/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2
IP 67.223.118.20:0
File type ASCII text, with very long lines (16935), with no line terminators
Hash 3a5528d3c5255102448258fcf5496360
332bb0c5baaf8110b353094632417e9f313a8b94
024bb2f7ca7725ca60738783b8b6bbc237c937b6725aec3c2a1044961857186a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.2 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 19:53:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3808
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/imagesloaded.min.js?ver=2.0.13
67.223.118.20200 OK 2.0 kB URL HTTP/2 propertywolf.pk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/imagesloaded.min.js?ver=2.0.13
IP 67.223.118.20:0
File type ASCII text, with very long lines (7120)
Hash 47df458b7d2a30181fd4ff1253538bc7
ff2d3455c5990d1b181632045e7325a9e6db63fb
27beb9e44b33a08a0b1306c6204f4ef1947fcae6e6f595506e79057bb253281f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/imagesloaded.min.js?ver=2.0.13 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 09:59:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1990
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/testimonial.min.js?ver=2.0.13
67.223.118.20200 OK 403 B URL HTTP/2 propertywolf.pk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/testimonial.min.js?ver=2.0.13
IP 67.223.118.20:0
File type ASCII text, with very long lines (1358), with no line terminators
Hash b10c270e5b28da493df9fbaa34927f1a
b4f812ca2c18f71fd141044ba6314b1e32749648
51850fd85edd1e4002d9e9a35ab0fe52bcf7a5e1b4bd5ad0a24f3a4ffd4c4d6f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/testimonial.min.js?ver=2.0.13 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 09:59:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 403
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/uag-plugin/assets/1000/uag-js-1308-1667464162.js?ver=2.0.13
67.223.118.20200 OK 747 B URL HTTP/2 propertywolf.pk/wp-content/uploads/uag-plugin/assets/1000/uag-js-1308-1667464162.js?ver=2.0.13
IP 67.223.118.20:0
File type ASCII text, with very long lines (1408)
Hash c1320abbea32f8f3de5e465c8847da7f
7425fdd8b1a6d434745c0c78a61a6a7f223c9814
a4e39b173defe606182ce9a4b5062bcb9f8630797e2584e2af968b70b71523db
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/uag-plugin/assets/1000/uag-js-1308-1667464162.js?ver=2.0.13 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 08:29:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 747
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/slick.min.js?ver=2.0.13
67.223.118.20200 OK 11 kB URL HTTP/2 propertywolf.pk/wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/slick.min.js?ver=2.0.13
IP 67.223.118.20:0
File type ASCII text, with very long lines (32026)
Hash 3abd2fab4e4fe4a5da22a4c0ed165e02
7672155547a1564e0edb6f50aedbaf816dcdd48f
b186cb08e357e2a14da1c5be82707690aa673696aeb20efe249543413d606126
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ultimate-addons-for-gutenberg/assets/js/slick.min.js?ver=2.0.13 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 09:59:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10658
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1
67.223.118.20200 OK 4.6 kB URL HTTP/2 propertywolf.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 67.223.118.20:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
api.buttonizer.io/serve/455e75cf-1c9c-4b2c-8705-e7e16df58b93
104.21.24.5200 OK 11 kB URL HTTP/2 api.buttonizer.io/serve/455e75cf-1c9c-4b2c-8705-e7e16df58b93
IP 104.21.24.5:0
File type JSON data\012- , ASCII text, with very long lines (959), with no line terminators
Hash 8135cc13cfa5398fa057f6978154a1be
6568292e348b145d397c1218fc221246d542a281
9b8d8b669b729a361bc7312930eb3178eaa89c332d75a645bf9c68e3bee32e27
POST /serve/455e75cf-1c9c-4b2c-8705-e7e16df58b93 HTTP/1.1
Host: api.buttonizer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 92
Origin: https://propertywolf.pk
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 03:42:47 GMT
content-type: application/json
cache-control: max-age=60, public
last-modified: Fri, 04 Nov 2022 03:42:47 GMT
access-control-allow-origin: https://propertywolf.pk
access-control-allow-credentials: true
access-control-expose-headers: link, set-cookie
vary: Origin
x-cached: MISS
x-backend: buttonizer-serve
x-do-app-origin: 39e9076a-e6ab-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3nKG3eyk3DdDVuVg1DTC6bZYBPGsoHK0G%2BSk7rRgwCIyMnT2hed%2FMeGDZM6vJ0An8rwFS4pwUDJGdbd3l22h1HZ%2Fqu3iIuCyXK5JktpgFzPwBf4lczo7eYB06d9leO6fB7hcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764a5778db3cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f4de.svg
192.0.77.48200 OK 391 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f4de.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (391), with no line terminators
Hash f34c63197816c3e60bea4a9537c5fffa
d0cb02de1a16ba96121b7f588c83068a5cbea2bc
75c52e1c16937c12b0237d384089300a6d05d8e12d390995674abe2e56886445
GET /images/core/emoji/14.0.0/svg/1f4de.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 03:42:47 GMT
content-type: image/svg+xml
content-length: 391
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3206
Expires: Fri, 04 Nov 2022 04:36:13 GMT
Date: Fri, 04 Nov 2022 03:42:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3206
Expires: Fri, 04 Nov 2022 04:36:13 GMT
Date: Fri, 04 Nov 2022 03:42:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3206
Expires: Fri, 04 Nov 2022 04:36:13 GMT
Date: Fri, 04 Nov 2022 03:42:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3206
Expires: Fri, 04 Nov 2022 04:36:13 GMT
Date: Fri, 04 Nov 2022 03:42:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OI-hzSDTy-vFSFOZxI98XT8VZmnpFlU_cobzCTkrn4T5NuH8cqybMg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:32 GMT
age: 21015
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55f392ea73e9746f7edb30e319646c4b
09b052e39f5493c2c2b79d92e81e510aeffbfcb4
9a5b1575ed3a943be74e212f41f122178dcf4c89ef0d78eb8cc761508cd453d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43a2ca39-70e2-4cc7-b378-65317cca7969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9023
x-amzn-requestid: 599a15c5-bd47-4c30-91e5-b445da7e66f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apwvQHCsIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2e61-1d36740311e6b1e531d44767;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:08:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FdYEabB0P-JcMOvjTK2TdVUCbuCbCEICZXoKHcz2-QdUfpIgey1tWw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 14:25:51 GMT
age: 47816
etag: "09b052e39f5493c2c2b79d92e81e510aeffbfcb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f787d03ccf6f14f05b9fb00149a92f49
0d3c7535f83ced168b1efb0f849e353de31d40db
bda8d5d8dee8c1b3b9a0dd81407bc920a3a2a737dceaaebf75e8554ef1cdcec8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877911e5-70a1-471d-b418-3ee8665daf00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: 971369d4-3728-4fef-9d82-794fd184d26d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0S3FbeIAMFceg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643412-0efd014e4b25ed9c4aed13cb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZPGScUHAZtgr_egNkJ2bOzK_ftHSd0Yr1U_S7jYUelg56FCtTOC2TA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:53:17 GMT
age: 20970
etag: "0d3c7535f83ced168b1efb0f849e353de31d40db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/2022/10/Screenshot-2022-06-15-181101-1.png
67.223.118.20200 OK 90 kB URL HTTP/2 propertywolf.pk/wp-content/uploads/2022/10/Screenshot-2022-06-15-181101-1.png
IP 67.223.118.20:0
File type PNG image data, 474 x 372, 8-bit colormap, non-interlaced\012- data
Hash 84c0a69c2ac9d075de965b63d8dd90f1
24c7a4eab1788043e7e12f04c25d6eb0754799a6
bf4f29cfb3fee3e1c7024b6cdb9bbfcd753ae7d1a52b55ffd38503329f0e099f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/Screenshot-2022-06-15-181101-1.png HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: image/png
last-modified: Sun, 16 Oct 2022 23:01:23 GMT
accept-ranges: bytes
content-length: 89795
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e763f4b-3a03-44da-b01c-40142867c7d7.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e763f4b-3a03-44da-b01c-40142867c7d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f67d6ac91d1a30360cd535fa4f2fb762
d4ec3ae0cc0c904798bf60caec24332b82f42617
92e8ab36824acc99cedaa44d728d2980d3152409a7634c7f1cbe3abf8672123b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e763f4b-3a03-44da-b01c-40142867c7d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7994
x-amzn-requestid: 91f890f5-0104-4035-81aa-0ec332b481e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC18UGhsIAMFr4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636436b5-4a994af4192125ba5d729e0e;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:46:29 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yH5fVPZPl9AyxvzT1zP3I1c47lW-fwnDSfEuK6b8m8VbKM0MpkCmVA==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:53:38 GMT
etag: "d4ec3ae0cc0c904798bf60caec24332b82f42617"
content-type: image/jpeg
age: 20949
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d35891-f796-4a25-b3d1-1a1f42800b89.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d35891-f796-4a25-b3d1-1a1f42800b89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9685f5d5e91c119fef70a5f0ac2bb64f
52318fc169c37f8dc2c48ae478f1ad136bd3762d
37487b56f0613c240c6d556f35fe423fe75ba0979a320b9b41bea03b105456a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d35891-f796-4a25-b3d1-1a1f42800b89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5782
x-amzn-requestid: a177e1a1-8c19-410f-ab92-6e36cb11bb5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0RqFRPoAMFy-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364340a-095c72b028d4886618ad570a;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:06 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M-fMqJ6fhWbBipZ9vi2eLfDYewAHsJFMjd2EwGDI7RnplK36MsMG_Q==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:54:24 GMT
age: 20903
etag: "52318fc169c37f8dc2c48ae478f1ad136bd3762d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1a3df84-4e22-41a2-bf91-e7fe82561ae9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1a3df84-4e22-41a2-bf91-e7fe82561ae9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1fb7d52f37f8395bf4e1bdcdc60744
192d9b837efdf7ecafa90da62c839fed5b2fe38e
1f097506eea4ea37b0a3968e92d8ea2044fc3fa25182030297777caeb5188315
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1a3df84-4e22-41a2-bf91-e7fe82561ae9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9354
x-amzn-requestid: 1fa657a1-a068-4939-923f-9234267c84bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a28dSH7tIAMFwTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f7454-008040f90f1fb1e6503d9162;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yGlNJMvjenoUGz_3V644W6XdfCMLqbTMgzBYlQ7w6hXgrOcG3Qk-yA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:54:47 GMT
age: 20880
etag: "192d9b837efdf7ecafa90da62c839fed5b2fe38e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/2022/10/1xc86wewAyb8hkZG7afEF4LnaPkP3pS8sc92jCab-1024x576.jpeg
67.223.118.20200 OK 192 kB URL HTTP/2 propertywolf.pk/wp-content/uploads/2022/10/1xc86wewAyb8hkZG7afEF4LnaPkP3pS8sc92jCab-1024x576.jpeg
IP 67.223.118.20:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x576, components 3\012- data
Size 192 kB (192447 bytes)
Hash 1d5c96d72328fabf0c8ed8f036e23685
fe36f57b0c556cd17b0a0697e8333025d4a17d91
f97ccbf4261efbaa88d340df90ed0e8b1a65069f370b42e1d1758d6d76d173e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/1xc86wewAyb8hkZG7afEF4LnaPkP3pS8sc92jCab-1024x576.jpeg HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: image/jpeg
last-modified: Mon, 17 Oct 2022 23:49:20 GMT
accept-ranges: bytes
content-length: 192447
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-B4NJ8WKFH8>m=2oeb20&_p=360266425&gdid=dZTNiMT&cid=506056068.1667533366&ul=en-us&sr=1280x1024&_s=1&sid=1667533366&sct=1&seg=0&dl=https%3A%2F%2Fpropertywolf.pk%2F&dt=Home%20-%20PropertyWolf.pk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-B4NJ8WKFH8>m=2oeb20&_p=360266425&gdid=dZTNiMT&cid=506056068.1667533366&ul=en-us&sr=1280x1024&_s=1&sid=1667533366&sct=1&seg=0&dl=https%3A%2F%2Fpropertywolf.pk%2F&dt=Home%20-%20PropertyWolf.pk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B4NJ8WKFH8>m=2oeb20&_p=360266425&gdid=dZTNiMT&cid=506056068.1667533366&ul=en-us&sr=1280x1024&_s=1&sid=1667533366&sct=1&seg=0&dl=https%3A%2F%2Fpropertywolf.pk%2F&dt=Home%20-%20PropertyWolf.pk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://propertywolf.pk
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://propertywolf.pk
date: Fri, 04 Nov 2022 03:42:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c57e881aab01c697b3abb6bbc6182970
0f9079aa8a799cc802f40cfed0cbe1105c4058cd
481b3bb0afccdead61c5b84a257f60e1c2ba38add789b4ac78969dcff1f593a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 03:42:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 04 Nov 2022 02:41:09 GMT
expires: Fri, 04 Nov 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 3699
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/2021/05/static-bg.jpg
67.223.118.20200 OK 196 kB URL HTTP/2 propertywolf.pk/wp-content/uploads/2021/05/static-bg.jpg
IP 67.223.118.20:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2142x1080, components 3\012- data
Size 196 kB (195477 bytes)
Hash 20ef40c9ea3dc9859a0ce47deb9e9f6c
aa19c1a3df3a93e51dd952c5e0d599c9e8d3a259
e571c2680453f8d1d5502c2215e060876f09baa79b6ebdcbd912eb6cabb40df3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/05/static-bg.jpg HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/wp-content/uploads/uag-plugin/assets/1000/uag-css-1308-1667464162.css?ver=2.0.13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:47 GMT
content-type: image/jpeg
last-modified: Mon, 24 Oct 2022 10:04:11 GMT
accept-ranges: bytes
content-length: 195477
date: Fri, 04 Nov 2022 03:42:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/2022/10/cropped-logo-wolf-1-32x32.png
67.223.118.20200 OK 2.0 kB URL HTTP/2 propertywolf.pk/wp-content/uploads/2022/10/cropped-logo-wolf-1-32x32.png
IP 67.223.118.20:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e32a72296c1e6a6801779b36507c71ea
a833faa0b06e83e9314c56e6dde5124fd5353a3c
422c33ef2677ded771cd2c7c5ee6e531ca76a1292f7e9c52cec0f2b609fe27bf
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/cropped-logo-wolf-1-32x32.png HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Cookie: _ga_B4NJ8WKFH8=GS1.1.1667533366.1.0.1667533366.0.0.0; _ga=GA1.1.506056068.1667533366
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:48 GMT
content-type: image/png
last-modified: Sat, 22 Oct 2022 05:37:23 GMT
accept-ranges: bytes
content-length: 2023
date: Fri, 04 Nov 2022 03:42:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/2022/10/cropped-logo-wolf-1-192x192.png
67.223.118.20200 OK 37 kB URL HTTP/2 propertywolf.pk/wp-content/uploads/2022/10/cropped-logo-wolf-1-192x192.png
IP 67.223.118.20:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e10ce5f4b526d5b86ae302f54f767adb
538f64bbd20ee4373290907827edea3a6809a390
30c7bb265723b208a7a857cd3124840130bea29acc618717aebe6273ea4e09fc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/cropped-logo-wolf-1-192x192.png HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Cookie: _ga_B4NJ8WKFH8=GS1.1.1667533366.1.0.1667533366.0.0.0; _ga=GA1.1.506056068.1667533366
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:48 GMT
content-type: image/png
last-modified: Sat, 22 Oct 2022 05:37:23 GMT
accept-ranges: bytes
content-length: 37165
date: Fri, 04 Nov 2022 03:42:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/2022/10/blue-world-city-1.png
67.223.118.20200 OK 770 kB URL HTTP/2 propertywolf.pk/wp-content/uploads/2022/10/blue-world-city-1.png
IP 67.223.118.20:0
File type PNG image data, 870 x 489, 8-bit/color RGBA, non-interlaced\012- data
Size 770 kB (770210 bytes)
Hash 7d519d4a1edca7089e7cbd084a5b18f1
c8d461d6ef3f73c0a8492d26185b86b22e0cc5b0
647cb4179411942bb0f6ed54df63fdc7695239ba86f04b5649aa1103fa0ea801
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/blue-world-city-1.png HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:46 GMT
content-type: image/png
last-modified: Mon, 31 Oct 2022 13:10:54 GMT
accept-ranges: bytes
content-length: 770210
date: Fri, 04 Nov 2022 03:42:46 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
propertywolf.pk/wp-content/uploads/2022/10/1xc86wewAyb8hkZG7afEF4LnaPkP3pS8sc92jCab-scaled.jpeg
67.223.118.20200 OK 1.0 MB URL HTTP/2 propertywolf.pk/wp-content/uploads/2022/10/1xc86wewAyb8hkZG7afEF4LnaPkP3pS8sc92jCab-scaled.jpeg
IP 67.223.118.20:0
Size 1.0 MB (1027129 bytes)
Hash b6f6c87d81ddb18cfd351c2340072b93
48f20ada20d2a753528fe6776423453ee092d0ad
db94dcb709cd0908816f8f42bc0646f086ff1ba54c37dc03b03337b01f628728
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/1xc86wewAyb8hkZG7afEF4LnaPkP3pS8sc92jCab-scaled.jpeg HTTP/1.1
Host: propertywolf.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://propertywolf.pk/wp-content/uploads/uag-plugin/assets/1000/uag-css-1308-1667464162.css?ver=2.0.13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 03:42:47 GMT
content-type: image/jpeg
last-modified: Mon, 17 Oct 2022 23:49:19 GMT
accept-ranges: bytes
content-length: 1022533
date: Fri, 04 Nov 2022 03:42:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ed2916-30a1-46c8-8937-a8213ca50702.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ed2916-30a1-46c8-8937-a8213ca50702.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 068891a060bfab0650cbe836d18b7184
b8b782747dca705f0424e1a272bd703951400c62
518f9d4db49210907c2665c6f2284aa295db63fcc9dfaad99664e6fefea16e75
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48ed2916-30a1-46c8-8937-a8213ca50702.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11070
x-amzn-requestid: 6f465257-3152-4701-b43a-ce54947f4294
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC04lEtXoAMFzcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643503-7c9f9c7457cc974c3b112467;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:39:15 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C3xV3NajMEJj2LBnNdorAMHCzWV1TqSHGxOeGczvPnDhib0IjK0djg==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:53:21 GMT
age: 20973
etag: "b8b782747dca705f0424e1a272bd703951400c62"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.buttonizer.io/serve/455e75cf-1c9c-4b2c-8705-e7e16df58b93
104.21.24.5200 OK 0 B URL HTTP/2 api.buttonizer.io/serve/455e75cf-1c9c-4b2c-8705-e7e16df58b93
IP 104.21.24.5:0
OPTIONS /serve/455e75cf-1c9c-4b2c-8705-e7e16df58b93 HTTP/1.1
Host: api.buttonizer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://propertywolf.pk/
Origin: https://propertywolf.pk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 03:42:47 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST, PUT, GET, DELETE
access-control-allow-headers: content-type
access-control-max-age: 3600
access-control-allow-origin: https://propertywolf.pk
pragma: no-cache
expires: -1
x-backend: buttonizer-serve
x-do-app-origin: 39e9076a-e6ab-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jr21aads275ZBuBEdSjMk4rzPCx0ucG24plGkORH4N2sOMHql1CzNMAw8v3OIwxb2jR8QMvcW6zJZmP0571eVi0KEAqmoutbVPToPvqhynYO%2BJ%2Br29p%2BTjuIIzEWNYs2uwZHZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764a57785af9b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2