r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Tue, 15 Nov 2022 20:10:48 GMT
Date: Tue, 15 Nov 2022 19:24:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fe5a11c3ca8a150aad830b739f24b58
898b730b1a66dd49c6f018333ba828410f63f347
2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2534
Cache-Control: max-age=143347
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:14 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 11:13:21 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 18:44:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2388
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Tue, 15 Nov 2022 22:06:47 GMT
Date: Tue, 15 Nov 2022 19:24:14 GMT
Connection: keep-alive
innovators.com.pk/tibe/index.php?qbot.zip
199.188.200.196301 Moved Permanently 707 B URL HTTP/1.1 innovators.com.pk/tibe/index.php?qbot.zip
IP 199.188.200.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tibe/index.php?qbot.zip HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 15 Nov 2022 19:24:14 GMT
server: LiteSpeed
location: https://innovators.com.pk/tibe/index.php?qbot.zip
x-turbo-charged-by: LiteSpeed
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 79j0ueTw55h23BpbXeZf3PWpOMUOjRU7q9bS/ZbfOI753/CW0udeRGu/KfLUIaxR5QEliSmG0CY=
x-amz-request-id: DCSH7N9Z2FNKNXX4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 18:51:41 GMT
age: 1953
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 19:24:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 18:44:48 GMT
cache-control: public,max-age=3600
age: 2366
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de57a2d376db743a3987c454889f1f21
0defab699bdb1b158026f93c2dd105bcd65f6764
b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=142246
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:15 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 10:55:01 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 22c78d7346514da43fb5498ce3eb64da
a2005f9ac5fc239443c92f4a3240cafba06a8cfa
ece0eb8a090560aa8de5c986ad6b87a75aa2f55aefe3fa5cfc733558494d7b21
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 19:24:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 11:04:19 GMT
Expires: Sat, 19 Nov 2022 11:04:18 GMT
Etag: "a2005f9ac5fc239443c92f4a3240cafba06a8cfa"
Cache-Control: max-age=315002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76aa5db1ffc00b31-OSL
innovators.com.pk/tibe/index.php?qbot.zip
199.188.200.196301 Moved Permanently 0 B URL HTTP/2 innovators.com.pk/tibe/index.php?qbot.zip
IP 199.188.200.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tibe/index.php?qbot.zip HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://innovators.com.pk/tibe/?qbot.zip
x-litespeed-cache: hit
content-length: 0
date: Tue, 15 Nov 2022 19:24:15 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R97T9k82/47spnWzr95/4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yNun/5HGue0X+WcyoLji/6igPMI=
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b891dd714ee24b92f59f0697dd45c2b4
8b54f502df3eb318b87ff8a3313007876752e181
d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5856
x-amzn-requestid: b6972c46-67c1-4928-85d3-f8fe5f086449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhQaYHsHoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370610f-4ad4de3440d05bce46b54ebd;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:14:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Rd662WbccpmBSTlfWbSNYkXLKRCTr3-HGg9m4S_CNQ5kqcnPalr41w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:23:46 GMT
age: 57630
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfe73af-53c0-4706-a320-987a036d5df3.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfe73af-53c0-4706-a320-987a036d5df3.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11b09e0954b0c369b17157cbec3a9faa
e58d41c729265821354d74bf3ede201367c26520
10c5a9996520f504c1fd3e0b7f3d534e67e062067f5708c92ab6bea92f252653
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfe73af-53c0-4706-a320-987a036d5df3.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13491
x-amzn-requestid: c1c11381-c73e-4068-aafd-4a2e9db024f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blxEFG06IAMFk8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63722ee6-5b5137ae63a9d76c3d4d0957;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 12:04:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nch-1WcsrA2j8uYLqPgXIjUc3VD3JP7XMYS_zTPEUrPL8Uj9xx0ICg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 11:24:51 GMT
age: 28765
etag: "e58d41c729265821354d74bf3ede201367c26520"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c5f45accbd2d3551103631fa77deee8f
7295ef4c52bcea1be24b963d7ff170ef5bacf713
495e2cef9d9ebec66f1ddcf478512af7e37a301b562d7b75e5d28bb7753d2290
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9311
x-amzn-requestid: ccbd88f7-a72f-4f7c-868d-907b2dbea1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ9_UEQ4IAMFmzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d76c8-4c0b800d7bf5064346932e15;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 22:10:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bJa_vwFYVNizWkPP2aLO8cOJiMqMfZmD34-hAnOlmJ0K2OO3dghWvw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 22:09:42 GMT
age: 76474
etag: "7295ef4c52bcea1be24b963d7ff170ef5bacf713"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e60bbf3-9422-488d-8fc3-b942a7bc67d2.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e60bbf3-9422-488d-8fc3-b942a7bc67d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0138b29a33ea685f16770ad6511eb94
96a279ef747100ca1530629b9d9dddddeb43dfe8
f0e4dd8749367d88b12842001092cdf342fa4564ed32a84b10b675c51a698606
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e60bbf3-9422-488d-8fc3-b942a7bc67d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12232
x-amzn-requestid: 31aee9c3-a611-422b-856b-1daedb73a9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDuGTOoAMFv6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-2b9c63155d3afdcd6b1e0d64;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nCXTCDxQ4kNQrufgQqwb7SEPHmBiump67lKPmDSar-sX1F1qaXVppg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:53:54 GMT
age: 77422
etag: "96a279ef747100ca1530629b9d9dddddeb43dfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4af82634a56d0978c9b4689c8b7eb8ae
4b40ef08bd37cabfcb937053dd58012abdd6620f
476a9f850cfbe41adea1d699fdf4f04424674c53b268681fa6fc0e226bed0797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6318
x-amzn-requestid: 6469c84d-fc45-470e-a438-2fb81dae70c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtyHpXoAMFfWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff1-53ab9291301773c048f69696;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w-ycM-G6gAU8xssl0r8gTPLLLimSjv4M5VUONl8bynl_A2EzlmXoaw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:53:51 GMT
age: 55825
etag: "4b40ef08bd37cabfcb937053dd58012abdd6620f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqIZqrKKIWszHFwass9Cd-GNxQ5Q9z3_2haPPGprjVDal71MQDurqw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 22:15:12 GMT
age: 76144
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2316d2d43aee9525cdb65b3eb2ff53a0
cad4229071cf919cb3471632ac4924cfd1a97431
99d5cce0549dbb29351735d3e15f9cde16b2ca18c57581c8110b2c54998fa28d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-244826791-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-244826791-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 655fe3d165d3352d17e71114a44c8d7c
0d80f356e079d02a86545508c9ad859a6484d22c
a7ea8288beacf2a6039e9a45278df62e0085f5e49ae96c9daa31ead26af95c98
GET /gtag/js?id=UA-244826791-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 19:24:19 GMT
expires: Tue, 15 Nov 2022 19:24:19 GMT
cache-control: private, max-age=900
last-modified: Tue, 15 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1
142.250.74.10200 OK 2.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1
IP 142.250.74.10:0
Hash f63ebba716c0a0bd15f1ed0da72641f2
88bf6d34a6e1f9dfcfb8830c036df360b2911f66
38404d0a0556352a9f9335854921a449c052a01ae2a67c0a75d8388edd286ada
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 19:24:19 GMT
date: Tue, 15 Nov 2022 19:24:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.2.11
199.188.200.196200 OK 1.5 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.2.11
IP 199.188.200.196:0
Hash e09c5536c2d1b5c34800367c1f2751ff
e4cd8a236a33c47d3fd3a692828271ef74b5c928
a9bf3e639ae5b234038b5d9742f85c444eaa0855601fd80b70df229bb8b52500
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "3cfb-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1524
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-admin/css/color-picker.min.css?ver=6.1
199.188.200.196200 OK 752 B URL HTTP/2 innovators.com.pk/wp-admin/css/color-picker.min.css?ver=6.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (3091)
Hash 882e79fbe85ac383edec7af9633e83db
76ba60a4c246c4588f462d1dbb23a69d0e325820
aada4f8c4f921864dc9c74704525fc42d2b1c337b61a171d678f06ab57c7f66f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-admin/css/color-picker.min.css?ver=6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 02:11:08 GMT
etag: "c36-605bf13c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 752
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1
199.188.200.196200 OK 12 kB URL HTTP/2 innovators.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (47826)
Hash 3f7f7fa954242b63cf5127c14417c6e5
712c7c9ea049d297e3fb27d3c805be5c5867c4d4
e274dc85b6107cb6054dbee83ddb1e3dda3162ca8f93b16b2d692a451cf9511d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 26 Oct 2022 04:49:42 GMT
etag: "17265-6358bc66-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11601
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
199.188.200.196200 OK 1.7 kB URL HTTP/2 innovators.com.pk/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (6051), with no line terminators
Hash cfe4870b943b2ade39a643e3a3d6d809
f1f4e04c908b19fa0a5a5b09de5b6b1dfc113f05
00f239a7fb673f1d8ab2db67b74e0bae64d103e520ee209c18e21b5bff3fb509
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "17a3-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1711
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/css/classic-themes.min.css?ver=1
199.188.200.196200 OK 217 B URL HTTP/2 innovators.com.pk/wp-includes/css/classic-themes.min.css?ver=1
IP 199.188.200.196:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
etag: "d9-63586e04-0;;;"
accept-ranges: bytes
content-length: 217
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
199.188.200.196200 OK 2.4 kB URL HTTP/2 innovators.com.pk/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (15672), with no line terminators
Hash 0c53a727a9801d2d872125ab96be97df
40616b12b4a9f2e4533f9adc6f965ca2b44581e0
8a69f47fdb908591cba1faa64f3807cbb3b82e12f0fe099c6bcbd31213f3bea9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "3d38-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2418
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
199.188.200.196200 OK 12 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (65497)
Hash eae4534b9e0b15aaf7ad9f3111688549
4bde4256711207e4a95c1376f0b453cd660a63d8
b9adb98eaf24ecee30ef9b280527781e217f6e3829b8e22e5a42f7f14819cfec
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "19538-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12400
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/uploads/elementor/css/post-5.css?ver=1668393793
199.188.200.196200 OK 347 B URL HTTP/2 innovators.com.pk/wp-content/uploads/elementor/css/post-5.css?ver=1668393793
IP 199.188.200.196:0
File type ASCII text, with very long lines (1209), with no line terminators
Hash 8ab37cc06a842b27836844a668a649e4
2e44e4c795e92e77395ec7c069afce5148e635e9
7781acd2dd225d38a1849e45ca4d88899042670d60f97217bcc4966e157fba84
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-5.css?ver=1668393793 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:43:13 GMT
etag: "4b9-6371ab41-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 347
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
199.188.200.196200 OK 3.6 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 199.188.200.196:0
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
etag: "4b4f-62e7527a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/style.min.css?ver=2.2.11
199.188.200.196200 OK 1.6 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/style.min.css?ver=2.2.11
IP 199.188.200.196:0
File type ASCII text, with very long lines (6741), with no line terminators
Hash 987ac0c37f369d4cbe6c82c383c7585e
d780139386a62d79c4995c20af2ca06580d2adfc
0530b30bdd29edb37249f26b43d573fc6e6a8dfea25016ea2d6c2e7dd0b71bc1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/style.min.css?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "1a55-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1597
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2
199.188.200.196200 OK 1.5 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2
IP 199.188.200.196:0
File type ASCII text, with very long lines (11362)
Hash c4f251672b663c97ff6f30bc8d778179
e218078a120fe36bb62d4d0ef50e0e0f761cce50
a507d02d59d0e8a0aea204b3f46ed6c980319e140e10a548cd2014d5af9904cb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "2c8d-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1505
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/css/dashicons.min.css?ver=6.1
199.188.200.196200 OK 35 kB URL HTTP/2 innovators.com.pk/wp-includes/css/dashicons.min.css?ver=6.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (58981)
Hash 54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 04 Mar 2021 07:46:22 GMT
etag: "e688-6040904e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/uploads/elementor/css/post-1417.css?ver=1668393795
199.188.200.196200 OK 1.2 kB URL HTTP/2 innovators.com.pk/wp-content/uploads/elementor/css/post-1417.css?ver=1668393795
IP 199.188.200.196:0
File type ASCII text, with very long lines (5373)
Hash e641ca5ecb4416d3667e897ca708da68
dcecae8cbddb2fa38b1f331e0102e78b03a2bb68
cd75054a0855f7b2e8a35a71c7d0c8db4daeffd6ac9e04c9473478ca0bed7e1a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1417.css?ver=1668393795 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:43:15 GMT
etag: "2457-6371ab43-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1155
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/uploads/elementor/css/post-823.css?ver=1668393795
199.188.200.196200 OK 1.2 kB URL HTTP/2 innovators.com.pk/wp-content/uploads/elementor/css/post-823.css?ver=1668393795
IP 199.188.200.196:0
File type ASCII text, with very long lines (8146), with no line terminators
Hash 52fa9c65f32e5cde7241162796c33ba4
d9fe9bcf060b0d8be36189aac610f40fbae3fad9
a53f275368144c439d2bb3132ef22dfc9264b811cb66b485308ece171d0dfe1d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-823.css?ver=1668393795 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:43:15 GMT
etag: "1fd2-6371ab43-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1151
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/uploads/elementor/css/global.css?ver=1668393794
199.188.200.196200 OK 2.9 kB URL HTTP/2 innovators.com.pk/wp-content/uploads/elementor/css/global.css?ver=1668393794
IP 199.188.200.196:0
File type ASCII text, with very long lines (18950)
Hash 456aad85066fc984d3a9442b6a3c227f
d146c2c2ebe5dffc66222b57f97a4d830b6732b0
280727c9052d503f42ddc5c325b41ad833139867333cfbff21f41af2c383a2c3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1668393794 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:43:14 GMT
etag: "ab55-6371ab42-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2893
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
199.188.200.196200 OK 283 B URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 199.188.200.196:0
File type ASCII text, with very long lines (491)
Hash 453a93dc816be89f942ebb253ff199fb
01563d6019803e3ff2a94c5397e7e771ee6f440d
36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "2a5-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 283
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
199.188.200.196200 OK 12 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 199.188.200.196:0
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "e238-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
199.188.200.196200 OK 286 B URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 199.188.200.196:0
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "29d-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
199.188.200.196200 OK 284 B URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 199.188.200.196:0
File type ASCII text, with very long lines (489)
Hash dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "2a3-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
199.188.200.196200 OK 30 kB URL HTTP/2 innovators.com.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
etag: "15e54-6328ff50-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
199.188.200.196200 OK 4.0 kB URL HTTP/2 innovators.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 199.188.200.196:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5fb577a6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0
199.188.200.196200 OK 16 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0
IP 199.188.200.196:0
File type ASCII text, with very long lines (601)
Hash 545223f1972e0c33fa253ad19634598e
239a19cf7261673b59a915f0f7018e56530a32ab
15095633b71edfb16e0ea4110a089d6b70d1165c5591724c6ab19f394ca2d0e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Nov 2022 19:25:02 GMT
etag: "e27f-636ea18e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15584
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
199.188.200.196200 OK 12 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
IP 199.188.200.196:0
File type ASCII text, with very long lines (55566)
Hash 4f55b569c93d063120210a6859cab84a
8c1065b740ae27bb5d9e71a308433b2547f68b9b
b3a66914862beaeab2e9c1a6c65066ea6ed7bcc6162c4c640ee45d5078717df4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "d9c7-636b4e99-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11711
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
199.188.200.196200 OK 3.3 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
IP 199.188.200.196:0
File type ASCII text, with very long lines (29344)
Hash 18cdf27faab4d75628e8fc27617ee12a
0d16e18ed0ffadc6ae04146ba8e0ad098c0f27d7
b4dba1d530655d63b23d305d935fc07e3d4da5050139efa333f1b316e9958bfa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "72cb-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3332
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css
199.188.200.196200 OK 4.0 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css
IP 199.188.200.196:0
File type ASCII text, with very long lines (26440)
Hash a2e2887e666bfc0b5029000ea6baa077
b081b105977789d47a9195f3d5b7b1f8c6417746
f43840e5ec035343b73d070304d320677d7f92e278ede50e36878c1617d881bb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "6801-636b4e99-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3950
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
199.188.200.196200 OK 906 B URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 199.188.200.196:0
File type ASCII text, with very long lines (11736)
Hash dfa4e3add9f185eaf959509b12a3f2f2
e9fcec09acb8cb18203b3c9c4133ab808576df38
060ede880f21b0bfe96d2e2b5f36606cef794e7e8814d1baf877c4868eca8a43
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "2dff-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22
199.188.200.196200 OK 2.7 kB URL HTTP/2 innovators.com.pk/wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22
IP 199.188.200.196:0
Hash 5b0423ee3d18d6b3a6b3df15890e97f2
fc3a62e6840a9e8e8516118aceb024dcefabcd76
75a12619fcc5e0934ba7964ab9fd3a2771122bbff2850510534752f5cc3ce2ab
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 07:06:09 GMT
etag: "332b-636b5161-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2715
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/dynamic-visibility.min.css?ver=2.2.11
199.188.200.196200 OK 419 B URL HTTP/2 innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/dynamic-visibility.min.css?ver=2.2.11
IP 199.188.200.196:0
File type ASCII text, with very long lines (1241), with no line terminators
Hash 2f8fea788439d39172aea491242a1687
f90dc1e2cabea8304a4589c2214b4af74e86e31e
f17f5f232d0fbbc8d9a7ea32759357769b7a16cbd2225f0fadb22b2959357085
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/dynamic-visibility.min.css?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "4d9-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 419
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
199.188.200.196200 OK 6.9 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (25115)
Hash e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "6272-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
199.188.200.196200 OK 953 B URL HTTP/2 innovators.com.pk/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP 199.188.200.196:0
File type ASCII text, with very long lines (3164), with no line terminators
Hash 4a7d773f90facef221a9cfa11bdb2973
5ecb3100b641b2af7f7d56533a14b23fcaf15787
0fe42ed1de09f98dd0cc32f562d016a8d9cc13fcd0a0d407a11a66714c999fca
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "c5c-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 953
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
199.188.200.196200 OK 2.0 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (4918)
Hash 918938b0ee6977d6506f2e0fa248bd66
292ba27818bec580f76945b53fee4ff6cddcb2c2
a1da723cfdb1f8ea57aa7278637d07a83f39ff410dfbba24d8205882a110444e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "135d-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2
199.188.200.196200 OK 2.2 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2
IP 199.188.200.196:0
File type ASCII text, with very long lines (5141)
Hash caa07ca905fef1976a5a6053956f1205
86ba279cf3cb9c5f506a831c380cb9881fac0bc6
ace878313ba51c13c8d6b5debfe37f4cdd2bb8ea0019ac03cddca95c7b34c1c2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "1440-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2194
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
199.188.200.196200 OK 10 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 199.188.200.196:0
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 72fd7d7a61961996172a081cb3eed6cb
7f6d4dc14ef08153606c57d374fd50b685ba383d
757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "80b3-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
199.188.200.196200 OK 2.4 kB URL HTTP/2 innovators.com.pk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 199.188.200.196:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
etag: "194b-62549ee6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
199.188.200.196200 OK 1.6 kB URL HTTP/2 innovators.com.pk/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 199.188.200.196:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
etag: "132e-62549ee6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
199.188.200.196200 OK 6.3 kB URL HTTP/2 innovators.com.pk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 199.188.200.196:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 01:13:30 GMT
etag: "459f-632a653a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
199.188.200.196200 OK 2.9 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 199.188.200.196:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
etag: "2fa6-5876a524-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
199.188.200.196200 OK 3.7 kB URL HTTP/2 innovators.com.pk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 199.188.200.196:0
Hash f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
etag: "27f6-632e94ca-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
199.188.200.196200 OK 6.8 kB URL HTTP/2 innovators.com.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 199.188.200.196:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
etag: "53c0-632e94ca-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2
199.188.200.196200 OK 5.4 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2
IP 199.188.200.196:0
File type ASCII text, with very long lines (21164)
Hash caa94b71279d7791ccb0e467f86bc193
fda95846a1727a8e4e1591a7d78846578234159d
87acb46da9dd7afe173d9fbb47125ed8bb03559b11184cf34a9722614a3deba0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "52d7-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5442
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
199.188.200.196200 OK 12 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (40474)
Hash cf45d3e8044770ba8eabf3833e30fdbe
90f787b69fa2f83b87c28f3caa67985b04b333bd
c83321c916d9ca392150cf727108c0927ce9394be70e9b08920cff666f823fb4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "9e41-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11702
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2
199.188.200.196200 OK 5.3 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2
IP 199.188.200.196:0
File type ASCII text, with very long lines (24339)
Hash 01a40aed2973cdba31c9381507f66b09
303adcf7a91bd4137dbb27dd4b274bcae3272aec
11a1b8d084703cc507f7cb7e167baabe24d3f93918e7815a0f24b4df34046296
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "5f3e-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5293
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2
199.188.200.196200 OK 1.3 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2
IP 199.188.200.196:0
File type ASCII text, with very long lines (3235)
Hash 91194abbabb66c22700e71f20e1e6044
38c55fe048913b6bb019340944be577d045c42cc
cd144b8d1080b1c8e61c85a9357fea64c7b5be3ccbcef5c8f5301fab8eab999a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "ca4-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1254
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11
199.188.200.196200 OK 274 B URL HTTP/2 innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11
IP 199.188.200.196:0
File type ASCII text, with very long lines (1953), with no line terminators
Hash 62f15dd5ac87f919a337d91c703ebad7
b954316dbc3cadbfc3ac2d893a09db4fde8d45fd
c2a33cb754f82f14ff0e3ee74107997f14694482a313324d028afa82b2d4eaed
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 14 Nov 2022 09:51:25 GMT
etag: "7a1-63720f9d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 274
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11
199.188.200.196200 OK 815 B URL HTTP/2 innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11
IP 199.188.200.196:0
File type ASCII text, with very long lines (531)
Hash 37bebd05775766e2d0ef325c9e7900e2
6a6b2e41a298cf6eadae24572416ecbcb50fdb5d
324a6ba7d7a052ff1f59eff33885b75082642e8de42fcf457b06a278229d1b51
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 14 Nov 2022 09:51:25 GMT
etag: "a8e-63720f9d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 815
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1
199.188.200.196200 OK 4.6 kB URL HTTP/2 innovators.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 199.188.200.196:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
etag: "48b9-62559a20-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 520231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 537408
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 517812
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:31:05 GMT
expires: Thu, 09 Nov 2023 19:31:05 GMT
cache-control: public, max-age=31536000
age: 517995
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 21:48:50 GMT
expires: Thu, 09 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 509730
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
199.188.200.196200 OK 93 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 199.188.200.196:0
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
etag: "16cbc-62e7527a-0;;;"
accept-ranges: bytes
content-length: 93372
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
199.188.200.196200 OK 13 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 199.188.200.196:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "33dc-60cb571c-0;;;"
accept-ranges: bytes
content-length: 13276
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
199.188.200.196200 OK 77 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 199.188.200.196:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "12bdc-60cb571c-0;;;"
accept-ranges: bytes
content-length: 76764
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
199.188.200.196200 OK 78 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 199.188.200.196:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "13174-60cb571c-0;;;"
accept-ranges: bytes
content-length: 78196
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-regular-400.woff2
199.188.200.196200 OK 14 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-regular-400.woff2
IP 199.188.200.196:0
File type Web Open Font Format (Version 2), TrueType, length 13580, version 329.-1049\012- data
Hash e07d9e40b26048d9abe2ef966cd6e263
c744217caa82b3245cffa2714aaf2ec9f749614d
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-regular-400.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "350c-636b4e99-0;;;"
accept-ranges: bytes
content-length: 13580
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2
199.188.200.196200 OK 75 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2
IP 199.188.200.196:0
File type Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Hash b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "126b0-636b4e99-0;;;"
accept-ranges: bytes
content-length: 75440
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2
199.188.200.196200 OK 74 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2
IP 199.188.200.196:0
File type Web Open Font Format (Version 2), TrueType, length 74508, version 329.-1049\012- data
Hash 7559b3774a0625e8ca6c0160f8f6cfd8
a403af3337e6207d144b998b9c3bed439af562a9
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "1230c-636b4e99-0;;;"
accept-ranges: bytes
content-length: 74508
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
199.188.200.196200 OK 1.2 kB URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP 199.188.200.196:0
File type ASCII text, with very long lines (3262)
Hash 38771e556abbb38b6c8c9e69eab9610a
c99a3a108bb53142b8cdcb759e0311c880e94128
dfdb679b3a296294e582ab8dde42a44f26abaa0dfb6f84817b3e7bf7ce16bd0a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "ce9-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1173
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
199.188.200.196200 OK 599 B URL HTTP/2 innovators.com.pk/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 199.188.200.196:0
File type ASCII text, with very long lines (1320)
Hash b59e163b50b8e62a7e08b4ce88241b48
4f45b1e9e0270133c35c43a1a33d5b2d292b8693
73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "54f-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
innovators.com.pk/wp-content/uploads/2022/11/innovators-logo.png
199.188.200.196200 OK 194 kB URL HTTP/2 innovators.com.pk/wp-content/uploads/2022/11/innovators-logo.png
IP 199.188.200.196:0
File type PNG image data, 1247 x 279, 8-bit/color RGBA, non-interlaced\012- data
Size 194 kB (194224 bytes)
Hash 0f5600b12eb460644ec307ae9e0f5b63
40e73e69c6b1a776964e09a462461b9c5780cc59
d690ac8e923b2b897a69ef2efa0a4d49f906f22722f73cfc80f5894d26f80164
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/innovators-logo.png HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: image/png
last-modified: Fri, 11 Nov 2022 14:09:49 GMT
etag: "2f6b0-636e57ad-0;;;"
accept-ranges: bytes
content-length: 194224
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 18:41:09 GMT
expires: Tue, 15 Nov 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 2592
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-CPGNPPWBXQ>m=2oeb90&_p=1402242030&gdid=dZTNiMT&cid=1474749763.1668540260&ul=en-us&sr=1280x1024&_s=1&sid=1668540260&sct=1&seg=0&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-CPGNPPWBXQ>m=2oeb90&_p=1402242030&gdid=dZTNiMT&cid=1474749763.1668540260&ul=en-us&sr=1280x1024&_s=1&sid=1668540260&sct=1&seg=0&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-CPGNPPWBXQ>m=2oeb90&_p=1402242030&gdid=dZTNiMT&cid=1474749763.1668540260&ul=en-us&sr=1280x1024&_s=1&sid=1668540260&sct=1&seg=0&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://innovators.com.pk
date: Tue, 15 Nov 2022 19:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1402242030&t=pageview&_s=1&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAACAAI~&jid=565956632&gjid=1703569146&cid=1474749763.1668540260&tid=UA-244826791-1&_gid=538220887.1668540261&_r=1>m=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=943193482
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1402242030&t=pageview&_s=1&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAACAAI~&jid=565956632&gjid=1703569146&cid=1474749763.1668540260&tid=UA-244826791-1&_gid=538220887.1668540261&_r=1>m=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=943193482
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&aip=1&a=1402242030&t=pageview&_s=1&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAACAAI~&jid=565956632&gjid=1703569146&cid=1474749763.1668540260&tid=UA-244826791-1&_gid=538220887.1668540261&_r=1>m=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=943193482 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://innovators.com.pk
date: Tue, 15 Nov 2022 19:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
innovators.com.pk/favicon.ico
199.188.200.196404 Not Found 1.2 kB URL HTTP/2 innovators.com.pk/favicon.ico
IP 199.188.200.196:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 15 Nov 2022 19:24:21 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 508368e91f7702272c5610f905e4204b
0d61ccdb959e45368a9f6ada26679974374d81a2
bd3b3d55264bccbbf647577e3f93c35dd56840967713fcb948e67426c8a71b38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 35753773-2e2d-4def-a9ef-6224343d62e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bklm8E9qoAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b62c-46372f151eb5ba9f0f5ec3a0;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:29:48 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T8ocx27r2N_V74-jyk23ATbGtw9TJBqSRB0MK0Kahre8ESS5kM_9lQ==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 77821
etag: "0d61ccdb959e45368a9f6ada26679974374d81a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
innovators.com.pk/tibe/?qbot.zip
199.188.200.196404 Not Found 0 B URL HTTP/2 innovators.com.pk/tibe/?qbot.zip
IP 199.188.200.196:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tibe/?qbot.zip HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://innovators.com.pk/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 1f1_HTTP.404,1f1_404,1f1_URL.fbdf658f78b70839ededf2b6e2927e36,1f1_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 19:24:18 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2