Overview

URLinnovators.com.pk/tibe/index.php?qbot.zip
IP 199.188.200.196 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-15 19:24:25 UTC
StatusLoading report..
IDS alerts0
Blocklist alert153
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-15 05:59:39 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-15 06:00:48 UTC 34.117.237.239
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-15 17:32:10 UTC 142.250.74.168
www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-11-15 15:42:40 UTC 142.250.74.174
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-15 06:05:09 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-15 14:33:57 UTC 142.250.74.10
r3.o.lencr.org (6) 344 No data No data 23.36.76.249
innovators.com.pk (60) 0 2017-09-01 22:28:28 UTC 2022-11-15 16:32:34 UTC 199.188.200.196 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.164.183.116
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-11-15 09:21:47 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-15 2 innovators.com.pk/wp-admin/css/color-picker.min.css?ver=6.1 Malware
2022-11-15 2 innovators.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1 Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/css/frontend-lite.min (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/uploads/elementor/css/post-5.css?ver=1668393793 Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/c (...) Malware
2022-11-15 2 innovators.com.pk/wp-includes/css/dashicons.min.css?ver=6.1 Malware
2022-11-15 2 innovators.com.pk/wp-content/uploads/elementor/css/post-1417.css?ver=1668393795 Malware
2022-11-15 2 innovators.com.pk/wp-content/uploads/elementor/css/post-823.css?ver=1668393795 Malware
2022-11-15 2 innovators.com.pk/wp-content/uploads/elementor/css/global.css?ver=1668393794 Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/ (...) Malware
2022-11-15 2 innovators.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-11-15 2 innovators.com.pk/wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22 Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jq (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/js/webpack.runtime.mi (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/webpack-pro.ru (...) Malware
2022-11-15 2 innovators.com.pk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/waypoints/waypoin (...) Malware
2022-11-15 2 innovators.com.pk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae Malware
2022-11-15 2 innovators.com.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/frontend.min.j (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ve (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/elements-handl (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/j (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webf (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premi (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premi (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premi (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49 (...) Malware
2022-11-15 2 innovators.com.pk/wp-content/plugins/elementor/assets/js/text-editor.2c35aa (...) Malware

mnemonic secure dns
Scan Date Severity Indicator Comment
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed
2022-11-15 2 innovators.com.pk Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.188.200.196
Date UQ / IDS / BL URL IP
2022-11-19 19:34:04 +0000 0 - 0 - 4 babydoodfanclub.com/aq/index.php?e=qbot.zip 199.188.200.196
2022-11-15 19:24:25 +0000 0 - 0 - 153 innovators.com.pk/tibe/index.php?qbot.zip 199.188.200.196
2022-11-08 21:52:42 +0000 0 - 0 - 7 babydoodfanclub.com/wp-content/upgrade/usps/ 199.188.200.196
2022-11-06 19:04:26 +0000 0 - 0 - 4 babydoodfanclub.com/aq/index.php?e=qbot.zip 199.188.200.196
2022-11-05 07:49:12 +0000 0 - 0 - 6 babydoodfanclub.com/aq/index.php?e=qbot.zip 199.188.200.196


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-01-28 10:53:02 +0000 0 - 0 - 4 cienciano.com/race.exe 162.213.255.18
2023-01-28 10:48:04 +0000 0 - 0 - 8 expertstraders.com/installlingfile_x64_32bit.zip 192.64.117.220
2023-01-28 10:40:59 +0000 0 - 0 - 1 houzzing.com/Secure.00/Inn/loginweb.php?sslmo (...) 198.54.114.248
2023-01-28 10:24:19 +0000 0 - 0 - 2 delivery.bdsellprice.com/public/VlScjR5UDOwG6 (...) 68.65.120.179
2023-01-28 10:14:17 +0000 0 - 0 - 2 delivery.bdsellprice.com/public/XoWY6Q5B8nAMz (...) 68.65.120.179


Last 1 reports on domain: innovators.com.pk
Date UQ / IDS / BL URL IP
2022-11-15 19:24:25 +0000 0 - 0 - 153 innovators.com.pk/tibe/index.php?qbot.zip 199.188.200.196


No other reports with similar screenshot

JavaScript

Executed Scripts (33)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (100)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Tue, 15 Nov 2022 20:10:48 GMT
Date: Tue, 15 Nov 2022 19:24:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2534
Cache-Control: max-age=143347
Date: Tue, 15 Nov 2022 19:24:14 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 11:13:21 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 18:44:26 GMT
cache-control: public,max-age=3600
age: 2388
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Tue, 15 Nov 2022 22:06:47 GMT
Date: Tue, 15 Nov 2022 19:24:14 GMT
Connection: keep-alive

                                        
                                            GET /tibe/index.php?qbot.zip HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.188.200.196
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
keep-alive: timeout=5, max=100
content-length: 707
date: Tue, 15 Nov 2022 19:24:14 GMT
server: LiteSpeed
location: https://innovators.com.pk/tibe/index.php?qbot.zip
x-turbo-charged-by: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 79j0ueTw55h23BpbXeZf3PWpOMUOjRU7q9bS/ZbfOI753/CW0udeRGu/KfLUIaxR5QEliSmG0CY=
x-amz-request-id: DCSH7N9Z2FNKNXX4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 18:51:41 GMT
age: 1953
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 15 Nov 2022 19:24:14 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 18:44:48 GMT
cache-control: public,max-age=3600
age: 2366
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=142246
Date: Tue, 15 Nov 2022 19:24:15 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 10:55:01 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:15 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 11:04:19 GMT
Expires: Sat, 19 Nov 2022 11:04:18 GMT
Etag: "a2005f9ac5fc239443c92f4a3240cafba06a8cfa"
Cache-Control: max-age=315002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76aa5db1ffc00b31-OSL

                                        
                                            GET /tibe/index.php?qbot.zip HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         199.188.200.196
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://innovators.com.pk/tibe/?qbot.zip
x-litespeed-cache: hit
content-length: 0
date: Tue, 15 Nov 2022 19:24:15 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R97T9k82/47spnWzr95/4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.164.183.116
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yNun/5HGue0X+WcyoLji/6igPMI=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.249
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5856
x-amzn-requestid: b6972c46-67c1-4928-85d3-f8fe5f086449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhQaYHsHoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370610f-4ad4de3440d05bce46b54ebd;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:14:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Rd662WbccpmBSTlfWbSNYkXLKRCTr3-HGg9m4S_CNQ5kqcnPalr41w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:23:46 GMT
age: 57630
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5856
Md5:    b891dd714ee24b92f59f0697dd45c2b4
Sha1:   8b54f502df3eb318b87ff8a3313007876752e181
Sha256: d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfe73af-53c0-4706-a320-987a036d5df3.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13491
x-amzn-requestid: c1c11381-c73e-4068-aafd-4a2e9db024f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blxEFG06IAMFk8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63722ee6-5b5137ae63a9d76c3d4d0957;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 12:04:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nch-1WcsrA2j8uYLqPgXIjUc3VD3JP7XMYS_zTPEUrPL8Uj9xx0ICg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 11:24:51 GMT
age: 28765
etag: "e58d41c729265821354d74bf3ede201367c26520"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13491
Md5:    11b09e0954b0c369b17157cbec3a9faa
Sha1:   e58d41c729265821354d74bf3ede201367c26520
Sha256: 10c5a9996520f504c1fd3e0b7f3d534e67e062067f5708c92ab6bea92f252653
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9311
x-amzn-requestid: ccbd88f7-a72f-4f7c-868d-907b2dbea1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ9_UEQ4IAMFmzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d76c8-4c0b800d7bf5064346932e15;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 22:10:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bJa_vwFYVNizWkPP2aLO8cOJiMqMfZmD34-hAnOlmJ0K2OO3dghWvw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 22:09:42 GMT
age: 76474
etag: "7295ef4c52bcea1be24b963d7ff170ef5bacf713"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9311
Md5:    c5f45accbd2d3551103631fa77deee8f
Sha1:   7295ef4c52bcea1be24b963d7ff170ef5bacf713
Sha256: 495e2cef9d9ebec66f1ddcf478512af7e37a301b562d7b75e5d28bb7753d2290
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e60bbf3-9422-488d-8fc3-b942a7bc67d2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12232
x-amzn-requestid: 31aee9c3-a611-422b-856b-1daedb73a9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDuGTOoAMFv6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-2b9c63155d3afdcd6b1e0d64;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nCXTCDxQ4kNQrufgQqwb7SEPHmBiump67lKPmDSar-sX1F1qaXVppg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:53:54 GMT
age: 77422
etag: "96a279ef747100ca1530629b9d9dddddeb43dfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12232
Md5:    a0138b29a33ea685f16770ad6511eb94
Sha1:   96a279ef747100ca1530629b9d9dddddeb43dfe8
Sha256: f0e4dd8749367d88b12842001092cdf342fa4564ed32a84b10b675c51a698606
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6318
x-amzn-requestid: 6469c84d-fc45-470e-a438-2fb81dae70c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtyHpXoAMFfWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff1-53ab9291301773c048f69696;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w-ycM-G6gAU8xssl0r8gTPLLLimSjv4M5VUONl8bynl_A2EzlmXoaw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:53:51 GMT
age: 55825
etag: "4b40ef08bd37cabfcb937053dd58012abdd6620f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6318
Md5:    4af82634a56d0978c9b4689c8b7eb8ae
Sha1:   4b40ef08bd37cabfcb937053dd58012abdd6620f
Sha256: 476a9f850cfbe41adea1d699fdf4f04424674c53b268681fa6fc0e226bed0797
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqIZqrKKIWszHFwass9Cd-GNxQ5Q9z3_2haPPGprjVDal71MQDurqw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 22:15:12 GMT
age: 76144
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11316
Md5:    848af62ec10d0c297922f8600b6ad12d
Sha1:   4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
Sha256: a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-244826791-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 19:24:19 GMT
expires: Tue, 15 Nov 2022 19:24:19 GMT
cache-control: private, max-age=900
last-modified: Tue, 15 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43602
Md5:    655fe3d165d3352d17e71114a44c8d7c
Sha1:   0d80f356e079d02a86545508c9ad859a6484d22c
Sha256: a7ea8288beacf2a6039e9a45278df62e0085f5e49ae96c9daa31ead26af95c98
                                        
                                            GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 19:24:19 GMT
date: Tue, 15 Nov 2022 19:24:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2618
Md5:    f63ebba716c0a0bd15f1ed0da72641f2
Sha1:   88bf6d34a6e1f9dfcfb8830c036df360b2911f66
Sha256: 38404d0a0556352a9f9335854921a449c052a01ae2a67c0a75d8388edd286ada
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.2.11 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "3cfb-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1524
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1524
Md5:    e09c5536c2d1b5c34800367c1f2751ff
Sha1:   e4cd8a236a33c47d3fd3a692828271ef74b5c928
Sha256: a9bf3e639ae5b234038b5d9742f85c444eaa0855601fd80b70df229bb8b52500

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-admin/css/color-picker.min.css?ver=6.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Thu, 25 Mar 2021 02:11:08 GMT
etag: "c36-605bf13c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 752
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3091)
Size:   752
Md5:    882e79fbe85ac383edec7af9633e83db
Sha1:   76ba60a4c246c4588f462d1dbb23a69d0e325820
Sha256: aada4f8c4f921864dc9c74704525fc42d2b1c337b61a171d678f06ab57c7f66f

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 26 Oct 2022 04:49:42 GMT
etag: "17265-6358bc66-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11601
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11601
Md5:    3f7f7fa954242b63cf5127c14417c6e5
Sha1:   712c7c9ea049d297e3fb27d3c805be5c5867c4d4
Sha256: e274dc85b6107cb6054dbee83ddb1e3dda3162ca8f93b16b2d692a451cf9511d

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "17a3-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1711
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6051), with no line terminators
Size:   1711
Md5:    cfe4870b943b2ade39a643e3a3d6d809
Sha1:   f1f4e04c908b19fa0a5a5b09de5b6b1dfc113f05
Sha256: 00f239a7fb673f1d8ab2db67b74e0bae64d103e520ee209c18e21b5bff3fb509

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
etag: "d9-63586e04-0;;;"
accept-ranges: bytes
content-length: 217
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "3d38-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2418
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15672), with no line terminators
Size:   2418
Md5:    0c53a727a9801d2d872125ab96be97df
Sha1:   40616b12b4a9f2e4533f9adc6f965ca2b44581e0
Sha256: 8a69f47fdb908591cba1faa64f3807cbb3b82e12f0fe099c6bcbd31213f3bea9

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "19538-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12400
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   12400
Md5:    eae4534b9e0b15aaf7ad9f3111688549
Sha1:   4bde4256711207e4a95c1376f0b453cd660a63d8
Sha256: b9adb98eaf24ecee30ef9b280527781e217f6e3829b8e22e5a42f7f14819cfec

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-5.css?ver=1668393793 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 02:43:13 GMT
etag: "4b9-6371ab41-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 347
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1209), with no line terminators
Size:   347
Md5:    8ab37cc06a842b27836844a668a649e4
Sha1:   2e44e4c795e92e77395ec7c069afce5148e635e9
Sha256: 7781acd2dd225d38a1849e45ca4d88899042670d60f97217bcc4966e157fba84

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
etag: "4b4f-62e7527a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19233)
Size:   3629
Md5:    af3bdf44d09914e8adb51fec560d8816
Sha1:   84bb225e096bab405868dd504e62133ba75cf1c1
Sha256: 4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/style.min.css?ver=2.2.11 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "1a55-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1597
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6741), with no line terminators
Size:   1597
Md5:    987ac0c37f369d4cbe6c82c383c7585e
Sha1:   d780139386a62d79c4995c20af2ca06580d2adfc
Sha256: 0530b30bdd29edb37249f26b43d573fc6e6a8dfea25016ea2d6c2e7dd0b71bc1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "2c8d-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1505
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11362)
Size:   1505
Md5:    c4f251672b663c97ff6f30bc8d778179
Sha1:   e218078a120fe36bb62d4d0ef50e0e0f761cce50
Sha256: a507d02d59d0e8a0aea204b3f46ed6c980319e140e10a548cd2014d5af9904cb

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=6.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Thu, 04 Mar 2021 07:46:22 GMT
etag: "e688-6040904e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58981)
Size:   35110
Md5:    54c5bfb8a890d87139d9abfe01662c83
Sha1:   f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
Sha256: 9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-1417.css?ver=1668393795 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 02:43:15 GMT
etag: "2457-6371ab43-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1155
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5373)
Size:   1155
Md5:    e641ca5ecb4416d3667e897ca708da68
Sha1:   dcecae8cbddb2fa38b1f331e0102e78b03a2bb68
Sha256: cd75054a0855f7b2e8a35a71c7d0c8db4daeffd6ac9e04c9473478ca0bed7e1a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/post-823.css?ver=1668393795 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 02:43:15 GMT
etag: "1fd2-6371ab43-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1151
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8146), with no line terminators
Size:   1151
Md5:    52fa9c65f32e5cde7241162796c33ba4
Sha1:   d9fe9bcf060b0d8be36189aac610f40fbae3fad9
Sha256: a53f275368144c439d2bb3132ef22dfc9264b811cb66b485308ece171d0dfe1d

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/elementor/css/global.css?ver=1668393794 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 02:43:14 GMT
etag: "ab55-6371ab42-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2893
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18950)
Size:   2893
Md5:    456aad85066fc984d3a9442b6a3c227f
Sha1:   d146c2c2ebe5dffc66222b57f97a4d830b6732b0
Sha256: 280727c9052d503f42ddc5c325b41ad833139867333cfbff21f41af2c383a2c3

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "2a5-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 283
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (491)
Size:   283
Md5:    453a93dc816be89f942ebb253ff199fb
Sha1:   01563d6019803e3ff2a94c5397e7e771ee6f440d
Sha256: 36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "e238-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57726)
Size:   12133
Md5:    f463afd8661ddc733305df1f0cbdaff2
Sha1:   77262f0209e75e340eb7014aba9cd8d69966032f
Sha256: c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "29d-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (483)
Size:   286
Md5:    8828fa3c5bdcfa66615714a2b8c9d807
Sha1:   4f556d0b005ac7754af607418df445f8cf98e8b1
Sha256: 16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "2a3-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (489)
Size:   284
Md5:    dc279c928e2924b07a4a7575f8070ee8
Sha1:   0196756cacdb61ef40483af7ea982b699b0933de
Sha256: 80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
etag: "15e54-6328ff50-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5fb577a6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Fri, 11 Nov 2022 19:25:02 GMT
etag: "e27f-636ea18e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15584
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (601)
Size:   15584
Md5:    545223f1972e0c33fa253ad19634598e
Sha1:   239a19cf7261673b59a915f0f7018e56530a32ab
Sha256: 15095633b71edfb16e0ea4110a089d6b70d1165c5591724c6ab19f394ca2d0e8

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "d9c7-636b4e99-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11711
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (55566)
Size:   11711
Md5:    4f55b569c93d063120210a6859cab84a
Sha1:   8c1065b740ae27bb5d9e71a308433b2547f68b9b
Sha256: b3a66914862beaeab2e9c1a6c65066ea6ed7bcc6162c4c640ee45d5078717df4

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "72cb-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3332
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29344)
Size:   3332
Md5:    18cdf27faab4d75628e8fc27617ee12a
Sha1:   0d16e18ed0ffadc6ae04146ba8e0ad098c0f27d7
Sha256: b4dba1d530655d63b23d305d935fc07e3d4da5050139efa333f1b316e9958bfa

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "6801-636b4e99-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3950
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26440)
Size:   3950
Md5:    a2e2887e666bfc0b5029000ea6baa077
Sha1:   b081b105977789d47a9195f3d5b7b1f8c6417746
Sha256: f43840e5ec035343b73d070304d320677d7f92e278ede50e36878c1617d881bb

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "2dff-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11736)
Size:   906
Md5:    dfa4e3add9f185eaf959509b12a3f2f2
Sha1:   e9fcec09acb8cb18203b3c9c4133ab808576df38
Sha256: 060ede880f21b0bfe96d2e2b5f36606cef794e7e8814d1baf877c4868eca8a43

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 07:06:09 GMT
etag: "332b-636b5161-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2715
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2715
Md5:    5b0423ee3d18d6b3a6b3df15890e97f2
Sha1:   fc3a62e6840a9e8e8516118aceb024dcefabcd76
Sha256: 75a12619fcc5e0934ba7964ab9fd3a2771122bbff2850510534752f5cc3ce2ab

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/dynamic-visibility.min.css?ver=2.2.11 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "4d9-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 419
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1241), with no line terminators
Size:   419
Md5:    2f8fea788439d39172aea491242a1687
Sha1:   f90dc1e2cabea8304a4589c2214b4af74e86e31e
Sha256: f17f5f232d0fbbc8d9a7ea32759357769b7a16cbd2225f0fadb22b2959357085

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "6272-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25115)
Size:   6935
Md5:    e8d8c6e4997a420abc51e5fa8c1caa8b
Sha1:   39ae930f057de725cff8549eed82f31f8d0816c1
Sha256: 730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "c5c-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 953
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3164), with no line terminators
Size:   953
Md5:    4a7d773f90facef221a9cfa11bdb2973
Sha1:   5ecb3100b641b2af7f7d56533a14b23fcaf15787
Sha256: 0fe42ed1de09f98dd0cc32f562d016a8d9cc13fcd0a0d407a11a66714c999fca

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "135d-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   2044
Md5:    918938b0ee6977d6506f2e0fa248bd66
Sha1:   292ba27818bec580f76945b53fee4ff6cddcb2c2
Sha256: a1da723cfdb1f8ea57aa7278637d07a83f39ff410dfbba24d8205882a110444e

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "1440-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2194
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5141)
Size:   2194
Md5:    caa07ca905fef1976a5a6053956f1205
Sha1:   86ba279cf3cb9c5f506a831c380cb9881fac0bc6
Sha256: ace878313ba51c13c8d6b5debfe37f4cdd2bb8ea0019ac03cddca95c7b34c1c2

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "80b3-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32907)
Size:   10425
Md5:    72fd7d7a61961996172a081cb3eed6cb
Sha1:   7f6d4dc14ef08153606c57d374fd50b685ba383d
Sha256: 757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
etag: "194b-62549ee6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2354
Md5:    4e773d7cec56bacab6d2db420be6f262
Sha1:   c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
Sha256: 5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
etag: "132e-62549ee6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   1575
Md5:    06a8ac0e71976bc143cfa7861a31169d
Sha1:   def6031fe13259bf17752661832d815e37068bf2
Sha256: e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 21 Sep 2022 01:13:30 GMT
etag: "459f-632a653a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size:   6335
Md5:    fecbc00e8af71d8cfb678cd811c7cb2e
Sha1:   44e5dd77f62cb5c67271442b75cdff10d45f2f8d
Sha256: d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
etag: "2fa6-5876a524-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   2867
Md5:    869caa171b68cbec9fee5abbfb944ee8
Sha1:   f237e485e41f88b77384cfdb880f9d5a8f46eac8
Sha256: 25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
etag: "27f6-632e94ca-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3717
Md5:    f7acc55c5b34188d3e66c5f2ecf3ba80
Sha1:   802270f7a221e406af63d622d364b119d912c15b
Sha256: 826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
etag: "53c0-632e94ca-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   6800
Md5:    3d0ff0f6731d9cef860af9a5a0e3ce62
Sha1:   13aed444304d782039e261475c8b4450b83e743e
Sha256: e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "52d7-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5442
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21164)
Size:   5442
Md5:    caa94b71279d7791ccb0e467f86bc193
Sha1:   fda95846a1727a8e4e1591a7d78846578234159d
Sha256: 87acb46da9dd7afe173d9fbb47125ed8bb03559b11184cf34a9722614a3deba0

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "9e41-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11702
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40474)
Size:   11702
Md5:    cf45d3e8044770ba8eabf3833e30fdbe
Sha1:   90f787b69fa2f83b87c28f3caa67985b04b333bd
Sha256: c83321c916d9ca392150cf727108c0927ce9394be70e9b08920cff666f823fb4

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "5f3e-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5293
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24339)
Size:   5293
Md5:    01a40aed2973cdba31c9381507f66b09
Sha1:   303adcf7a91bd4137dbb27dd4b274bcae3272aec
Sha256: 11a1b8d084703cc507f7cb7e167baabe24d3f93918e7815a0f24b4df34046296

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "ca4-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1254
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3235)
Size:   1254
Md5:    91194abbabb66c22700e71f20e1e6044
Sha1:   38c55fe048913b6bb019340944be577d045c42cc
Sha256: cd144b8d1080b1c8e61c85a9357fea64c7b5be3ccbcef5c8f5301fab8eab999a

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 09:51:25 GMT
etag: "7a1-63720f9d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 274
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1953), with no line terminators
Size:   274
Md5:    62f15dd5ac87f919a337d91c703ebad7
Sha1:   b954316dbc3cadbfc3ac2d893a09db4fde8d45fd
Sha256: c2a33cb754f82f14ff0e3ee74107997f14694482a313324d028afa82b2d4eaed

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Mon, 14 Nov 2022 09:51:25 GMT
etag: "a8e-63720f9d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 815
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (531)
Size:   815
Md5:    37bebd05775766e2d0ef325c9e7900e2
Sha1:   6a6b2e41a298cf6eadae24572416ecbcb50fdb5d
Sha256: 324a6ba7d7a052ff1f59eff33885b75082642e8de42fcf457b06a278229d1b51

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
etag: "48b9-62559a20-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
age: 520231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 537408
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 517812
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:31:05 GMT
expires: Thu, 09 Nov 2023 19:31:05 GMT
cache-control: public, max-age=31536000
age: 517995
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size:   7840
Md5:    8d91ec1ca2d8b56640a47117e313a3e9
Sha1:   a9e9bafe64666f4595051a0e895b47a5fa39e67e
Sha256: 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 21:48:50 GMT
expires: Thu, 09 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 509730
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
etag: "16cbc-62e7527a-0;;;"
accept-ranges: bytes
content-length: 93372
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Size:   93372
Md5:    aab0bb3379e0eb7ebc26071db61fbd57
Sha1:   711c8d350c4192c2f1aa7f73551445b89fb4b161
Sha256: 691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "33dc-60cb571c-0;;;"
accept-ranges: bytes
content-length: 13276
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size:   13276
Md5:    f0f8230116992e521526097a28f54066
Sha1:   0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
Sha256: 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "12bdc-60cb571c-0;;;"
accept-ranges: bytes
content-length: 76764
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size:   76764
Md5:    f7307680c7fe85959f3ecf122493ea7d
Sha1:   fce0da592a3e536d6d5df5b50cb513398d8c5161
Sha256: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "13174-60cb571c-0;;;"
accept-ranges: bytes
content-length: 78196
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size:   78196
Md5:    e8a427e15cc502bef99cfd722b37ea98
Sha1:   a9922842a120a7f1eaced667480c5e185a106d69
Sha256: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-regular-400.woff2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "350c-636b4e99-0;;;"
accept-ranges: bytes
content-length: 13580
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13580, version 329.-1049\012- data
Size:   13580
Md5:    e07d9e40b26048d9abe2ef966cd6e263
Sha1:   c744217caa82b3245cffa2714aaf2ec9f749614d
Sha256: 6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "126b0-636b4e99-0;;;"
accept-ranges: bytes
content-length: 75440
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Size:   75440
Md5:    b5cf8ae26748570d8fb95a47f46b69e1
Sha1:   07bed153d47f9129a944ee54dd72952deed074c8
Sha256: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2 HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/font-woff2
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "1230c-636b4e99-0;;;"
accept-ranges: bytes
content-length: 74508
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74508, version 329.-1049\012- data
Size:   74508
Md5:    7559b3774a0625e8ca6c0160f8f6cfd8
Sha1:   a403af3337e6207d144b998b9c3bed439af562a9
Sha256: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "ce9-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1173
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3262)
Size:   1173
Md5:    38771e556abbb38b6c8c9e69eab9610a
Sha1:   c99a3a108bb53142b8cdcb759e0311c880e94128
Sha256: dfdb679b3a296294e582ab8dde42a44f26abaa0dfb6f84817b3e7bf7ce16bd0a

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "54f-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1320)
Size:   599
Md5:    b59e163b50b8e62a7e08b4ce88241b48
Sha1:   4f45b1e9e0270133c35c43a1a33d5b2d292b8693
Sha256: 73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /wp-content/uploads/2022/11/innovators-logo.png HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
last-modified: Fri, 11 Nov 2022 14:09:49 GMT
etag: "2f6b0-636e57ad-0;;;"
accept-ranges: bytes
content-length: 194224
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1247 x 279, 8-bit/color RGBA, non-interlaced\012- data
Size:   194224
Md5:    0f5600b12eb460644ec307ae9e0f5b63
Sha1:   40e73e69c6b1a776964e09a462461b9c5780cc59
Sha256: d690ac8e923b2b897a69ef2efa0a4d49f906f22722f73cfc80f5894d26f80164

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 18:41:09 GMT
expires: Tue, 15 Nov 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 2592
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /g/collect?v=2&tid=G-CPGNPPWBXQ&gtm=2oeb90&_p=1402242030&gdid=dZTNiMT&cid=1474749763.1668540260&ul=en-us&sr=1280x1024&_s=1&sid=1668540260&sct=1&seg=0&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://innovators.com.pk
date: Tue, 15 Nov 2022 19:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /j/collect?v=1&_v=j98&aip=1&a=1402242030&t=pageview&_s=1&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAACAAI~&jid=565956632&gjid=1703569146&cid=1474749763.1668540260&tid=UA-244826791-1&_gid=538220887.1668540261&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=943193482 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://innovators.com.pk
date: Tue, 15 Nov 2022 19:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         199.188.200.196
HTTP/2 404 Not Found
content-type: text/html
                                        
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 15 Nov 2022 19:24:21 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7982
x-amzn-requestid: 35753773-2e2d-4def-a9ef-6224343d62e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bklm8E9qoAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b62c-46372f151eb5ba9f0f5ec3a0;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:29:48 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T8ocx27r2N_V74-jyk23ATbGtw9TJBqSRB0MK0Kahre8ESS5kM_9lQ==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 77821
etag: "0d61ccdb959e45368a9f6ada26679974374d81a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7982
Md5:    508368e91f7702272c5610f905e4204b
Sha1:   0d61ccdb959e45368a9f6ada26679974374d81a2
Sha256: bd3b3d55264bccbbf647577e3f93c35dd56840967713fcb948e67426c8a71b38
                                        
                                            GET /tibe/?qbot.zip HTTP/1.1 
Host: innovators.com.pk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         199.188.200.196
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://innovators.com.pk/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 1f1_HTTP.404,1f1_404,1f1_URL.fbdf658f78b70839ededf2b6e2927e36,1f1_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 19:24:18 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed